Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Researchers Release New Exploits to Hijack Critical Infrastructure

From: InfoSec News <alerts () infosecnews org>
Date: Fri, 6 Apr 2012 01:40:48 -0500 (CDT)
http://www.wired.com/threatlevel/2012/04/exploit-for-quantum-plc/

By Kim Zetter
Threat Level
Wired.com
April 5, 2012
Researchers have released two new exploits that attack common design vulnerabilities in a computer component used to control critical infrastructure, such as refineries and factories.
The exploits would allow someone to hack the system in a manner similar to how the Stuxnet worm attacked nuclear centrifuges in Iran, a hack that stunned the security world with its sophistication and ability to use digital code to create damage in the physical world.
The exploits attack the Modicon Quantum programmable logic controller made by Schneider-Electric, which is a key component used to control functions in critical infrastructures around the world, including manufacturing facilities, water and wastewater management plants, oil and gas refineries and pipelines, and chemical production plants. The Schneider PLC is an expensive system that costs about $10,000.
One of the exploits allows an attacker to simply send a “stop” command to the PLC. 

[...]


_______________________________________________
LayerOne Security Conference
May 26-27, Clarion Hotel, Anaheim, CA
http://www.layerone.org
Previous By Date Next
Previous By Thread Next

Current thread: