All the latest UK technology news, reviews and analysis


Scada bugs make security a turkey shoot for hackers

27 Nov 2012
Siemens Scada system

A security researcher has lambasted Scada appliance vendors over what he says is extremely weak security in the industrial software platforms.

Aaron Portnoy, vice president of research for security firm Exodus Intelligence, said that finding flaws in platform was extremely easy and likened attacking Scada appliances with zero-day flaws to hunting a "small flightless bird".

Portnoy's bird comparison struck him while celebrating the Thanksgiving holiday. The researcher said that while preparing the meal, he took a look into the protections built into many Scada appliances.

"On Thanksgiving day I had a morning’s worth of time to wait for a turkey to cook," he explained, "so I decided to take a shot at finding as many Scada zero-day vulnerabilities as possible."

Over the course of the day, Portnoy said that he was able to uncover some 23 vulnerabilities. The flaws included eight remote code execution bugs, 13 denial of service flaws and several other bugs for arbitrary file downloads and flaws which could be used to launch other vulnerable applications.

The report could cast further doubt on an already tenuous security picture for Scada appliances and other industrial systems. Researchers have long warned that as infrastructure systems are brought online, systems which had not been designed with security in mind would be highly vulnerable.

Attacking such systems could allow third parties to cripple infrastructure networks, potentially leading to power and utility outages.

Portnoy noted that performing such attacks could prove even easier than previously believed, due to the prevalence of software flaws.

"The most interesting thing about these bugs was how trivial they were to find. The first exploitable zero-day took a mere seven minutes to discover from the time the software was installed," Portnoy said.

"For someone who has spent a lot of time auditing software used in the enterprise and consumer space, Scada was absurdly simple in comparison."

The help improve the security of industrial systems, Portnoy is hoping to open lines of communication with ICS-Cert to gain access to industrial control software and provide vendors with better audits and assessments of possible security vulnerabilities.

The most imfamous example of an attack on a Scada system to date has been the Stuxnet worm, which is widely believed to have been created by state-sponsored malware writers,

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Shaun Nichols
About

Shaun Nichols is the US correspondent for V3.co.uk. He has been with the company since 2006, originally joining as a news intern at the site's San Francisco offices.

More on Security
What do you think?
blog comments powered by Disqus
Poll

Windows 7 end of mainstream support

What are your plans for when Microsoft ends mainstream support for Windows 7 in January 2015?
10%
9%
3%
63%
15%

Popular Threads

Powered by Disqus
LG G3 in gold black and white

LG G3 vs Galaxy S5 video

We pit the two Korean firms' flagship smartphones against each other

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv3may

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging

ibmv3may

Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Graduate Analyst Programmer - C++ or Java - London

Graduate Analyst Programmer - C++ or Java for Client...

C# Developer -Winforms, VB6 - Trading Systems - Woking

C# Developer -Winforms, VB6 - Trading Systems - Woking...

Web Developer (Web Developer (C#, MVC, HTML5, CSS3, JavaScript)

Web Developer (Web Developer (C#, MVC, HTML5, CSS3, JavaScript...

Quality Assurance Engineer - London - 42K

An exciting role for a Quality Assurance Engineer to...
To send to more than one email address, simply separate each address with a comma.