If you’ve been following the Smart Grids debate, you won’t have missed all the security implications it poses. There’s plenty of talk about the implications of intrusions into critical infrastructure, state-sponsored attacks and cyberwar. With all that, you’d think energy providers and utilities would take at least some measures to remedy potential vulnerabilities. Alas, no. Threatpost reports of a SCADA system of a Texas utility, which public facing interface was protected by a 3 (three!) character password. The hacker identifying the weakness has this to say:

“I’m sorry this ain’t a tale of advanced persistent threats and stuff, but frankly most compromises I’ve seen have been have been a result of gross stupidity, not incredible technical skill on the part of the attacker. Sorry to disappoint.”