Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Vulnerabilities in some SCADA server softwares
From: "J. Oquendo" <sil () infiltrated net>
Date: Wed, 23 Mar 2011 16:10:43 -0400

On 3/23/2011 11:27 AM, Kent Borg wrote:
Would I install a stack of SCADA upgrades to *my* functioning
factory?  Maybe not.

Scary, scary stuff.

Security needs to be designed in, implemented carefully each step
along the way, and reviewed.  Instead people with "security" in their
job title so often seem to think security is firewalls, buying
anti-virus support contracts, and requiring use of MS Outlook and
Internet Explorer.


-kb, the Kent who will shut up now.


This is a big fact that many are overlooking. Regardless if the vendor
is a complete and utter moron, patches don't come easy for these
systems. Secondly, many of these systems are very old and are being
"propped' up by new software. There is no running out to deploy PLCs
that can fail because of a glitch.

Security wasn't a factor in the 50s, 60s, 70s and so on as it has become
now. No one foresaw that by even sending one too many ICMPs at a modbus
would crash it. THIS is the reality of SCADA systems. It has nothing to
do with "hiding the bugs hoping they will go away." It isn't about:
"they attacked Linux, then Windows, now SCADA" boo-hooisms. Completely
separate playing field.

Sure these need to be designed properly however the reality is, many of
these systems are old. Many of these systems control the quality of the
water we drink, the pollution leaving a plant, the power being
generated. This isn't: "release it... make em fix it fast... that'll
teach them." I wonder how the author would feel if say a water treatment
plant in his area was affected causing all the water around him to be toxic.

-- 

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT, RWSP

"It takes 20 years to build a reputation and five minutes to
ruin it. If you think about that, you'll do things
differently." - Warren Buffett

42B0 5A53 6505 6638 44BB  3943 2BF7 D83F 210A 95AF
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x2BF7D83F210A95AF


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]