Industrial control system comes with a backdoor: Although the system was password protected in general, the backdoor through the IP address apparently required no password and allowed direct access to the control system. "[Th]e published backdoor URL provided the same level of access to the company's control system as the password-protected administrator login," said the memo.

The link for this article located at Schneier on Security is no longer available.