After delay, hacker to show flaws in Siemens industrial gear

NSS Labs says it will disclose Siemens flaws at Black Hat, after holding back its research for security reasons

By , IDG News Service |  Security, Black Hat, NSS Labs

A security researcher who says he's found serious problems with Siemens computers used in power plants and heavy industry is now expecting to go public with his research at the Black Hat security conference in Las Vegas.

In May, NSS Labs Researcher Dillon Beresford pulled out of a Dallas hacking conference at the last minute when Siemens was unable to fix problems he'd found in the firmware of its S7 programmable logic controller. After consulting with Siemens and the U.S. Department of Homeland security, NSS decided that it was simply too dangerous to go public with its information before a patch could be fully developed. The systems Beresford had hacked are used to run power and chemical plants, some of which could be damaged if they were hit by a computer attack.

Now NSS Labs CEO Rick Moy says Beresford is rescheduled to deliver his talk at Black Hat, which runs Aug. 2-3.

Beresford has discovered six vulnerabilities in the S7 that "allow an attacker to have complete control of the device," Moy said. Devices like the S7 do things such as control how fast a turbine spins or open gates on dams.

The attack was developed on an S7-1200 system, but NSS believes other models of the S7 are also vulnerable.

For Beresford's attack to work, a hacker would have to first be on the same network as the Siemens system. Industrial systems like the S7 are often designed to run on "air-gapped" networks that are physically separated from the rest of the plant's computer systems. That would protect them from Beresford's attack, but security researchers have shown that it's often possible to reach these networks from the Internet. The Stuxnet worm, for example jumped across networks by infecting USB drives.

Breaking into some industrial networks would be even easier than that, according to Moy. "The dirty little secret about [such industrial] systems in general is that very few are properly air-gapped," he said.

NSS Labs expects Siemens to issue a patch in the next few weeks, well ahead of the August presentation. "They didn't give any firm timelines," he said. "They said unofficially that they were pretty confident that they'll be able to get their stuff out before then."

Siemens could not immediately be reached for comment.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

Ask a Question
randomness