New vulnerabilities revealed in SCADA systems
Industrial control systems revealed to be even less secure than thought, provoking fears of a new Stuxnet-style attack
Nuclear power stations and other heavy industries are more at risk from cyber attack than ever, as researchers have discovered dozens of new vulnerabilities.
It has been shown that the software that controls SCADA (Supervisory Control and Data Acquisition) systems can be hacked to reveal data or even disrupt or damage machinery.
SCADA software written by Siemens was targeted by the Stuxnet worm last year, and there are widespread fears that a similar attack could be launched this year.
Security researcher Luigi Auriemma posted information on his website about the vulnerabilities, including six for Siemens FactoryLink. This software monitors, supervises, and controls various industrial processes.
Auriemma described the bug: "All the file operations allow [the hacker] to specify arbitrary files and directories, and it's possible for an attacker to download any remote file on the server. Obviously it's possible also to specify directory traversal paths."