FACT CHECK: SCADA Systems Are Online Now. Follow-Up Article: SCADA: Air Gaps Do Not Exist A recent "Fact Check" by Scot Terban requires some fact checking.
In his post, he basically shows that he has no idea how many SCADA systems are online. Scot stated "How about the fact that said systems are connected to the internet on a regular basis and SCADA aren’t", well this is a flaw and error of epic magnitude. The fact is, nearly everything is connected now. Experts warn of holes in critical SCADA software. By Reuters Posted on 17 Jun 2011 at 08:39 Chinese software used to run weapons systems, utilities and chemical plants has bugs that hackers could exploit to damage public infrastructure, according to the Department of Homeland Security.
The department issued an advisory warning of vulnerabilities in software applications from Beijing-based Sunway ForceControl Technology saying that hackers could exploit them to launch attacks on critical infrastructure. Sunway's products, widely used in China, are also deployed to a lesser extent in other countries, including Western powers. "These are vulnerabilities that hackers could leverage to cause destruction," said Dillon Beresford, a researcher with private security firm NSS Labs, who discovered the bugs. Siemens fixes SCADA holes found by hacker.
High performance access to file storage Siemens has patched security vulnerabilities in its widely used Simatic S7 industrial computer system that made it possible for attackers to disrupt or sabotage operations at gas refineries, chemical plants and other critical facilities.
In an advisory (PDF) issued on Friday, the Industrial Control Systems Cyber Emergency Response Team said the Siemens update fixed a “portion” of the vulnerabilities discovered in the S7-1200 PLC, or programmable logic controller, by NSS Labs researcher Dillon Beresford. Last month, he and a colleague cancelled a scheduled talk about critical vulnerabilities in the PLC following requests by the German manufacturer and officials from the US Department of Homeland Security. A separate advisory issued by Siemens said the updated firmware fixed two vulnerabilities. A second vulnerability allowed attackers to shut down a controller by overloading the communications it receives.
First true SCADA-specific malware detected. Back in 1999, when I ran then-governor Jeb Bush's statewide Y2K awareness and remediation effort, I first happened to learn about SCADA systems.
What is SCADA, you ask? SCADA stands for Supervisory Control and Data Acquisition. SCADA systems basically are remotely-activated and remotely-operated devices that perform certain specialized functions. SCADA systems are used, for example, to monitor, open and close freshwater pumps; operate wastewater pumping systems; perform routine functions in power plants; perform functions in manufacturing plants, refineries, and other facilities; and monitor the next-generation electric "smart grid" that is becoming so popular these days. Removing SCADA worm could disrupt power plants. Top 10 endpoint backup mistakes Siemens has made a program available for detecting and disinfecting malware attacking its software used to control power grids, gas refineries, and factories but warned customers who use it could disrupt sensitive plant operations.
The Munich-based engineering company on Thursday began distributing Sysclean, a malware scanner made by Trend Micro. It has been updated to remove Stuxnet, a worm that spreads by exploiting two separate vulnerabilities in Siemens's SCADA, or supervisory control and data acquisition, software and every supported version of Microsoft Windows. “As each plant is individually configured, we cannot rule out the possibility that removing the virus may affect your plant in some way,” Siemens warned. Siemens: Removing SCADA worm may harm industrial systems. News By Robert McMillan July 22, 2010 03:15 PM ET IDG News Service - Removing a dangerous worm that targets industrial systems could disrupt plant operations, Siemens Industry warned customers Thursday.
The warning came as Siemens released a new tool that finds and removes the malicious software along with a full-fledged security update for its SCADA (supervisory control and data acquisition) management products. Siemens on Thursday released the update along with the tool, developed by security vendor TrendMicro. The worm was identified by security vendor VirusBlokAda last month. Called Stuxnet, the worm is the first publicly identified piece of malware to target SCADA computers, which are used to control things such as manufacturing plants and utility systems. Siemens doesn't know who built the worm, but is investigating and plans to pursue the matter to the "full extent of the law," the company said on its website. After delay, hacker to show flaws in Siemens industrial gear. June 06, 2011, 8:20 PM — A security researcher who says he's found serious problems with Siemens computers used in power plants and heavy industry is now expecting to go public with his research at the Black Hat security conference in Las Vegas.
In May, NSS Labs Researcher Dillon Beresford pulled out of a Dallas hacking conference at the last minute when Siemens was unable to fix problems he'd found in the firmware of its S7 programmable logic controller. After consulting with Siemens and the U.S. Department of Homeland security, NSS decided that it was simply too dangerous to go public with its information before a patch could be fully developed. The systems Beresford had hacked are used to run power and chemical plants, some of which could be damaged if they were hit by a computer attack. Now NSS Labs CEO Rick Moy says Beresford is rescheduled to deliver his talk at Black Hat, which runs Aug. 2-3.