http://www.wired.com/threatlevel/2010/07/siemens-scada/ By Kim Zetter Threat Level Wired.com July 19, 2010 A sophisticated new piece of malware that targets command-and-control software installed in critical infrastructures uses a known default password that the software maker hard-coded into its system. The password has been available online since at least 2008, when it was posted to product forums in Germany and Russia. The password protects the database used in Siemens' Simatic WinCC SCADA system, which runs on Windows operating systems. SCADA, short for "supervisory control and data acquisition," systems are programs installed in utilities and manufacturing facilities to manage the operations. SCADA has been the focus of much controversy lately for being potentially vulnerable to remote attack by malicious outsiders who might want to seize control of utilities for purposes of sabotage, espionage or extortion. "Default passwords are and have been a major vulnerability for many years," said Steve Bellovin, a computer scientist as Columbia University who specializes in security issues. "It's irresponsible to put them in, in the first place, let alone in a system that doesn't work if you change it. If that's the way the Siemens systems works, they were negligent." Siemens did not respond to a request for comment. [...] _________________________________________________________________ Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada July 24-29th, offering over 60 training sessions and 11 tracks of Briefings from security industry elite. To sign up visit http://www.blackhat.comReceived on Wed Jul 21 2010 - 00:54:29 PDT
This archive was generated by hypermail 2.2.0 : Wed Jul 21 2010 - 01:02:56 PDT