New vulnerabilities revealed in SCADA systems

By Stuart Sumner
22 Mar 2011 View Comments
German industrial sector attracts investment

Nuclear power stations and other heavy industries are more at risk from cyber attack than ever, as researchers have discovered dozens of new vulnerabilities.

It has been shown that the software that controls SCADA (Supervisory Control and Data Acquisition) systems can be hacked to reveal data or even disrupt or damage machinery.

Further reading

SCADA software written by Siemens was targeted by the Stuxnet worm last year, and there are widespread fears that a similar attack could be launched this year.

Security researcher Luigi Auriemma posted information on his website about the vulnerabilities, including six for Siemens FactoryLink. This software monitors, supervises, and controls various industrial processes.

Auriemma described the bug: "All the file operations allow [the hacker] to specify arbitrary files and directories, and it's possible for an attacker to download any remote file on the server. Obviously it's possible also to specify directory traversal paths."

Reader comments
blog comments powered by Disqus
Newsletters
Windows 10 - will you upgrade?

Microsoft has made an early version of Windows 10 - its next operating system - available for download. The OS promises better integration and harmonisation across platforms, including mobile and desktop. Will your business be upgrading?

27 %
43 %
10 %
20 %