Hack Hack Hack Hack It Apart
On the heels of Secretary of Defense Leon Panetta scaring the crap out of everyone regarding cyberattacks, SophosLabs’ NakedSecurity blog linked to a Homeland Security alert which warns that hackers could take control of solar energy plants.
Plant administrators use the vulnerable software to control energy-generating solar plants. However the programming wasn’t written with security in mind; it’s a swiss cheese of SQL injection holes:
That was fast. In mid-July hackers calling themselves “the D33Ds Company” gave Yahoo a spanking for lax security by posting the login information of some of the 453,000 mostly unpaid bloggers working for Yahoo and Associated Content’s contributor network. Less than a month later, we’ve got the first class-action lawsuit related to the breach.
New Hampshire resident Jeff Allan is the named plaintiff in the case. In papers filed July 31 in a U.S. District Court in Northern California, attorneys detailed how Mr. Allan discovered his information was compromised: