A security researcher has lambasted Scada appliance vendors over what he says is extremely weak security in the industrial software platforms.
Aaron Portnoy, vice president of research for security firm Exodus Intelligence, said that finding flaws in platform was extremely easy and likened attacking Scada appliances with zero-day flaws to hunting a "small flightless bird".
Portnoy's bird comparison struck him while celebrating the Thanksgiving holiday. The researcher said that while preparing the meal, he took a look into the protections built into many Scada appliances.
"On Thanksgiving day I had a morning’s worth of time to wait for a turkey to cook," he explained, "so I decided to take a shot at finding as many Scada zero-day vulnerabilities as possible."
Over the course of the day, Portnoy said that he was able to uncover some 23 vulnerabilities. The flaws included eight remote code execution bugs, 13 denial of service flaws and several other bugs for arbitrary file downloads and flaws which could be used to launch other vulnerable applications.
The report could cast further doubt on an already tenuous security picture for Scada appliances and other industrial systems. Researchers have long warned that as infrastructure systems are brought online, systems which had not been designed with security in mind would be highly vulnerable.
Attacking such systems could allow third parties to cripple infrastructure networks, potentially leading to power and utility outages.
Portnoy noted that performing such attacks could prove even easier than previously believed, due to the prevalence of software flaws.
"The most interesting thing about these bugs was how trivial they were to find. The first exploitable zero-day took a mere seven minutes to discover from the time the software was installed," Portnoy said.
"For someone who has spent a lot of time auditing software used in the enterprise and consumer space, Scada was absurdly simple in comparison."
The help improve the security of industrial systems, Portnoy is hoping to open lines of communication with ICS-Cert to gain access to industrial control software and provide vendors with better audits and assessments of possible security vulnerabilities.
The most imfamous example of an attack on a Scada system to date has been the Stuxnet worm, which is widely believed to have been created by state-sponsored malware writers,
Wikileaks Vault 7 suspect Joshua Schulte fingered by FBI after re-using smartphone passwords on his PCs
Joshua Schulte indicted on 13 counts relating to Vault 7 leaks and trading in images of child abuse
Alexa for Hospitality will link with existing systems so guests can order room service and control the air con
Massive volcanic eruptions could have warmed Mars' surface sufficiently for oceans to form
Examination of fruit flies' brains generated more than one billion data points for scientists to analyse