Slashdot Mirror

← Back to Stories (view on slashdot.org)

Private Key Found Embedded In Major SCADA Equipment

Posted by Soulskill on from the you-didn't-think-this-through dept.

sl4shd0rk writes "RuggedOS (A Siemens Subsidiary of Flame and Stuxnet fame), an operating system used in mission-critical hardware such as routers and SCADA gear, has been found to contain an embedded private encryption key (PDF). Now that all affected RuggedCom devices are sharing the same key, a compromise on one device gets you the rest for free. If the claims are valid, systems in use which would be affected include U.S. Navy, petroleum giant Chevron, and the Wisconsin Department of Transportation. The SCADA gear which RuggedOS typically runs on is often connected to machinery controlling electrical substations, traffic control systems, and other critical infrastructure. This is the second security nightmare for RuggedCom this year, the first being the discovery of a backdoor containing a non-modifiable account."

5 of 105 comments (clear)

  1. Rule One by ColdWetDog · · Score: 5, Funny

    Never, ever, name any software "Rugged".

    You're just asking for it.

    --
    Faster! Faster! Faster would be better!
    1. Re:Rule One by SnoopJeDi · · Score: 5, Funny

      Is that why there are so many hookers named Chastity?

  2. What?? by Anonymous Coward · · Score: 1, Funny

    What the fuck is wrong with people? Don't they know we live in a post-PC world? Just throw that old gear on the trashpile of history where it belongs and buy everybody iPads. Problem solved.

    L /thread

  3. Re:Simens is suicidal by fuzzyfuzzyfungus · · Score: 5, Funny

    And all that from a German company.

    Well, to be fair, the alloy chosen, the temper, and tooling tolerances, on the shared private key were damn beautiful...

  4. Re:what goes around comes around by fuzzyfuzzyfungus · · Score: 3, Funny

    Are you saying that Snow Mexicans are behind this threat?