Authentication specialist, SecurEnvoy has slammed Israeli Supervisory Control and Data Acquisition (SCADA) systems for failing to use authentication security to protect its data from hactivist group Anonymous.
Earlier this week, Anonymous published Israeli SCADA login details, as part of efforts to hack Israeli Web sites, in a campaign called Operation Free Palestine, as reported in Info World.
SCADA systems are often used for protecting critical national infrastructure platforms such as energy and telecommunications grids.
Last week, a Saudi hacker published the personal information and active credit card numbers of thousands of Israeli citizens, prompting Israel's deputy foreign minister, Danny Ayalon, to compare hacking to terrorism.
Commenting on reports that Anonymous had published the credentials of several Israeli SCADA system users, SecurEnvoy co-founder Steve Watts said it's surprising that these systems were not protected by authentication technology in the first place.
“These systems are typically based around an embedded and robust version of Windows, which makes them resilient against most malware and allied hacker attacks, but using user password credentials on their own to secure access is a bit puzzling, given the critical nature of these types of systems,” he says.
He adds that, often, users are inconvenienced with having to interact with two-factor authentication; however, he points out that this should be no excuse, as millions of online banking users use this technology to protect their personal information.
Watts went on to say that, with the advent of tokenless two-factor authentication that uses a mobile phone as the authentication communications medium, there really is no excuse not to use two-factor authentication technology to secure logons more effectively.
He adds: “Of course, if the SCADA systems were also protected using tokenless two-factor authentication, then the possession of an ID and password on their own would not have allowed access, no matter who was using these credentials.”
Share