[WASC-WHID] WHID 2011-74: Wind Power Company Hacked

WASC Web Hacking Incidents Database wasc-whid at lists.webappsec.org
Mon Apr 25 09:20:24 EDT 2011

*Entry Title: *WHID 2011-74: Wind Power Company Hacked
*WHID ID: *2011-74
*Date Occurred: *April 18, 2011
*Attack Method: *Brute Force
*Application Weakness: *Insufficient Authentication
*Outcome: *Leakage of Information
*Attacked Entity Field: *SCADA
*Attacked Entity Geography: *New Mexico, USA
*Incident Description: *In an email interview with the IDG News Service,
Bigr R, said he was a former employee of NextEra's parent company, Florida
Power & Light. He said he used a bug in the Cisco Security Device Manager
software used by NextEra to break into the site. "They gave to it public IP,
so it was easy to hack into it through the Web," he said. "They used default
passwords, which I got from one of administrators. Then I obtained level 15
priv. (superuser), and understood the topology of SCADA networks. Then it
was easily to detect SCADA and turn it off."
*Mass Attack: *No
*Attack Source Geography:*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/wasc-whid_lists.webappsec.org/attachments/20110425/b7d8d1c0/attachment-0003.html>

More information about the wasc-whid mailing list