Power plants, industrial concerns are vulnerable to hackers, says US security firm | Inquirer Technology

Power plants, industrial concerns are vulnerable to hackers, says US security firm

/ 02:18 PM May 20, 2011

SAN FRANCISCO (AFP) – US computer security research firm NSS Labs warned on Thursday that it uncovered new ways that hackers could sabotage power plants, oil refineries or manufacturing operations.

“This is a global problem,” NSS chief executive Rick Moy told AFP.

“There are no fixes to this right now,” he continued. “Bad guys would be able to cause real environmental and physical problems and possibly loss of life.”

Article continues after this advertisement

NSS said that it shared its findings with the US Computer Emergency Readiness Team, and was briefing legitimate industrial facilities that are at risk but was revealing little publicly for the sake of safety.

FEATURED STORIES

NSS researcher Dillon Beresford reported finding “multiple vulnerabilities” in Siemens programmable logic controllers (PLCs) used in plants worldwide to automatically regulate temperatures, pressures, turbine speeds, robot arms and more.

Those are the same devices targeted by a Stuxnet virus evidently crafted to disable an Iranian nuclear facility.

Article continues after this advertisement

While the Stuxnet virus struck at PLCs through a plant’s operating system software, Beresford discovered ways to reprogram the devices directly if they can be reached on a network, according to Moy.

Article continues after this advertisement

“The security of these systems is not what it should be,” Moy said.

Article continues after this advertisement

“Comments were made that it took a nation state millions of dollars and teams of people to create Stuxnet,” he continued. “We don’t believe that to be true; it was not that hard to create these problems.”

Beresford came up with the attacks in less than three months with a budget of $2,000 to $3,000 dollars, according to NSS.

Article continues after this advertisement

NSS has shared its findings with the US Department of Homeland Security and Germany-based Siemens, which downplayed concerns that an attack could be pulled off outside the lab, and said it was working to address the vulnerabilities.

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our daily newsletter

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

TOPICS: Computers, Hackers, security
TAGS: Computers, Hackers, security

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our newsletter!

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

© Copyright 1997-2024 INQUIRER.net | All Rights Reserved

This is an information message

We use cookies to enhance your experience. By continuing, you agree to our use of cookies. Learn more here.