[ISN] Metasploit and SCADA exploits: dawn of a new era?

From: InfoSec News <alerts_at_private>
Date: Thu, 4 Nov 2010 23:26:44 -0600 (CST)

By Ryan Naraine 
Zero Day
ZDNet News
November 4, 2010

Guest editorial by Shawn Merdinger

On 18 October, 2010 a significant event occurred concerning threats to 
SCADA (supervisory control and data acquisition) environments.

That event is the addition of a zero-day exploit for the RealFlex 
RealWin SCADA software product into the Metasploit repository.  Here are 
some striking facts about this event:

   1. This was a zero-day vulnerability that unfortunately was not 
      reported publicly, to a organization like ICS-CERT or CERT/CC, or 
      (afaik) to the RealFlex vendor.

   2. This exploit was not added to the public Exploit-DB site until 27 
      October, 2011.

   3. The existence of this exploit was not acknowledged with a ICS-CERT 
      advisory until 1 November, 2010.

   4. This is the first SCADA exploit added to Metasploit.

So what are the lessons learned and takeaways from this seminal event?


Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
Received on Thu Nov 04 2010 - 22:26:44 PDT

This archive was generated by hypermail 2.2.0 : Thu Nov 04 2010 - 22:34:52 PDT