All the latest UK technology news, reviews and analysis
|
|
|
12 May 2011
Experts at the US Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) are warning security teams in industrial plants of yet another publicly available exploit which could allow hackers to take over Scada control systems.
In an alert on Wednesday (PDF), the US government organisation referenced research from audit firm Security-Assessment.com (PDF) which highlighted the flaw in two Iconics Scada systems known as Genesis32 and BizViz.
"Exploitation of this vulnerability requires a user with the ActiveX control installed to visit a page containing specially crafted JavaScript. Users can generally be lured to visit web pages via email, instant message or links on the internet," explained the original advisory.
"By passing a specially crafted string to the 'SetActiveXGUID' method, it is possible to overflow a static buffer and execute arbitrary code on the user's machine with the privileges of the logged on user."
Genesis32 is deployed mainly across the US and Europe in sectors including manufacturing, oil and gas, water and sewage and electric utilities, according to ICS-CERT.
Iconics has now issued a patch, WebHMI V9.21, and plans to address the flaw in its version 9.22 update of Genesis32 and BizViz, although this will not be until June.
In the meantime, ICS-CERT recommended users at companies running the affected systems to be wary of clicking web links or opening unsolicited attachments in emails. IT managers in such facilities should also minimise network exposure for all control system devices.
"Locate control system networks and remote devices behind firewalls and isolate them from the business network," ICS-CERT stated in the advisory. "When remote access is required, use secure methods such as virtual private networks."
The revelation of another flaw in Scada systems will surprise few in the industry. There has been a steady stream of similar discoveries ever since the Stuxnet worm demonstrated the potentially dramatic effect of a well-crafted malware attack on industrial systems.
Latest stories from Security
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
V3 examines the key strengths and weaknesses of Samsung's latest iPhone killer
Connect with V3.co.uk
Social networking is almost ubiquitous. This white paper examines the benefits and risks and it looks at the different ways companies can reconcile them
The importance of understanding your infrastructure
The Role: As a Field Service Engineer working from...
The Role: Make the most of your IT knowledge in one...
Head of IT / Infrastructure Manager (Marketing Services...
A Multi-national data analytic's and cloud computing...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
From USB cyberwarfare to Web cyberterror
Operators of SCADA/PLC systems have too long put their faith in the "uncrossable" air gap and "security through obscurity." It does not take a nation state to construct a Stuxnet and it doesn't even take a walk-in espionage operative with a USB stick to infect an ICS. As experts like Ralph Langner and even novelists (Lior Samson, Web Games) have been warning, if any part of your organization is connected, your ICS is connected--and vulnerable.
Posted by: Larry Constantine 27 May 2011