Researchers from security firm NSS Labs cancelled a presentation on how to hack industrial computer systems after being asked by US security officials and Siemens not to share their work publicly.
Dillon Beresford of NSS Labs had originally intended to demonstrate vulnerabilities in some supervisory control and data acquisition (SCADA) systems at the Takedown conference in Dallas. SCADA systems, the cornerstones of modern industrial IT systems, allow workers to control and monitor energy grids, traffic lights and gas pipelines.
The synopsis for Beresford’s presentation – entitled “Chain reactions – hacking SCADA” – promised it would demonstrate how attackers “could penetrate even the most heavily fortified facilities in the world” as well as detailing “how to write industrial-grade malware without having direct access to the hardware”.
Attacks on SCADA systems are an emerging area of concern for cyber security researchers in the wake of the Stuxnet worm, which was found attacking Iranian nuclear facilities.
Beresford has previously conducted exhaustive research highlighting the parlous state of cyber security in China. He found even classified government networks were open to attack.