Public search engine lists vulnerable control systems

Shodan maintains database of weak security in traffic lights, CCTV, power stations

Tags: Cyber crimeShodan (
  • E-Mail
Public search engine lists vulnerable control systems Shodan can be used to search for over 500m devices connected to the Internet.
By  Stephen McBride Published  April 9, 2013

"You can log into just about half of the Internet with a default password," said HD Moore, chief security officer of Rapid 7, which operates a private variation of Shodan's system for his own research purposes.

Check out our gallery of Shodan's scariest offering's.

Many devices that are online with weak passwords are thought to be connected without the knowledge of their administrators. Some may be online by convenience and are not protected because they are considered of little interest.

"Of course there's no security on these things," said Matherly, "They don't belong on the Internet in the first place."

Last year security expert Dan Tentler showed industry peers in a conference hall how, through Shodan, he found control systems for evaporative coolers, pressurised water heaters, and garage doors.

According to CNN Money, Tentler found several real-world machines that could be enabled and disabled by the click of a mouse, including a car wash that could be turned on and off and a hockey rink in Denmark that could be defrosted. One city's entire traffic control system was available and could be set to "test mode" from Tentler's computer. He also found an ICS for a hydroelectric plant in France, running twin 3-megawatt turbines.

"You could really do some serious damage with this," Tentler summarised.

Matherly argues that Shodan, completed more than three years ago as a private project, is designed for so-called White Hat operators for the purposes of research and he tries to restrict users by limiting searches to just 10 results for casual visitors. Even if users sign up to a free account they are allowed a maximum of 50 searches. For unrestricted access to the entire Shodan database, users must pay a fee and Matherly uses a registration process including a questionnaire about the motives of the applicant.

Check out our gallery of Shodan's scariest offering's.

While he accepts that some cyber criminals may use Shodan as a starting point, Matherly argues that most Black Hats run networks of infected computers called botnets that compile similar information to that of Shodan and so would have no need of its services.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code