DefCon: Flaw Exposes SCADA Hack Threat

["Paul Ferguson" <fergdawg () netzero net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Via MSNBC (AP).

[snip]

Terrorists and other criminals could exploit a newly discovered software
flaw to hijack massive computer systems used to control critical
infrastructure like oil refineries, power plants and factories, a
researcher said Saturday.

Ganesh Devarajan, a security researcher with 3Com Corp.'s TippingPoint in
Austin, Texas, demonstrated the software vulnerability he uncovered to
attendees at the Defcon hacker conference on computer security.

The software is used to manage supervisory control and data acquisition, or
SCADA, systems — computers that regulate the functioning of such
important infrastructure as oil and gas pipelines, water treatment and
power transmission facilities and the giant factories used by large
technology companies.

The flaw could crash certain SCADA computer systems, particularly older
ones, Devarajan said. The intrusion works by attacking sensors within the
facilities that are linked to the Internet through unencrypted connections.

[snip]

More:
http://www.msnbc.msn.com/id/20128089/

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.2 (Build 2014)

wj8DBQFGtggQq1pz9mNUZTMRAhaCAKDQXUbkqegAfP+4twrPXZs3m/64YQCfdGP1
+E5QJfXcnpvZrAMtUuTFoxQ=
=h0Ho
-----END PGP SIGNATURE-----


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.