Article 67XJY A Widespread Logic Controller Flaw Raises the Specter of Stuxnet

A Widespread Logic Controller Flaw Raises the Specter of Stuxnet

by
hubie
from SoylentNews on (#67XJY)

upstart writes:

Over 120 PLC models contain a serious vulnerability-and no fix is on the way:

In 2009, the computer worm Stuxnet crippled hundreds of centrifuges inside Iran's Natanz uranium enrichment plant by targeting the software running on the facility's industrial computers, known as programmable logic controllers. The exploited PLCs were made by the automation giant Siemens and were all models from the company's ubiquitous, long-running SIMATIC S7 product series. Now, more than a decade later, Siemens disclosed today that a vulnerability in its S7-1500 series could be exploited by an attacker to silently install malicious firmware on the devices and take full control of them.

The vulnerability was discovered by researchers at the embedded device security firm Red Balloon Security after they spent more than a year developing a methodology to evaluate the S7-1500's firmware, which Siemens has encrypted for added protection since 2013. Firmware is the low-level code that coordinates hardware and software on a computer. The vulnerability stems from a basic error in how the cryptography is implemented, but Siemens can't fix it through a software patch because the scheme is physically burned onto a dedicated ATECC CryptoAuthentication chip. As a result, Siemens says it has no fix planned for any of the 122 S7-1500 PLC models that the company lists as being vulnerable.

Siemens says that because the vulnerability requires physical access to exploit on its own, customers should mitigate the threat by assessing "the risk of physical access to the device in the target deployment" and implementing "measures to make sure that only trusted personnel have access to the physical hardware." The researchers point out, though, that the vulnerability could potentially be chained with other remote access vulnerabilities on the same network as the vulnerable S7-1500 PLCs to deliver the malicious firmware without in-person contact. [...]

Read more of this story at SoylentNews.

External Content
Source RSS or Atom Feed
Feed Location https://soylentnews.org/index.rss
Feed Title SoylentNews
Feed Link https://soylentnews.org/
Feed Copyright Copyright 2014, SoylentNews
Reply 0 comments