I am very interested in computer security and industrial SCADA systems especially. SCADA = Supervisory Control And Data Acquisition = the systems and protocols that run our factories and industrial plants.
SCADA systems were originally designed to be used within a physical plant so no effort was made to implement security. In a few years, the managers wanted to log in from remote locations and plants at different sites needed to talk to the central office. Needless to say, this opened up a big can of worms that is still being dealt with today.
I am on a private email list for this kind of issue and this email came in today - names and organizations have been redacted:
Email:
There have been many reports of the Chinese and others attacking our critical infrastructure. Last year, XXX XXXXXXX from ZZZZZZZZ developed a control system honeypot representing a small water utility in rural Missouri and then identified the attackers some of whom were from China. XXXXX XXXXXXX from ZZZZZZZZZZZZ took a similar approach and the results are astounding. He acquired some KKKKKKKK switches from E-Bay and set up a network emulating a well pumping station.
Within 2 hours of connecting the systems, he was being attacked primarily from China. This is even more interesting when you realize when the attack started, the honeypot was not seen on specific website. This shows the level of monitoring going on in China.
Google does it, the No Such Agency does it - not surprising that China (and Russia) do it. The issue is to implement solid security and train the users to follow it.