We've written before about hapless business owners practically handing hackers customers' information by failing to observe basic computer security (Subway, we're looking at you
). But this is a security fail on a whole different level. A researcher has just revealed that about ten thousand systems controlling water plants, sewage plants, and other infrastructure are online, mostly unprotected and findable with a simple search. Manufacturers of such industrial control systems, which can be used to direct everything from a high school's lighting to power plants, have taken comfort in the fact that they aren't supposed to be connected to the web, and thus protecting them from hackers isn't necessary, said Eireann Leverett, the computer science grad student who presented these findings at the S4 conference
(we learned of them from Kim Zetter at Wired's Threat Level
). But for whatever reason, in many cases the computers running the control software ...
