Researchers have discovered yet more security vulnerabilities in crucial equipment used by power plants, airports, factories and other critical systems. Exodus Intelligence said it has found more than 20 flaws in SCADA (supervisory control and data acquisition) software from vendors including Rockwell Automation, Schneider …
I would have expected...
...a subheading saying "Portnoy's Complaints"
Re: I would have expected...
I clearly haven't read enough Philip Roth.
Telling the companies is pointless anyhow
It's not like they even _know_ what a buffer overrun is. Let alone how to fix it.
To put it into perspective, SCADA installations use OPC, OLE for Process Control. Some systems use SQL-servers to store settings.
The state of SCADA security is dire
I suppose that means there's an opportunity here.
Time to update
A big issue with these systems is that they are not updated regularly, if at all. The systems are installed like hardware based on a certain CapEx with little interest in the OpEx needed to keep them up to date. So we end up with five year old plus software being used to control mission critical plant, partly because the hardware has a ten year plus life cycle and the people installing it are not software literate.