The US Department of Homeland Security is warning of holes in Chinese infrastructure software which could leave factories and power stations vulnerable to hack attacks. The problems, similar to those suffered by Siemens in Iran, are within Sunway ForceControl 6.1 and pNetPower Version 6 - used to runcontrol systems for …
How big a bang would you get if 18,000MW of turbines ramped up and down repeatedly?
If these are US treasury securities dammed up, quite a lot.
"The reported vulnerabilities are heap-based buffer overflows b that could result in a denial of service or the execution of arbitrary code."
Yup. It's 2011. Do you know whether your kids are programming in C?
and they should know
Hardly surprising really
...given that the Chinese have probably knocked-off Siemens' work.
Surely any US power station wouldn't be allowed install a Chinese SCADA setup due to the possibility of some naughtiness happening?
Mushroom cloud because...
"wouldn't be allowed install a Chinese SCADA setup "
I haven't checked, but where do you think US PLC vendors like GE get their PLCs built and their firmware written? Not that European or Japanese PLC vendors are likely to be any different.
In the telco infrastructure sector, Chinese outfit Huawei are doing very nicely in countries where they are not blocked for political reasons.
What could possibly go wrong?
/* comment */
Any industrial equipment is liable to be vulnerable by intention. How these holes got in the cheese is another matter.
Please, buffer overflow. As above , it is 2011.
Warning shot across the bows?
Given that it is widely speculated America had a hand in crafting the stuxnet worm along with other interested parties, and that there are multiple digital type attacks on western government installations around the globe. It appears to me that America are politically highlighting to china to "backoff the cyber attacks and get your ship in order or something really bad may happen on your turf"
Obviously not worded as such, worded as a security advisory, but thats how I'm sure it would be taken.
- JLaw, Kate Upton exposed in celeb nude pics hack
- Google flushes out users of old browsers by serving up CLUNKY, AGED version of search
- China: You, Microsoft. Office-Windows 'compatibility'. You have 20 days to explain
- GCHQ protesters stick it to British spooks ... by drinking urine
- Twitter declines to deny JLaw tweet scrubdown after alleged iCloud NAKED PHOTOS hack