New SCADA Vulnerabilities Come With a YouTube Video

By Robert Vamosi | 11/26/12 2:11 AM

A Malta-based security company that sells 0-days to vendors has released a Vimeo video highlighting vulnerabilities the company has discovered in various SCADA software systems.

Read More >

Analyzing ICS/SCADA Cyber Attacks

By Robert Vamosi | 11/14/12 2:17 AM

Researchers, looking at seven years of data, have concluded that Industrial Control Systems are vulnerable to cyber attacks in the near and foreseeable future.

Read More >

Kaspersky Authors SCADA OS

By Robert Vamosi | 10/16/12 6:14 AM

Recent against SCADA and industrial-control systems have lead one security researcher to create a secure OS of his own.

Read More >

Increasing Use Of Public Cellular Networks In ICS/SCADA

By Robert Vamosi | 4/27/12 2:01 AM

At the recent Midwest Energy Association Summit, discussion broke out about "negotiating private cellular communications versus dependence on fully public networks" among the ICS/SCADA operators present. Many, apparently, are installing their own femtocell and microcell deployments, despite the costs and regulatory issues around frequency bandwidth and use.

Read More >

Langner: Stuxnet Is a Stealth Control System

By Robert Vamosi | 1/18/12 3:59 AM

Speaking at the S4ICS conference in Miami, FL on Wednesday, Ralph Langner described Stuxnet as a long-term Man-in-the-Middle attack rather than a short-term virus attack.

Stuxnet is a two-step malware product that first infects Windows systems, then attacks Siemens System 7 PLC units, such as those being used in Iran for nuclear research. Langner, a security researcher who knows more about Stuxnet code than practically anyone else, was quoted as saying, "we are 100 percent confident that Stuxnet's target was the Natanz enrichment plant in Iran."

Read More >

Remote SCADA Vulnerabilities Hit Schneider Electric

By Robert Vamosi | 12/14/11 4:43 AM

On Monday, a security researcher published new vulnerabilities affecting remote access to the “NOE 771” devices manufactured by Schneider Electrics, one of the world's largest manufacturer of SCADA system devices. The vulnerabilities prompted the ICS-CERT to issue an alert.

Rubén Santamarta (a.k.a. "Reverse Mode"), a 29-year old European-based independent security researcher who previously showed how to hack into the Large Hadron Collider at CERN, said that he was able to attack these devices remotely after first locating vulnerable NOE 771 devices through the SHODAN search engine and then downloading the firmware from Schneider Electric. After reverse engineering the firmware update, Santamarta found he could load a trojanized firmware update, use non-documented hidden accounts, and use other non-documented functionalities. The trouble is in how the devices access remote access commands.

Read More >

Rockwell To Patch SCADA Flaw Soon

By Robert Vamosi | 9/23/11 5:36 AM

Within the next seven days, Rockwell Automation will release a patch for a supervisory control and data acquisition (SCADA) vulnerability first made public last Friday.

Read More >

SCADA Vulnerabilities Continue

By Robert Vamosi | 9/20/11 5:58 AM

Security researcher Luigi Auriemma has unearthed a few more SCADA vulnerabilities, most affect the Human–machine interface (HMI) systems. As a result US-CERT has published alerts much like this one for all of Auriemma's new vulnerabilities. This is becoming a standard drill for the ICS industry.

In March 2011, Auriemma published thirty-some vulnerabilities after claiming he had no prior experience with SCADA systems. In June, Siemens patched vulnerabilities posted by Dillon Breseford.

Read More >

"War-Texting" Car Alarms

By Robert Vamosi | 7/26/11 3:25 AM

Researcher Don Bailey of iSec Partners has been cataloging devices communicating through cellular networks for some time. Earlier this year he showed how simple devices designed to report your location can be spoofed, almost trivially, through text messaging. Now Bailey is back with a new presentation at next week's Black Hat USA, where he plans to show how car alarms can fall victim to similar attacks. Car alarms are vulnerable in part because they receive messages from a control server on Internet-ready cellular networks.

Read More >

Black Hat USA To Show SCADA Flaw

By Robert Vamosi | 6/8/11 3:03 AM

The researcher who found a PLC vulnerability within the Siemens’ Step7 will present his findings at the annual Black Hat USA to be held August 2-3, in Las Vegas, Nevada.

In May, NSS security researcher Dillion Breseford pulled his talk from TakeDownCon in Dallas after requests from the vendor and the Department of Homeland Security. But, after a few days with Siemens downplaying the severity of the attack, Breseford lashed out at the vendor's statement that the attack could only be carried out using special equipment.

Read More >