In what could be termed as a rather shocking discovery, it has been revealed that Scada systems, used for the operation of many critical infrastructures including the likes of power plants, could be at high risk as they openly make available their sensitive data on Google search results.
The revelation was made by researchers at the Black Hat conference, held in Las Vegas on Tuesday, during a seminar entitled "Building, Attacking And Defending SCADA Systems in the Age of Stuxnet."
According to the demonstration presented by prominent researcher Tom Parker, the details of something as sensitive as the 'RTU pump status' for a Remote Terminal Unit, could be found by merely typing a few key words associated with a PLD (programmable logic controller).
"You can do a Google search with your web browser and start operating [circuit] breakers, potentially," Parker, chief technology officer at security consultancy FusionX, said in an exclusive statement to CNET News.
Mr. Parker also expressed his concerns about the easy availability of such critical information over the web, which virtually anyone with a decent amount of technological skill, and malicious motives could exploit, leading to a disastrous outcome.