All the latest UK technology news, reviews and analysis

Scada bugs make security a turkey shoot for hackers

27 Nov 2012
Siemens Scada system

A security researcher has lambasted Scada appliance vendors over what he says is extremely weak security in the industrial software platforms.

Aaron Portnoy, vice president of research for security firm Exodus Intelligence, said that finding flaws in platform was extremely easy and likened attacking Scada appliances with zero-day flaws to hunting a "small flightless bird".

Portnoy's bird comparison struck him while celebrating the Thanksgiving holiday. The researcher said that while preparing the meal, he took a look into the protections built into many Scada appliances.

"On Thanksgiving day I had a morning’s worth of time to wait for a turkey to cook," he explained, "so I decided to take a shot at finding as many Scada zero-day vulnerabilities as possible."

Over the course of the day, Portnoy said that he was able to uncover some 23 vulnerabilities. The flaws included eight remote code execution bugs, 13 denial of service flaws and several other bugs for arbitrary file downloads and flaws which could be used to launch other vulnerable applications.

The report could cast further doubt on an already tenuous security picture for Scada appliances and other industrial systems. Researchers have long warned that as infrastructure systems are brought online, systems which had not been designed with security in mind would be highly vulnerable.

Attacking such systems could allow third parties to cripple infrastructure networks, potentially leading to power and utility outages.

Portnoy noted that performing such attacks could prove even easier than previously believed, due to the prevalence of software flaws.

"The most interesting thing about these bugs was how trivial they were to find. The first exploitable zero-day took a mere seven minutes to discover from the time the software was installed," Portnoy said.

"For someone who has spent a lot of time auditing software used in the enterprise and consumer space, Scada was absurdly simple in comparison."

The help improve the security of industrial systems, Portnoy is hoping to open lines of communication with ICS-Cert to gain access to industrial control software and provide vendors with better audits and assessments of possible security vulnerabilities.

The most imfamous example of an attack on a Scada system to date has been the Stuxnet worm, which is widely believed to have been created by state-sponsored malware writers,

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Shaun Nichols

Shaun Nichols is the US correspondent for He has been with the company since 2006, originally joining as a news intern at the site's San Francisco offices.

More on Security
What do you think?
blog comments powered by Disqus

Microsoft Azure outage

Is cloud computing reliable enough for business yet?

Popular Threads

Powered by Disqus
Windows Home Server enables digital spanking

Windows Home Server enables digital spanking

Microsoft shows off how Windows Home Server can be used to administer a home network

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging


Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

SAP Change / Release Manager with ITIL & Prince2

SAP Change and Release Manager with ITIL and PRINCE2...

Senior Software Developer

Are you an ambitious developer who is looking to take...

Graduate Software Developer C C++ Java C# Cambridge

Graduate Software Developer C C++ Java C# OO Cambridge...

Senior Developer

ShortList Recruitment has an exciting opportunity for...
To send to more than one email address, simply separate each address with a comma.