Siemens squashes Stuxnet-like bugs in SCADA kit
Siemens has corked vulnerabilities in its industrial control kit similar to those exploited by the infamous Stuxnet worm. Security bugs on the German manufacturer's Simatic Step 7 and Simatic PCS 7 SCADA control software created a means to load malicious dynamic-link library (DLL) files. This is the type of flaw exploited by the …
This topic is closed for new posts.
Will the Iranians get the fixes?
IIRC, a Siemens spokesman said that they had not supplied Simatic and the associated kit to Iran - so, I wonder if the Iranians will get the fixes.
Re: Will the Iranians get the fixes?
They'll get them from tpb ;P
Re: Will the Iranians get the fixes?
Much more fun to get them all paranoid by suggesting that, now that it is known what SCADA kit the Iranians are using, the Big Bad Great Satan might have put pressure on Siemens to put a backdoor into the update....
Re: Will the Iranians get the fixes?
With the 'quality' of software design used by Siemens, and the reliance on Windows with its ever so helpful reboot-on-most-patches behaviour on a 24/7 application, I don't think there is any need to add one more custom orifice to the collection!
Re: Will the Iranians get the fixes?
Even though Siemens is not directly involved with the Iranians, they surely have a subcontracted subcontractor somewhere. All so obscured no one can find the connection.
"a means for hackers to get into targeted systems using default credentials."
Epic fail.
That is all.
really? they finally found their hole(s)??
one would think that this would have been a top priority but obviously it isn't... but then again, they are providing tech to those who seek to use it for gains that others are attempting to prevent them from gaining... can we say catch22? or maybe we should be questioning the act of selling this tech to those with these goals in mind? of course, on the path to a one society world, this is something completely different... or is it? can we spell "coldwar"?
I've got a question
How can a SCADA system be allowed to become infected? Why would anyone use Microsoft software where security is important? ok, that's two questions.
This topic is closed for new posts.
