Poor security has left U.S. electrical grids, pipelines, chemical plants and other infrastructure vulnerable to the threat of cyberattacks, experts say.
When a Southern California water utility wanted to test the security of its computer networks it hired Los Angeles hacker Marc Maiffret to have at it, the Los Angeles Times reported Monday. In one day, Maiffret’s team was able to control the equipment responsible for adding chemicals to the drinking water.
The problem, Maiffret discovered, was the gaping security hole left by county employees logging into the network through their own home computers. A few mouse clicks could have left the county’s water supply undrinkable for millions, the Times reported.
“There’s always a way in,” said Maiffret, who declined to identify the water system for its own protection.
The weaknesses he found in California exist in crucial facilities nationwide, U.S. officials and private experts say.
Similar control systems vulnerable to the kind of hacking Maiffret was able to do also process electrical grids, pipelines, chemical plants and other infrastructure.