Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Bugs in SCADA software leaves 7,600 factories vulnerable

mspohr (589790) writes | about 4 months ago

1

mspohr (589790) writes "The BBC reports:
The discovery of bugs in software used to run oil rigs, refineries and power plants has prompted a global push to patch the widely used control system. The bugs were found by security researchers and, if exploited, could give attackers remote access to control systems for the installations.
The US Department of Homeland Security said an attacker with "low skill" would be able to exploit the bugs. About 7,600 plants around the world are using the vulnerable software.
"We went from zero to total compromise," said Juan Vazquez, a researcher at security firm Rapid7 who, with colleague Julian Diaz, found several holes in Yokogawa's Centum CS 3000 software which was first released to run on Windows 98 to monitor and control machinery in many large industrial installations.
The researchers also explored other SCADA software: "We ended up finding over 1,000 bugs in 100 days,""

Link to Original Source

cancel ×

1 comment

Not news (1)

nobuddy (952985) | about 4 months ago | (#46665897)

SCADA systems are old, and originally never intended to be secure as they were not internet aware.
Add to that the fact that scada controls are expensive and last nearly forever in many cases- you get a mixed bag of new and old on the same network.

Source: I used to have to deal with SCADA on gas processing plants all over the southwest up to 2008.

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...