VNC Leaves Computers Completely Vulnerable
A hacker has shown how software on thousands of computers -- with access to everything from industrial systems to x-ray machines to medical records -- has left them open to attack and able to be viewed remotely.
A Moroccan hacker, who goes by the name “Revolver”, discovered an absurd number of people were running an open-source program called VNC that allows users to access and control a desktop from virtually anywhere. The problem is that when the program was set up, no one installed a password, so now anyone who knows where to look can find them.
Essentially out of curiosity, Revolver wrote code that would search the web for unsecured servers running VNC. If the program scans an IP address and there’s nothing, it moves on, but if it finds an unsecured connection it takes a screenshot. It found thousands of connections that totaled in around 23 gigabytes of screenshots.
Many of the screenshots are now available and geotagged through a website called VNC Roulette. Not only were Windows, Mac, and Linux systems all accessible, so were machines in industrial facilities that were controlled by supervisory control and data acquisition (SCADA) systems.
Ultimately, however, this was not a flaw in VNC, but laziness on the part of users in not setting up the bare minimum of security standards. Apparently, most people when setting up the program just never bothered to set up a password, which is something you would think you might do when setting up a program to remotely access, let’s say, an industrial control system.