Hackers Could Hold Entire Wind Farms Hostage

Security researchers have demonstrated that they can hack the software systems used in wind turbines, and warn that it may be possible to use the vulnerability to take an entire wind farm hostage. At the Black Hat security conference in Las Vegas, Jason Staggs from the University of Tulsa explained that some wind turbines have control systems that run aged, unsupported operating systems like Windows 95, which are straightforward to hack. In fact, as the Finanical Times reports (paywall), he's shown that it's possible to send a command to a wind turbine that can stop its blades from turning. More worrying, he also found that the networks used in wind farms could lend themselves to a widespread attack. "Wind turbines aren't segmented" across a farm, he explained to PC Mag. "If you can own one of them, you can own them all." Combined, the findings mean that it could be possibble to shut down energy production of an entire wind farm, which would allow hackers to cause a utility tens of thousands of dollars in losses for every hour of downtime—until they pay up a ransom.