FBI: Hackers Breached New Jersey Industrial HVAC System
The hackers apparently leveraged a backdoor in the Niagara AX Framework.
According to a recently-published FBI memo [PDF file], hackers successfully accessed the industrial control system (ICS) network of an unidentified New Jersey air conditioning company earlier this year.
"The intruders were able to access a backdoor into the ICS system that allowed access to the main control mechanism for the company's internal heating, ventilation, and air conditioning (HVAC) unit," the memo states.
"The backdoor was contained in older versions of the Niagara AX Framework, which is used to remotely control boiler, heating, fire detection, and surveillance systems for the Pentagon, the FBI, the US Attorney's Office, and the Internal Revenue Service, among many others," writes Ars Technica's Dan Goodin. "The exploit gave hackers using multiple unauthorized US and international IP addresses access to a 'Graphical User Interface (GUI), which provided a floor plan layout of the office, with control fields and feedback for each office and shop area,' according to the memo, which was issued in July."
"The company used the Niagara system not only for its own HVAC system, but also installed it for customers, which included banking institutions and other commercial entities," notes E Hacking News' Sabari Selvan.
"The breach occurred in February and March of this year, several weeks after someone using the Twitter moniker @ntisec posted a message online indicating that hackers were targeting SCADA systems, and that something had to be done to address SCADA vulnerabilities," writes Wired's Kim Zetter. "The individual had used the Shodan search engine to locate Tridium Niagara systems that were connected to the internet and posted a list of URLs for the systems online. One of the IP addresses posted led to the New Jersey company’s heating and air conditioning control system."