Forgot your password?
typodupeerror
Security Power

Hacker Claims He Broke Into Wind Turbine Systems 105

Posted by samzenpus
from the I've-got-the-power dept.
itwbennett writes "Claiming revenge for an 'illegitimate firing,' someone has posted screenshots and other data, apparently showing that he was able to break into a 200 megawatt wind turbine system owned by NextEra Energy Resources, a subsidiary of Florida Power & Light. In an e-mail interview, Bgr R said he's a former employee who discovered a vulnerability in the company's Cisco security management software that he then used to hack into the SCADA systems used to control the turbines. His motive was to embarrass the company, he said."
This discussion has been archived. No new comments can be posted.

Hacker Claims He Broke Into Wind Turbine Systems

Comments Filter:
  • I'm sure that NextEra Energy Resources, a subsidiary of Florida Power & Light, was mortified.
    • Wow. This just proves that you can never be too careful with your wind energy security... I had always thought of NextEra Energy Resources as one of the most secure energy systems in all of Florida, but this guy's success would seem to prove otherwise. I'll have to be more careful in the future. I may even have to privatize all of my wind energy needs... Anyone selling a turbine?
      • by Anonymous Coward

        Wow. This just proves that you can never be too careful with your wind energy security... I had always thought of NextEra Energy Resources as one of the most secure energy systems in all of Florida, but this guy's success would seem to prove otherwise. I'll have to be more careful in the future. I may even have to privatize all of my wind energy needs... Anyone selling a turbine?

        To be fair, it doesn't really prove anything. It could be a hoax, as the article mentions, and FPL is denying any knowledge of the incident ever occurring. He also didn't really give any info about the supposed vulnerability in the Cisco architecture.
        But on the other hand, they DO use a Siemans controlling system, and it would not surprise me at all if he stumbled across one of the government's "secret" backdoors.

        So without any details, the juries still out as to whether this was really hacked or not. But i

      • I have privatised all of my energy and water needs. It is a very good feeling. I haven't had a power bill in 4 years. I have had to run a generator at times mainly for battery maintenance. The fuel came mostly came from chip shop waste. Adding another 3.5Kw over the next twelve weeks which will cut generator use to pretty much battery maintenance only. If I could privatise my communications that would be great but it's never going to happen.
  • Former employee? (Score:4, Insightful)

    by atari2600a (1892574) on Monday April 18, 2011 @06:13AM (#35853646)
    Well that pretty fucking much limits the list of possible suspects now doesn't it?
  • Given that getting hacked is practically an Industry Standard Best Practice(tm) by now, I'm pretty sure that some random subsidiary of a utility company that most of its customers think of as "the power bill" will be largely immune to embarrassment, even in financial terms. If you then narrow the list of suspects down, the odds are higher than you would like of getting some slammer time in exchange for basically nothing.

    Unless pen-testing them is your job, I would say that you should either stay the hell
  • by Anonymous Coward on Monday April 18, 2011 @06:24AM (#35853708)

    News at 11.

  • by BrokenHalo (565198) on Monday April 18, 2011 @06:33AM (#35853752)

    In an e-mail interview, Bgr R said he's a former employee who discovered a vulnerability in the company's Cisco security management software that he then used to hack into the SCADA systems

    That just tripped my bullshitometer. Most Cisco systems (in my experience) are pretty robust, but an employee would have been in a good position to create an open door for himself to use later. So the "vulnerability" (if I'm right) would simply be his employer's misplaced trust in him.

    • Re: (Score:3, Insightful)

      by amanicdroid (1822516)
      Oo oo I love Cisco Jeopardy! I'll go with:

      What is he had remote access to the KVM that the Cisco's console port was connected to?
    • by olden (772043)

      ...or he just knew that the password to remotely administer the thing was 'cisco'.
      But if it was indeed so easy, he's certainly not the only one to have figured that out by now. :/

    • They are more robust than the people maintaining them. Most systems I've worked on have been years behind in updates and how do they maintain their logins? Does the entire site use the same login like I saw at one place? Did his boss keep his login and pass on a sticky note on his desk?
      • I was at a friend's workplace on Sunday and needed web access. Fortunately a co-worker had written her password on the bezel of her monitor with a Sharpie.

    • by drinkypoo (153816)

      There have been tons of remote holes in Cisco routers over the years, there are plenty of advisories just lying around for the googling. If they're running outdated IOS for some reason, it makes it all the more likely.

    • I worked for a Fortune 500 company (who shall remain nameless) that distributed the Cisco VPN client with the group password already set. I took the config file and Googled the hash, and came up with the password. Turns out that's the same password they used for the Domain Admin. I'd be surprised if it didn't go to other important things as well...

      • by splatter (39844)

        Damn I never thought of googling a hash to get a plain text, that is clever. I bow to your google-Fu...

    • It could have been a vulnerability in the configuration of the company's Cisco security management software.
  • by Huntr (951770) on Monday April 18, 2011 @06:41AM (#35853784)
    Um, not gonna work. Like most power companies, FP & L has no shame.
  • Saaaayyy... something this important, why are these jokers doing communications through the internet? It should be bloody difficult to even intercept control signals for these wind turbines, nuke power plants, etc. IOW, they should be using dedicated wires and microwave point-to-point communications with encryption, not broadcasting it all over the entire planet for everybody to be able to try to "hack" it.

    • by skids (119237)

      Well, this hack is probably a hoax, but to answer your question, a lot of the small power industry is full of people who do not let security get in the way of the bottom line, or expedience. This is less true of the well established, institutional systems... but new upstart companies and newly acquired subsidiaries sometimes shoot from the hip while they are building things. I remember reading of a hydro refurb where they were using SMS for controls on a dam. I guess part of it is that we now have people

  • by Anonymous Coward

    Hacker Claims He Broke Wind Into Turbine Systems

  • by BagOCrap (980854) on Monday April 18, 2011 @06:59AM (#35853856) Homepage

    When the shit hits the fan.

  • I'm never surprised when I hear about industrial systems getting hacked for two reasons: (1) the venerable OPC protocol and (2) the mad insistence of IT departments that everything - including process control systems - has to come under their control.

    There's nothing wrong with OPC per se, but it relies on DCOM (which isn't secure). Even if they've moved to the better OPC UA or some other architecture there's still the craziness of making industrial systems accessible over the corporate network.
  • by chill (34294)

    What if he were a terrorist? Al-queda could sabotage the wind turbines, creating a MASSIVE wind spill! Think of the economic impact...the devastated lives...the broken families! Did we learn nothing from BP in the Gulf?

    Oh the humanity!

    We need Michael Bay to create a movie to fully articulate the possibilities of such a disaster. Wind everywhere...

    • Actually on a serious note, if he had control over the direction of the nacelle and/or the blade pitch, he might be able to break the turbine. These things are actively controlled, they have wind sensors on them that measure the wind speed and direction, and then electric motors are used to point the nacelle into the wind and adjust the blade pitch (and possibly also some settings on a gearbox inside the nacelle). I imagine that if he could accelerate the blades to a high speed and then quickly turn it side

  • Stupid goal (Score:5, Funny)

    by DoofusOfDeath (636671) on Monday April 18, 2011 @07:16AM (#35853934)

    He'll risk prison just to break wind in public?

  • MOST SCADA systems are horribly protected. idiot managers and phb's want remote access to systems that should be on protected and isolated networks. Please sack the managers that demand remote internet access to SCADA systems that do not have a legitimate reason other than to satisfy the demand of that manager.

    I know of several Water filtration plants that are horribly open to attack because the supervisor of them is too damn lazy to drive in to do his work. And YES you can easily make a secure connecti

  • by Fr05t (69968)

    pics or it didn.... oh.

  • Justification for his firing is sounding better and better all the time.

    -Restil

  • FAKE (Score:5, Insightful)

    by StickyWidget (741415) on Monday April 18, 2011 @08:09AM (#35854210)
  • *waits for applause and laughter*

    *sulks away*

  • Anyone got a link to the actual pics that the article merely talks about? Would be hilarious if he's trying to pass off vendor instruction / tech manual screen shots as his "proof".

    The guy could have caused a heck of a lot more disruption if he knew he was going to be canned and collected his screenshots first... You can imagine the extremely expensive chaos if he later publishes screenshots of a system that in fact cannot be remotely broken into. Millions of dollars spent trying to figure out how he got

  • Is this guy really touting that he hacked this stuff, because he was let go from his job? Embarrassing a company is nothing new these days. Assuming his claims are indeed true, he's now boasted about his mis-deeds and it will only served to be used against him in a court of law.

    • by nedlohs (1335013)

      And the government will do enough squinting to frame it as an terrorist attack on essential energy infrastructure.

    • by tnk1 (899206)

      Idiots that carry out these actions don't do it so that they can get away with it, otherwise it would be very carefully made to look like an accidental malfunction. They want everyone to know how much smarter they are than their employer.

      The problem with their tactics are that:

      a) getting caught means they will get in a lot more trouble than simply losing their job, proving beyond a doubt that they are self-destructive and stupid.
      b) having something break isn't going to show how stupid the company is, they'

  • "It's probably still up in the air as to whether this was a real threat or a hoax," Cusimano said.

    Hopefully he put air quotes around that as well.

  • I have been to a wind farm and seen the setup. I would not be surprised if this is possible at all.

    Basically you have a company that runs the windmills and you have a different company that actually builds the damn things.

    So while NextEra Energy Resources may run the stupid things, likely someone like Siemens actually built the things. Generally speaking while NextEra Energy Resources may maintain things, Siemens would really be the technical experts.

    Thus this is why I was told companies like Siemens can ac

System checkpoint complete.

Working...