Information Security News mailing list archives
Researchers Release New Exploits to Hijack Critical Infrastructure
From: InfoSec News <alerts () infosecnews org>
Date: Fri, 6 Apr 2012 01:40:48 -0500 (CDT)
http://www.wired.com/threatlevel/2012/04/exploit-for-quantum-plc/ By Kim Zetter Threat Level Wired.com April 5, 2012Researchers have released two new exploits that attack common design vulnerabilities in a computer component used to control critical infrastructure, such as refineries and factories.
The exploits would allow someone to hack the system in a manner similar to how the Stuxnet worm attacked nuclear centrifuges in Iran, a hack that stunned the security world with its sophistication and ability to use digital code to create damage in the physical world.
The exploits attack the Modicon Quantum programmable logic controller made by Schneider-Electric, which is a key component used to control functions in critical infrastructures around the world, including manufacturing facilities, water and wastewater management plants, oil and gas refineries and pipelines, and chemical production plants. The Schneider PLC is an expensive system that costs about $10,000.
One of the exploits allows an attacker to simply send a “stop” command to the PLC.
[...]
_______________________________________________ LayerOne Security Conference May 26-27, Clarion Hotel, Anaheim, CA http://www.layerone.org
Current thread:
- Researchers Release New Exploits to Hijack Critical Infrastructure InfoSec News (Apr 05)