Feeds

Feds slam hacker-friendly backdoors in jalopy, grub factories

Kit easily violated by miscreants with 'minimal skill'

Boost IT visibility and business value

Security researchers have uncovered hard-coded user accounts that could act as backdoors into food, car, and agricultural production systems across the world.

The flaw, which allows attackers to launch remote exploits, was found in a pair of industrial control devices.

The security hole was found in the BL20 and BL67 Programmable Gateways made by German firm Turck. The kit is used across many industries - including agriculture and food, automotive and manufacturing - to control industrial plant equipment in the United States, Europe and Asia.

Left unresolved, the flaw might be used by hackers to shut down production lines or otherwise create havoc on systems managed with the vulnerable controllers.

The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) published an advisory notice providing links to updated firmware from Turck that mitigates against possible attacks.

The firmware update removes the hard-coded accounts accessible by the FTP service, thus preventing attackers from remotely accessing the device by using hard-coded credentials.

No known public exploits specifically target the vulnerability. However attackers with only minimal skill could potentially carry out an attack, ICS-CERT warns.

The flaws were uncovered by IOActive Labs, whose advisory (PDF) explains that the security snafu created a ready means to plant malware on insecure kit.

This vulnerability allows an attacker to remotely access the device, via its embedded FTP server, by using the undocumented hard-coded credentials. Thus, the attacker can install a trojanized firmware to control communications and processes.

This malicious code may create false communication between remote I/Os, PLCs, or DCS systems in order to compromise additional devices, disrupt legitimate services, or alter industrial processes.

Ruben Santamarta, the IOActive security consultant who unearthed the bugs, explained that the unaddressed flaw left the devices wide open to hackers who happened to know the default login credentials for the kit.

“These hard-coded user accounts pose a significant threat to organisations that have deployed the vulnerable Turck devices," he said. "Any attacker with knowledge of the credentials can effectively remotely control the devices and reap havoc on the network - easily disrupting or shutting down critical production lines."

"Affected organisations should immediately apply the updated firmware from Turck to remove these backdoors,” he added.

Santamarta added that the presence of the backdoors in industrial control kit is sadly typical of insecure product development across the sector.

“It is both surprising and disappointing that hard-coded user accounts like these continue to crop up in Industrial Control Systems. Vendors and purchasers of such critical technologies should take great care to ensure that similar vulnerabilities do not affect future product lines. The industry as a whole still has a long way to go in implementing secure development lifecycle principles,” he added. ®

Gartner critical capabilities for enterprise endpoint backup

More from The Register

next story
Microsoft: We plan to CLEAN UP this here Windows Store town
Paid-for apps that provide free downloads? Really
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
Who needs hackers? 'Password1' opens a third of all biz doors
GPU-powered pen test yields more bad news about defences and passwords
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Hear ye, young cyber warriors of the realm: GCHQ wants you
Get involved, get a job and then never discuss work ever again
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
Microsoft cries UNINSTALL in the wake of Blue Screens of Death™
Cache crash causes contained choloric calamity
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
BYOD's dark side: Data protection
An endpoint data protection solution that adds value to the user and the organization so it can protect itself from data loss as well as leverage corporate data.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?