Scary to think how many of these types of systems there are out there that nobody knows how to change the passwords so employees leave or are fired and the new guy is just told what the password is. That's bad enough when it's not connected and exposed to the internet. The other problem is all the systems exposed to the internet with password as the password.......
From: AF <af-boun...@af.afmug.com> On Behalf Of Steve Jones Sent: Tuesday, February 9, 2021 10:35 AM To: AnimalFarm Microwave Users Group <af@af.afmug.com> Subject: Re: [AFMUG] Wow This sounds a whole lot more like an ex employee with a RAT than "hackers". GUI driven access to a water systems control and setting a specific value is not the work of "hackers" I used to work at a factory as a supervisor of the contract staff when i was like 18, one of my roles was to record a message on the PBX every night indicating who was working, who was laid off, etc. I went to jail and lost that job. some time later i was bored so dialed into the system and tried out the numbers i pressed in house to see if there was external access to record the message. there was. The message happened to be changed to "nobody has to fucking work" that night, or so I hear. half the staff didnt show up. They were "hacked" too On Tue, Feb 9, 2021 at 9:58 AM Mike Hammett <af...@ics-il.net<mailto:af...@ics-il.net>> wrote: TeamViewer even... ----- Mike Hammett Intelligent Computing Solutions<http://www.ics-il.com/> [http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/ICSIL>[http://www.ics-il.com/images/googleicon.png]<https://plus.google.com/+IntelligentComputingSolutionsDeKalb>[http://www.ics-il.com/images/linkedinicon.png]<https://www.linkedin.com/company/intelligent-computing-solutions>[http://www.ics-il.com/images/twittericon.png]<https://twitter.com/ICSIL> Midwest Internet Exchange<http://www.midwest-ix.com/> [http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/mdwestix>[http://www.ics-il.com/images/linkedinicon.png]<https://www.linkedin.com/company/midwest-internet-exchange>[http://www.ics-il.com/images/twittericon.png]<https://twitter.com/mdwestix> The Brothers WISP<http://www.thebrotherswisp.com/> [http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/thebrotherswisp>[http://www.ics-il.com/images/youtubeicon.png] <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> ________________________________ From: "Cameron Crum" <cc...@murcevilo.com<mailto:cc...@murcevilo.com>> To: "AnimalFarm Microwave Users Group" <af@af.afmug.com<mailto:af@af.afmug.com>> Sent: Tuesday, February 9, 2021 9:55:12 AM Subject: Re: [AFMUG] Wow 1. Why is the system exposed to the public internet at all? 2. Why would they have remote desktop on a machine that has access to these systems? Like most municipal IT departments, they are probably staffed with guys who couldn't get a better job in the private sector. Scary. On Tue, Feb 9, 2021 at 9:46 AM Bill Prince <part15...@gmail.com<mailto:part15...@gmail.com>> wrote: In one of the reports I read, they described the mouse/cursor moving around as if an invisible hand was moving it. Sounds to me as if they're doing a remote desktop or something? bp <part15sbs{at}gmail{dot}com> On 2/9/2021 7:42 AM, Nate Burke wrote: It's like the hacks of every late 80s-early90's moving coming true. On 2/9/2021 8:45 AM, Jaime Solorza wrote: https://www.cnn.com/2021/02/08/us/oldsmar-florida-hack-water-poison/index.html -- AF mailing list AF@af.afmug.com<mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com<mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com<mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com ________________________________ Total Control Panel Login<https://asp.reflexion.net/login?domain=litewire.net> To: ja...@litewire.net<https://asp.reflexion.net/address-properties?aID=242260993&domain=litewire.net> From: af-boun...@af.afmug.com<mailto:af-boun...@af.afmug.com> You received this message because the domain afmug.com is on your allow list.
-- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
