back to article US reveals Stuxnet-style vuln in Chinese SCADA 'ware

The US Department of Homeland Security is warning of holes in Chinese infrastructure software which could leave factories and power stations vulnerable to hack attacks. The problems, similar to those suffered by Siemens in Iran, are within Sunway ForceControl 6.1 and pNetPower Version 6 - used to runcontrol systems for …

COMMENTS

This topic is closed for new posts.
Mushroom

http://en.wikipedia.org/wiki/Three_Gorges_Dam

How big a bang would you get if 18,000MW of turbines ramped up and down repeatedly?

1
0
Silver badge
Meh

It depends

If these are US treasury securities dammed up, quite a lot.

Also,

"The reported vulnerabilities are heap-based buffer overflows b that could result in a denial of service or the execution of arbitrary code."

Yup. It's 2011. Do you know whether your kids are programming in C?

0
0
Go

yep

and they should know

1
0
Mushroom

Hardly surprising really

...given that the Chinese have probably knocked-off Siemens' work.

Surely any US power station wouldn't be allowed install a Chinese SCADA setup due to the possibility of some naughtiness happening?

Mushroom cloud because...

0
0
Thumb Up

"wouldn't be allowed install a Chinese SCADA setup "

I haven't checked, but where do you think US PLC vendors like GE get their PLCs built and their firmware written? Not that European or Japanese PLC vendors are likely to be any different.

In the telco infrastructure sector, Chinese outfit Huawei are doing very nicely in countries where they are not blocked for political reasons.

What could possibly go wrong?

0
0

/* comment */

Any industrial equipment is liable to be vulnerable by intention. How these holes got in the cheese is another matter.

Please, buffer overflow. As above , it is 2011.

0
0
Black Helicopters

Warning shot across the bows?

Given that it is widely speculated America had a hand in crafting the stuxnet worm along with other interested parties, and that there are multiple digital type attacks on western government installations around the globe. It appears to me that America are politically highlighting to china to "backoff the cyber attacks and get your ship in order or something really bad may happen on your turf"

Obviously not worded as such, worded as a security advisory, but thats how I'm sure it would be taken.

1
0
This topic is closed for new posts.

Forums