funsec mailing list archives

Re: SCADA Systems Vulnerabilities Exposed

From: "Daniel H. Renner" <dan () losangelescomputerhelp com>
Date: Thu, 10 May 2007 10:11:00 -0700

Back in early 2000 my neighbor worked for the testing shop of theBurbank Power Department.

He complained to me about the switch from VMS to NT systems running theSCADA system, and how slow and clumsy the new system was.

And in that same time period we saw errors in an NT system sinking a USNavy ship, so why would it be surprising that the new SCADA system isany better off?



Sincerely,

Daniel H. Renner
President
Los Angeles Computerhelp
A division of Computerhelp, Inc.
818-352-8700
http://losangelescomputerhelp.com



funsec-request () linuxbox org wrote:
Date: Thu, 10 May 2007 05:12:29 GMT
From: "Fergie" <fergdawg () netzero net>
Subject: [funsec] SCADA Systems Vulnerabilities Exposed
To: funsec () linuxbox org
Message-ID: <20070509.221239.725.1316340 () webmail18 lax untd com>
Content-Type: text/plain

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Via the InfoWorld "Zero Day Security" Blog.

[snip]

Ironically, as I was busy piecing-together Tuesday's story on
infrastructure systems security trends, I missed the fact that researchers
were reporting what are believed to be the first remotely-exploitable
vulnerabilities in so-called Supervisory Control And Data Acquisition
(SCADA) systems.

In essence, the research forwards tangible proof of remotely exploitable
flaws in products used to manage facilities such as oil and gas refineries,
electrical power grids and nuclear power plants.

According to researchers with industrial security specialists Neutralbit,
based in Barcelona, Spain, the company has uncovered five different
problems in the OPC protocol -- the OLE (Object Linking and Embedding) for
Process Control industry standard -- which is used to help foster
communication of plant data between control devices made by different
manufacturers.

The vulnerabilities, present in a number of systems, could allow for a
range of different performance-sapping or denial-of-service type attacks on
affected SCADA operations, Neutralbit reported.

[snip]

More:
http://weblog.infoworld.com/zeroday/archives/2007/05/infrastructure.html

Note [1]: Neutralbit "specializes" in security services, so face
value. However, if this is indeed an issue, kudos to them for
researching it, and finding the vulnerabilities.

Note [2]: Would _you_ use a an OLE (Microsoft) technology for critical
infrastructure?

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.1 (Build 1012)

wj8DBQFGQqm4q1pz9mNUZTMRAogsAKDE5jlUgl98NMHpkIVIE5Q5qdQpEACff4It
WPMzkwN3kEpKyRP/yeVrA6Q=
=Z4aB
-----END PGP SIGNATURE-----

--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/

Attachment: dan.vcf
Description:

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

SCADA Systems Vulnerabilities Exposed Fergie (May 09)
- <Possible follow-ups>
- Re: SCADA Systems Vulnerabilities Exposed Fergie (May 09)
  - Re: SCADA Systems Vulnerabilities Exposed Brian Loe (May 10)
- Re: SCADA Systems Vulnerabilities Exposed Daniel H. Renner (May 10)