Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Backdoor in mission-critical systems (Grid,etc controllers)
Risks Digest ^ | April 25, 2012 | C Y Cripps

Posted on 04/26/2012 11:19:35 AM PDT by dickmc

Article regarding alarming major Ruggedcom (Siemens) controller BACKDOOR vulnerability. These controllers are used widely in the electric grid, military, and transportation systems!

(Excerpt) Read more at catless.ncl.ac.uk ...


TOPICS: Business/Economy; Computers/Internet; Miscellaneous; Science
KEYWORDS: controller; grid; siemens; vulnerability
Like a key under a door matt, the MAC address exposed here allows hackers to tamper with this Internet-connected RuggedCom device, used to control power substations and other critical infrastructure.

That's because equipment running RuggedCom's Rugged Operating System has an undocumented account that can't be modified and a password that's trivial to crack. What's more, researchers say, for years the company hasn't bothered to warn the power utilities, military facilities, and municipal traffic departments using the industrial-strength gear that the account can give attackers the means to sabotage operations that affect the safety of huge populations of people.

Equipment running the Rugged Operating System act as the switches and hubs that connect programmable logic controllers to the computer networks used to send them commands. They may sit between the computer of a electric utility employee and the compact disk-sized controller that breaks a circuit when the employee clicks a button on her screen. To give the equipment added power, Rugged Operating System is fluent in the Modbus and DNP3 communications protocols used to natively administer industrial control and SCADA, or supervisory control and data acquisition, systems. The US Navy, the Wisconsin Department of Transportation, and Chevron are just three of the customers who rely on the gear, according to this page on RuggedCom's website.

"As a citizen and based on the customer list on their website, I know for a fact that I personally depend on this equipment every day in some way," said Justin W. Clarke, the author of the full-disclosure advisory who said he notified company officials of the backdoor 12 months ago. "The equipment is so widely installed that it would be logical to assume that something I'm doing--whether it's riding a train, using power, or walking across a cross walk--depends on this."

RuggedCom representatives didn't respond to a request for comment. This article will be updated if a response is received after its initial publication.

The above is a brief excerpt. To read the full article, go to April 25 Risks Digest: Backdoor in mission-critical hardware threatens power, traffic-control systems

1 posted on 04/26/2012 11:19:47 AM PDT by dickmc
[ Post Reply | Private Reply | View Replies]

To: dickmc

Issues like this are why industrial controllers should not be connected to the Internet under any circumstances.


2 posted on 04/26/2012 11:24:37 AM PDT by TennesseeProfessor
[ Post Reply | Private Reply | To 1 | View Replies]

To: TennesseeProfessor
Check this out: industrial SCADA Ethernet controllers

Cute, huh? Many SCADA system Ethernet interfaces are embedded within the device circuit board. So – no simple plug ‘n play fix.

3 posted on 04/26/2012 11:31:32 AM PDT by Noumenon ("I tell you, gentlemen, we have a problem on our hands." Col. Nicholson-The Bridge on the River Qwai)
[ Post Reply | Private Reply | To 2 | View Replies]

To: dickmc
Also in the article:

In acknowledging but not fixing a security vulnerability in software that's widely used to control critical infrastructure, RuggedCom joins a growing roster of companies marketing wares bitten by so-called forever-day bugs. The term, which is a play on the phrase zero-day vulnerability, refer to documented flaws in industrial systems that will never be fixed. Other members of this group include ABB, Schneider Electric, and Siemens. Indeed, RuggedCom was acquired by a Canada-based subsidiary of Siemens in March.

An independent security researcher in San Francisco, Clarke told Ars he has grown so concerned about the lack of security in industrial control systems that he's taken to ordering used gear hawked on eBay to see what kinds of vulnerabilities he can find in it. He said he spotted the Rugged OS backdoor with little trouble by analyzing an image of the RuggedCom firmware.

4 posted on 04/26/2012 11:32:24 AM PDT by dickmc
[ Post Reply | Private Reply | To 1 | View Replies]

To: TennesseeProfessor

I completely agree. Just stupid x 1,234,567,890


5 posted on 04/26/2012 11:39:40 AM PDT by Peter from Rutland
[ Post Reply | Private Reply | To 2 | View Replies]

To: dickmc

"Uh..huh huh..he said 'backdoor'..."

6 posted on 04/26/2012 12:51:36 PM PDT by JRios1968 (I'm guttery and trashy, with a hint of lemon. - Laz)
[ Post Reply | Private Reply | To 1 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson