<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
  <channel>
    <title>Ics-Security on Kartik Sankhla</title>
    <link>https://kartiksankhla.com/tags/ics-security/</link>
    <description>Recent content in Ics-Security on Kartik Sankhla</description>
    <image>
      <title>Kartik Sankhla</title>
      <url>https://kartiksankhla.com/og-image.png</url>
      <link>https://kartiksankhla.com/og-image.png</link>
    </image>
    <generator>Hugo</generator>
    <language>en-us</language>
    <lastBuildDate>Fri, 10 Jul 2026 20:00:00 +0530</lastBuildDate>
    <atom:link href="https://kartiksankhla.com/tags/ics-security/index.xml" rel="self" type="application/rss+xml" />
    <item>
      <title>Smoke on the water plant: a 2/5 attacker and a city&#39;s chlorine levels</title>
      <link>https://kartiksankhla.com/posts/smoke-on-the-water-plant/</link>
      <pubDate>Fri, 10 Jul 2026 20:00:00 +0530</pubDate>
      <guid>https://kartiksankhla.com/posts/smoke-on-the-water-plant/</guid>
      <description>In March 2016, attackers rated 2 out of 5 in sophistication reached the chemical-dosing controls of a US water utility — through a SQL-injected payment portal, a password left in a plaintext config file, and a physical Ethernet cable that bypassed every logical safeguard standing between them. A case study in why the least-skilled attacker in the building is still dangerous once the architecture has already done the work for them.</description>
    </item>
  </channel>
</rss>
