I don't know the details of this specific system, but I have seen some systems that would break (utter and complete failure) upon password change. Some vendors would go so far as to threaten that support contracts would not be honored if passwords were changed. That was 12 years ago, but I imagine that some vendors still hard-code passwords and rely on them not changing. It'll take lawyers and contracts and court battles to sort those vendors out.

"and other Internet-facing Simatic HMI systems .."

I love that ThreatPost wedged that one in there -- anyone who has worked with SCADA systems knows the second rule is "don't expose your HMI's." (The first rule is "don't believe the vendor.")

> couldn't confirm that a default, three digit password hard coded into an application used to control the company's SCADA software played a role.

Isn't that as good as saying "yes, the default password is always 100"?

That's not a hack, that's opening a door locked by a piece of tape.

should have shipped with custom password. Assuming the sysadmin could read.

123