Control systems vulnerabilities revealed at Black Hat 2015
Researchers have disclosed critical vulnerabilities in technologies that are actively used in industrial control systems, such as in substations, factories, refineries, ports and other areas of industrial automation.
Announced at the Black Hat USA 2015 conference, the flaws currently reside in systems that could facilitate shutdown of a plant or process, or force an industrial control system into an unknown and hazardous state.
Researcher Robert M Lee, a co-founder of Dragos Security and active-duty US Air Force Cyber Warfare Operations Officer, said that he believed with "great confidence" that these attacks are happening in the wild, but that they were most likely going overlooked because simply, "folks aren't noticing".
The researchers described that these industrial systems can be compromised by a man-in-the-middle (MITM) attack to cause havoc on live processes — sending wrong, spoofed, fake or incorrect data.
The problems rely in the fact that industrial system protocols generally lack authentication or cryptographic integrity; the researchers listed a smorgasbord of attack vectors, including unauthenticated updates, CSS attacks, clear text passwords and much more.
Their presentation, Switches Get Stitches, focuses on the DCS, PCS, ICS and SCADA switches of four vendors: Siemens, GE, Garrettcom and Opengear.
In their presentation, they go over 11 vulnerabilities, across five different products families, belonging to the four vendors — though the researchers stressed that the problems they're finding are not limited to these vendors.
The researchers said that they are only showing 11 vulnerabilities because they didn't have enough time to present more.
While the researchers said the vulnerabilities have been responsibly disclosed to the vendors, SCADA/ICS patching in live environments tends to take 1–3 years — and these fixes need to happen ASAP.
Because of this patching lag, the researchers are providing live mitigations that owners and operators can use immediately to protect themselves.
Researcher Eireann Leverett said they want to dispel the perception that people are helpless in light vulnerabilities, and the notion that we must wait for vendors to save us. "Defence is doable," he said.
"We shouldn't have to rely on vendors to patch."
For those interested, the presentation slides can be accessed at the Black Hat 2015 briefings page.
Rockwell Automation and Microsoft expand cloud and AI partnership
Rockwell and Microsoft have announced an expanded strategic collaboration that includes new cloud...
TNA's industrial XR brings Industry 5.0 to food manufacturers
Food processing and packaging technology company TNA Solutions has launched an immersive,...
Siemens updates TIA Portal
TIA Portal Version 20 focuses on performance and efficiency enhancements for users.