I’ve been leery of the weak security used by SCADA and other industrial control systems. Once Stuxnet was loose in the wild, it just became a matter of time before some terrorist or teenager broke into electrical transmission and distribution systems.
Now it’s worse. Because Rapid 7, creators of Metasploit, released two new exploits that attack the Modicon Quantum programmable logic controller, used in chemical and wastewater plants, factories and refineries.
I have about worn out my fingers writing about the dangers we face with a) these exploits in the wild and b) those systems being accessible from the Internet. Simply put, they must not be. Must. Not. Be.
Read more: http://www.wired.com/threatlevel/2012/04/exploit-for-quantum-plc/