[ISN] Gas refineries at Defcon 1 as SCADA exploit goes wild

From: InfoSec News <alerts_at_private>
Date: Tue, 9 Sep 2008 03:20:42 -0500 (CDT)
http://www.theregister.co.uk/2008/09/08/scada_exploit_released/

By Dan Goodin in San Francisco
The Register
8th September 2008

Gasoline refineries, manufacturing plants and other critical facilities 
that rely on computerized control systems just became more vulnerable to 
tampering or sabotage with the release of attack code that exploits a 
security flaw in a widely used piece of software.

The exploit code, published over the weekend as a module to the 
Metasploit penetration testing tool kit, attacks a vulnerability that 
resides in CitectSCADA, software used to manage industrial control 
mechanisms known as SCADA, or Supervisory Control And Data Acquisition, 
systems. In June, the manufacturer of the program, Australia-based 
Citect, and Computer Emergency Response Teams (CERTs) in the US, 
Argentina and Australia warned the flawed software could put companies 
in the aerospace, manufacturing and petroleum industries at risk from 
outsiders or disgruntled employees [1].

The exploit was created by Kevin Finisterre, the director of penetration 
testing at security firm Netragard. He said he decided to release the 
code following conflicting statements by Citect about the severity of 
the flaw. As a result, he said, organizations that use CitectSCADA were 
confused about whether they were truly vulnerable.

"In reality, I would be willing to wager a small fortune that most of 
the folks that received the Citect advisory were not inspired to take 
immediate action," Finisterre wrote in this paper [2] published to the 
Milw0rm website. "In general, no one should be more knowledgeable about 
a software product than the vendor, so if the vendor pulls an Alfred E. 
Newman and says 'What, me worry?' you can rest assured the userbase will 
do the same."

[1] http://www.theregister.co.uk/2008/06/12/scada_vuln_discovered/ 
[2] http://www.milw0rm.com/papers/221

[...]


__________________________________________________      
Register now for HITBSecConf2008 - Malaysia! With 
a new triple-track conference featuring 4 keynote 
speakers and over 35 international experts, this 
is the largest network security event in Asia and 
the Middle East! 
http://conference.hackinthebox.org/hitbsecconf2008kl/
Received on Tue Sep 09 2008 - 01:20:42 PDT

This archive was generated by hypermail 2.2.0 : Tue Sep 09 2008 - 01:33:49 PDT