US reveals Stuxnet-style vuln in Chinese SCADA 'ware
Nothing must interrupt our supply of iPads and bras
The US Department of Homeland Security is warning of holes in Chinese infrastructure software which could leave factories and power stations vulnerable to hack attacks.
The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Advisory warns that the hole could allow hackers to launch a denial of service attack or possible execution of arbitary code.
The software is mainly used in China but claims some customers in Europe, the Americas and Asia and Africa. There have been no known exploits of the vulnerability and attackers would need an intermediate level of skill to use it.
The problem was spotted by Dillon Beresford of NSS Labs.
There's more on the holes, and links to patches, in this pdf. ®
Warning shot across the bows?
Given that it is widely speculated America had a hand in crafting the stuxnet worm along with other interested parties, and that there are multiple digital type attacks on western government installations around the globe. It appears to me that America are politically highlighting to china to "backoff the cyber attacks and get your ship in order or something really bad may happen on your turf"
Obviously not worded as such, worded as a security advisory, but thats how I'm sure it would be taken.
and they should know
How big a bang would you get if 18,000MW of turbines ramped up and down repeatedly?