Share

Related Stories

  • Critical infrastructure at risk from SCADA vulnerabilities
    SCADA software, used for industrial control mechanisms in utilities, airports, nuclear facilities, manufacturing plants and the like, is increasingly a target for hackers looking to exploit what appear to be growing numbers of vulnerabilities – giving rise to fears that critical infrastructure may be at risk.
  • Researcher tracks down compromised ICS systems
    SCADA and industrial control systems’ security has been much questioned in recent months. Now one researcher shows how easy it is to find ICS systems that have already been compromised, while another warns Siemens that just fixing SCADA vulnerabilities is a treadmill, not a solution.
  • SCADA Security Inertia
    It’s no secret that SCADA systems are vulnerable to compromise, and the tools to mitigate many of the vulnerabilities are within reach. Yet, as Fred Donovan discovers, the vendors that supply these systems are often slow to react to the security issues
  • The RuggedCom SCADA OS is vulnerable
    Last Friday security researcher Justin Clarke claimed to have discovered a serious flaw in the operating system used by SCADA systems within the critical infrastructure. Now the DHS Industrial Control Systems CERT (ICS-CERT) has issued a related alert.
  • Siemens patches security flaws in SCADA systems
    Siemens has patched a number of security holes in its SIMATIC supervisory control and data acquisition (SCADA) systems, according to the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT).

Top 5 Stories

News

SCADA password-cracker targets Siemens gear

23 January 2013

SCADA vulnerabilities are once again making their frightening selves known with the revelation that a new password-cracker is specifically targeting industrial control systems.

ICS-CERT has issued a warning about an offline brute-force password tool discovered by Russian researchers, which uses a proof-of-concept (PoC) exploit code targeting Siemens S7 programmable logic controllers. The S7 controllers are used in a variety of industrial applications, including energy, water and wastewater, oil and gas, chemical, building automation and manufacturing – and as such are intrinsic pieces of critical infrastructure.

The researchers found that a password can be obtained by forcing the challenge-response data extracted from TCP/IP traffic files. An attacker must be on an adjacent network to capture this traffic. The possibility exists that the code may be modified to be used against other vendor products, ICS-CERT warned.

ICS-CERT has notified Siemens, it said, and has asked it to confirm the attack vector and identify mitigations.

ICS-CERT recommends that users take defensive measures to lessen the risk of exploitation, by minimizing network exposure for all control system devices. Control system devices should not directly face the internet, most certainly. Also, SCADA administrators should locate control system networks and devices behind firewalls, and isolate them from the business network.

If remote access is required, ICS-CERT said to employ secure methods, such as a VPN, but noted that admins should recognize that a VPN is only as secure as the connected devices.

SCADA software, used for industrial control mechanisms in utilities, airports, nuclear facilities, manufacturing plants and the like, is increasingly a target for hackers looking to exploit what appears to be a growing numberof vulnerabilities – giving rise to fears that critical infrastructure may be at risk.

“With SCADA software being primarily responsible for critical operations and national infrastructures, an attack of this nature could not only result in the loss of data, but can also cause damage to physical assets and in certain scenarios, the loss of life,” said Ross Brewer, vice president and managing director International Markets at LogRhythm, in an email to Infosecurity. “As such it’s no surprise that arguably most notorious cyber attacks of the past couple of years – such as the Stuxnet and Flame viruses – have been SCADA breaches.”

This is not the first time that Siemens has been targeted specifically. In July 2012 the German industrial giant plugged a dynamic link library (DLL) hijacking vulnerability in SIMATIC STEP 7 and PCS 7 software, which are used to configure the same S7 programmable logic controllers that the password-cracker is targeting. 

This article is featured in:
Identity and Access Management  •  Industry News  •  Internet and Network Security  •  IT Forensics  •  Malware and Hardware Security  •  Public Sector

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×