ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    GE Power Grid Relays Found with Hard Coded Password and Breached Encryption

    News
    general electric security password
    4
    7
    932
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • mlnewsM
      mlnews
      last edited by

      GE, one of the biggest players in the US power grid system, has been caught having implemented protection relays in the power grid system using a home-made encryption system (which has been compromised) and hardcoded passwords (which are now exposed and known to hackers) leaving the power grid exposed and able to be turned on and off at will by those that have breached the system and know the passwords. GE has provided patches for some of the products and is rushing to fix the ones remaining. How many, if any, customers have taken advantage of the patches and upgraded their systems, is unknown. The attack requires access to the devices, so only if exposed to the Internet is the risk very high, but given that we are talking about systems without standard encryption and with hard coded passwords, what are the chances that other proper security systems are in place?

      travisdh1T 1 Reply Last reply Reply Quote 0
      • scottalanmillerS
        scottalanmiller
        last edited by

        Good to know that the power grid relies on "LAN-based security." Argh.

        1 Reply Last reply Reply Quote 1
        • scottalanmillerS
          scottalanmiller
          last edited by

          0_1493286303058_IMG_4972.JPG

          1 Reply Last reply Reply Quote 2
          • travisdh1T
            travisdh1 @mlnews
            last edited by

            Wow, the fail is strong today. GE here, Netgear deleting everything, and HPE discontinuing products and trying to keep it a secret from customers, it's been a bang up day already.

            scottalanmillerS 1 Reply Last reply Reply Quote 1
            • coliverC
              coliver
              last edited by

              One of the many reasons we need to work to modernize our electrical system.

              scottalanmillerS 1 Reply Last reply Reply Quote 1
              • scottalanmillerS
                scottalanmiller @travisdh1
                last edited by

                @travisdh1 said in GE Power Grid Relays Found with Hard Coded Password and Breached Encryption:

                Wow, the fail is strong today. GE here, Netgear deleting everything, and HPE discontinuing products and trying to keep it a secret from customers, it's been a bang up day already.

                @travisdh1 said in GE Power Grid Relays Found with Hard Coded Password and Breached Encryption:

                Wow, the fail is strong today. GE here, Netgear deleting everything, and HPE discontinuing products and trying to keep it a secret from customers, it's been a bang up day already.

                Don't forget the Webroot disaster earlier this week.

                1 Reply Last reply Reply Quote 1
                • scottalanmillerS
                  scottalanmiller @coliver
                  last edited by

                  @coliver said in GE Power Grid Relays Found with Hard Coded Password and Breached Encryption:

                  One of the many reasons we need to work to modernize our electrical system.

                  Or, you know, use competent contractors for the components.

                  1 Reply Last reply Reply Quote 1
                  • 1 / 1
                  • First post
                    Last post