"Uh..huh huh..he said 'backdoor'..."
Posted on 04/26/2012 11:19:35 AM PDT by dickmc
Article regarding alarming major Ruggedcom (Siemens) controller BACKDOOR vulnerability. These controllers are used widely in the electric grid, military, and transportation systems!
(Excerpt) Read more at catless.ncl.ac.uk ...
That's because equipment running RuggedCom's Rugged Operating System has an undocumented account that can't be modified and a password that's trivial to crack. What's more, researchers say, for years the company hasn't bothered to warn the power utilities, military facilities, and municipal traffic departments using the industrial-strength gear that the account can give attackers the means to sabotage operations that affect the safety of huge populations of people.
Equipment running the Rugged Operating System act as the switches and hubs that connect programmable logic controllers to the computer networks used to send them commands. They may sit between the computer of a electric utility employee and the compact disk-sized controller that breaks a circuit when the employee clicks a button on her screen. To give the equipment added power, Rugged Operating System is fluent in the Modbus and DNP3 communications protocols used to natively administer industrial control and SCADA, or supervisory control and data acquisition, systems. The US Navy, the Wisconsin Department of Transportation, and Chevron are just three of the customers who rely on the gear, according to this page on RuggedCom's website.
"As a citizen and based on the customer list on their website, I know for a fact that I personally depend on this equipment every day in some way," said Justin W. Clarke, the author of the full-disclosure advisory who said he notified company officials of the backdoor 12 months ago. "The equipment is so widely installed that it would be logical to assume that something I'm doing--whether it's riding a train, using power, or walking across a cross walk--depends on this."
RuggedCom representatives didn't respond to a request for comment. This article will be updated if a response is received after its initial publication.
The above is a brief excerpt. To read the full article, go to April 25 Risks Digest: Backdoor in mission-critical hardware threatens power, traffic-control systems
Issues like this are why industrial controllers should not be connected to the Internet under any circumstances.
Cute, huh? Many SCADA system Ethernet interfaces are embedded within the device circuit board. So – no simple plug ‘n play fix.
In acknowledging but not fixing a security vulnerability in software that's widely used to control critical infrastructure, RuggedCom joins a growing roster of companies marketing wares bitten by so-called forever-day bugs. The term, which is a play on the phrase zero-day vulnerability, refer to documented flaws in industrial systems that will never be fixed. Other members of this group include ABB, Schneider Electric, and Siemens. Indeed, RuggedCom was acquired by a Canada-based subsidiary of Siemens in March.
An independent security researcher in San Francisco, Clarke told Ars he has grown so concerned about the lack of security in industrial control systems that he's taken to ordering used gear hawked on eBay to see what kinds of vulnerabilities he can find in it. He said he spotted the Rugged OS backdoor with little trouble by analyzing an image of the RuggedCom firmware.
I completely agree. Just stupid x 1,234,567,890
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.