SCADA Strangelove

Group members have and continue to develop and publish numerous open source tools for scanning, fingerprinting, security evaluation and password bruteforcing for ICS devices.

[2] Open source security assessment frameworks, such as THC Hydra,[3] Metasploit,[4] and DigitalBond Redpoint[5] have used Shodan-developed tools and techniques.

[10] Group members are frequently seen presenting at conferences like CCC, SCADA Security Scientific Symposium, Positive Hack Days.

Most notable talks are: An overview of vulnerabilities discovered in the widely distributed Siemens SIMATIC WinCC software and tools that are implemented for searching ICS on the Internet.

In their talks, group members often refer to Cold War events such as the Caribbean Crisis, and draw parallels between nuclear arms race and the current escalation of cyberwar.

However, conflicts still happen, notably in 2012 when the talk at DEF CON[20] was called off due to a dispute of persistent weaknesses in Siemens industrial software.