> if there are so many hydropower plans et al vulnerable for VNC, how come we didn't have some major catastrophe?
> And there is no shortage of people out there who would not think twice to blow things up.
From my observation, those people tend to be those that care more about doing "flashy" things (i.e. be seen), rather than solving problems and bypassing protections. People that get access to important systems or acquire the skills to mess things up tend to be satisfied by having solved a puzzle and being able to mess things up.
Of course, some have. See Stuxnet (actually somewhat serious). The point is that this intersection is fairly small and only a fraction of compromised systems will actually get things messed up.
I hope I'm wrong but I feel that if a group like ISIS could do some major damage using a click of s button, then they would. And they are probably actively trying.
They can kidnap / recruit hackers and force them / brainwash them into doing anything.
They are not stupid and we saw they have no red lines. Instead of banning encryption the FBI and Interpol should force dangerous infrastructure to close their security gaps first.
> And there is no shortage of people out there who would not think twice to blow things up.
From my observation, those people tend to be those that care more about doing "flashy" things (i.e. be seen), rather than solving problems and bypassing protections. People that get access to important systems or acquire the skills to mess things up tend to be satisfied by having solved a puzzle and being able to mess things up.