Industrial Control System Hacked Using Backdoor Posted Online

Event Year: 2012 Reliability: Confirmed
Country: United States
Industry Type: Other
Description:

Hackers gained unauthorized access to the industrial control system of a New Jersey air conditioning company using a backdoor vulnerability that was posted online.  The hackers breached the ICS network through a backdoor in its Niagara AX ICS system made by Tridium (a Honeywell Company) giving them access to the controls for the company’s heating and air conditioning. The system was password protected, however, the backdoor through the IP address required no password allowing direct access to the control system. Forensic logs revealed that the system was accessed from multiple IP addresses in and outside the United States.
A memo was published from the FBI’s office regarding this incident. 

According to the Tridium website, more than 300,000 Tridium Niagara AX Framework systems are installed worldwide.  According to Ars Technica, a search of Shodan in early 2012 security researcher Billy Rios uncovered more than 20,000 of the Niagara systems connected to the internet.

Impact:

Hackers gained unauthorized access to the industrial control system of a New Jersey air conditioning company using a backdoor vulnerability.