UPDATE: Looking For a 'FireSheep' Moment, Researchers Lay Bare Woeful SCADA Security
"A no-holds barred presentation at the S4 Conference laid bare the woeful state of security for many industrial control systems that power the world's critical infrastructure. Organizers have also cooperated with security scanning firms Rapid7 and Tenable to release modules for the Metasploit and Nessus products that can test for the discovered security holes.
The talk presented the findings of "Project Basecamp," a volunteer-led security audit of leading programmable logic controllers (PLCs). The audit found that decrepit hardware, buggy software and pitiful or nonexistent security features make thousands of PLCs vulnerable to trivial attacks by external hackers that could cause PLC devices to crash or run malicious code."
Project Basecamp at S4
