More Exposure to SCADA Devices Through Shodan

Sunday, January 22, 2012

Contributed By:
Bob Radvanovsky

Wile I am certain that the majority of this membership knows what Shodan is and represents, honestly, they represent something slightly more than an automated port scanner, reporting back on some of the more common open ports (HTTP, SNMP, telnet, etc.) that appear to be "pingable" throughout the Internet.

In a recent email sent by (kudos once again goes to...) KF on recent postings on the "pastebin.com" web site by yet-another-hacker group calling themselves "#ntisec", posted web site URLs of what appears to be embedded devices.

It should be interesting to note what these devices they (#ntisec) are providing represent: building automation controls. Yes, another form of "SCADA".

There are some smart meters from several known manufacturers sprinkled into the mix, but overall many of the devices' URLs look like they may be HVAC or environmental controls.

Without knowing more, or going into further investigation about these devices, the question is whether the URLs being provided are simply "informational only", or do in fact, provide C&C functions to environmental controls of their designated owners.

One thing that appears to be a common factor is that majority of the URLs provided are utilizing the "Niagra AX" framework (http://www.niagaraax.com/cs/products/niagara_framework), which is owned and operated by "Tridium".

This appears to be a software development framework utilized for embedded or "smart" devices.

According to Tridium's main web page of their web site, they have *almost* 300,000 embedded devices utilizing their "Niagra" software (http://www.tridium.com).

Shown below are the URLs specific to this recent rash of recently discovered embedded device URLs:

http://pastebin.com/AtedM7Lj (dated 21-Jan-2012)
http://pastebin.com/P5mTphKw (dated 21-Jan-2012)
http://pastebin.com/AZq3veGM (dated 18-Jan-2012)

Though not directly related to this discussion, this URL was mentioned in the third "pastebin.com" URL, and compliments activity in trying to understand environmental control systems:

http://webwereld.nl/nieuws/109228/sporthal-gehackt-via-wijd-open-scada-systeem.html

(dated 18-Jan-2012)

Cross-posted from the SCADASEC Mailing List

Share This! |

Views:	6615
Categories:	Network Access Control SCADA
Industries:	Industrial Control Systems Information Security
Tags:	SCADA Shodan Vulnerabilities Scanners Network Security ICS Smart Meter Pastebin Industrial Control Systems Open Source Intelligence Bob Radvanovsky Niagra AX Command and Control Smart Devices SCADASEC Mailing List Embedded Device

Post Rating I Like this!

Comments:

Mike Dell Please note, ntisec is not a group. He identified himself as an artist (no IT expert) with currently too much free time.

1327435909

Bob Radvanovsky I'm sorry that I missed that -- you're right. Nonetheless, the fact that SCADA and ICS equipment vulnerabilities, exposures, disclosures, etc. are increasing is not a very comforting thought. Thanks for the correction!

1327441013

Mike Dell IMHO it's even less comforting when someone with little in-depth knowledge can do this.

1327528250

You Must Register or Login to Comment

The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.

Most Liked

Latest Member Comments

"I thought this article discuss a very important issue of security.If we have well developed technology in one particular field then we ..."

Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013

"ATM machine are for our convenience but if we are not careful they can compromise our safety. Discount theater tickets "

ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013

"A expressive case study is used to explore causation in order to find underlying principles. Case studies may be prospective in which c..."

New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013

"In the social sciences and life sciences a case study or case report is a descriptive or descriptive analysis of a someone, group or ev..."

Case Study: A Cloud Security Assessment... Caitlin Rachel on 05-21-2013