US reveals Stuxnet-style vuln in Chinese SCADA 'ware
Nothing must interrupt our supply of iPads and bras
Regcast training : Hyper-V 3.0, VM high availability and disaster recovery
The US Department of Homeland Security is warning of holes in Chinese infrastructure software which could leave factories and power stations vulnerable to hack attacks.
The problems, similar to those suffered by Siemens in Iran, are within Sunway ForceControl 6.1 and pNetPower Version 6 - used to runcontrol systems for factories, power plants and other utilities.
The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Advisory warns that the hole could allow hackers to launch a denial of service attack or possible execution of arbitary code.
The software is mainly used in China but claims some customers in Europe, the Americas and Asia and Africa. There have been no known exploits of the vulnerability and attackers would need an intermediate level of skill to use it.
The problem was spotted by Dillon Beresford of NSS Labs.
There's more on the holes, and links to patches, in this pdf. ®
COMMENTS
Warning shot across the bows?
Given that it is widely speculated America had a hand in crafting the stuxnet worm along with other interested parties, and that there are multiple digital type attacks on western government installations around the globe. It appears to me that America are politically highlighting to china to "backoff the cyber attacks and get your ship in order or something really bad may happen on your turf"
Obviously not worded as such, worded as a security advisory, but thats how I'm sure it would be taken.
http://en.wikipedia.org/wiki/Three_Gorges_Dam
How big a bang would you get if 18,000MW of turbines ramped up and down repeatedly?
IT infrastructure monitoring strategies
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
Steps to Take Before Choosing a Business Continuity Partner
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
