| ||Thread Tools|
|10th May 2013, 07:43||#1|
Join Date: May 2010
Google building hacked down under
An ex Google employee has found that his former employer had some serious security holes at its new office in Sydney, Australia.
Billy Rios, who now works at insecurity outfit Cylance, was working on a project to identify vulnerable internet facing Industrial Control Systems (ICS).
Writing in his blog, he said that the project is far from complete, but it did net one high profile customer while looking through the scan results.
The scan turned up a Tridium Niagara device on the internet run by Google is using Tridium Niagara for various Building Management Systems (BMS) in the Google Wharf 7 building.
Rios conducted a quick interrogation of the Tridium device, yielding a wealth of information about the specific platform version. Apparently Google was running a slightly outdated version and the QNX operating system running on an embedded device.
Armed with a few pieces of data, Rios used a custom exploit to extract the onfig.bog file which contained the specific configurations for this particular device and usernames and passwords for all the users on the device. This could then be decoded and the building was owned.
Rios rang his mates at Google who gave him no end of hassling, but they did pull the system offline.
He said that it was important that people realise how pervasive these sorts of hacks are. Rios estimates that there are tens of thousands of devices on the internet and thousands of different organisations which could be taken out by hackers.
Rios said that his company has discovered over 25,000 of these systems facing the internet and if Google can fall victim to an ICS attack, anyone can.
|Thread||Thread Starter||Forum||Replies||Last Post|
|Google Glass Already Hacked||Stefan Mileschin||WebNews||0||29th April 2013 10:07|
|Windows 8 bug hacked already||Stefan Mileschin||WebNews||0||5th November 2012 07:22|
|Google draws 25 million new building footprints in Maps||Stefan Mileschin||WebNews||0||22nd October 2012 09:30|
|The Scrap Value of a Hacked PC,||jmke||WebNews||0||16th October 2012 15:49|
|R/C PPM hacked||jmke||WebNews||0||10th October 2010 13:48|
|Intel: We Were Hacked Too||jmke||WebNews||0||24th February 2010 16:23|
|China Hacks Google Servers, Google decides to remove content filter on Google.cn||jmke||WebNews||0||13th January 2010 16:39|
|Google, Microsoft and Apple building online storage havens: you win||jmke||WebNews||0||13th August 2007 14:05|
|Irrational Building Number Causes Tragedy at Google||jmke||WebNews||3||29th March 2005 19:44|
|Hacked?||BlackRabbit||Hardware/Software Problems, Bugs||13||6th January 2003 13:07|