The critical infrastructure hack that never was

David Heath
Tuesday, 19 April 2011 23:04

Business IT - Security

Yesterday the Internet was a-buzz with tales of a hacker shutting down a US-based wind farm.  Pity it never happened.

On Saturday 16th April, claiming to be a disgruntled ex-employee, someone calling themselves Bigr R announced on the Full Disclosure mailing list "Here comes my revenge for illegitimate firing from Florida Power & Light Company (FPL) ... ain't nothing you can do with it, since your electricity is turned off !!!"

Attached to the submission was a sequence of 8 images - supposed screen shots from the hacked system and what appeared to be a Cicso router configuration file seemingly from the hacked company - Florida Power and Light - the owners and operators of the wind farm in question.

The news sites were all over the story.

Even at the time of writing these stories, the doubts were creeping in. 

Computerworld themselves reported that the consumers of the facility's output, New Mexico Utility company PNM "is not aware of any incidents affecting the company's Fort Sumner facility."  Surely with the media paranoia regarding critical infrastructure (Stuxnet, anyone?) news of a hacker-caused outage would have spread like wildfire.

A casual view of the provided images suggests that the site runs WinCC - a very common Supervisory Control and Data Acquisition (SCADA) software system.  Oddly (and unconnectedly) this is the same system targeted by Stuxnet.

However, there are also some immediate difficulties with the screens.