Slashdot Mirror

← Back to Stories (view on slashdot.org)

Siemens SCADA Flaws To Be Disclosed At Black Hat

Posted by timothy on from the infra-infrastructure dept.

itwbennett writes "In May, NSS Labs Researcher Dillon Beresford pulled out of a Dallas hacking conference at the last minute when Siemens was unable to fix problems he'd found in the firmware of its S7 programmable logic controller. Now NSS Labs CEO Rick Moy says Beresford is rescheduled to deliver his talk at Black Hat, which runs Aug. 2-3. Beresford has discovered six vulnerabilities in the S7 that 'allow an attacker to have complete control of the device,' Moy said. Devices like the S7 do things such as control how fast a turbine spins or open gates on dams."

2 of 101 comments (clear)

  1. ... or open gates... by c0lo · · Score: 3, Interesting

    Devices like the S7 do things such as control how fast a turbine spins or open gates of doom.

    FTFY

    --
    Questions raise, answers kill. Raise questions to stay alive.
  2. PLC security? by Anonymous Coward · · Score: 1, Interesting

    I work with PLCs (Programmable Logic Controllers like the article mentions) and to be honest it's news to me that they even HAVE security.

    Most PLCs will accept any data table read/write, any programming command and any firmware update without any authentication whatsoever. Also the SCADA system (the visualisation system which talks to the plant's PLCs) will typically run on Windows XP, usually without any service packs/patches, no antivirus, and often the Windows firewall disabled. "Security" on a SCADA is typically implemented only by disabling mouse events on the client-side command button if the operator does not have appropriate access level.