Articles about scada

image byemo http://www.shutterstock.com/gallery-2659924p1.html

General Electric plays down industrial control plant vulnerabilities

General Electric (GE) has pushed out an update to its industrial control systems following the discovery of vulnerabilities that create a way for hackers to steal SCADA system passwords. Potential exploits based on the vulnerabilities could be abused to cause process flow disruptions in power stations, utility providers and …
John Leyden, 20 Jan 2017
High voltage power grid, in the sunset. Photo by SHutterstock

Energy firm points to hackers after Kiev power outage

A cyber attack is suspected in connection with an outage of the Ukrainian power grid that affected homes around Kiev last weekend. A substation in Pivnichna was cut off from the main power grid for about 75 minutes late on Saturday 17 December, lasting into the early hours of Sunday. As a result, houses and flats of the right …
John Leyden, 21 Dec 2016
Prince philip Thames barrier old control room photo Environment Agency

Definitely not another Stuxnet, researchers claim as they demo industrial control rootkit

Black Hat EU Security researchers have come up with another way to hack Programmable Logic Controllers (PLCs) at industrial plants. Ali Abbasi, a PhD student at the University of Twente, and Majid Hashemi, a research engineer at Quarkslab, have developed an attack that involves tweaking the PIN configuration of a system chip in order to …
John Leyden, 8 Nov 2016
Robot looks into magnifying glass, human eye displayed. Photo by Shutterstock

Freeze ...SCADA! Flaw lets hackers peel away Human Machine Interface

Security researchers have discovered another serious vulnerability in industrial control kit from Schneider Electric. System crashing flaws in the physical HMI (Human Machine Interface) hardware, dubbed PanelShock by security researchers, follow days after the earlier disclosure of security vulnerabilities in Schneider …
John Leyden, 1 Nov 2016
milk production line. Photo by SHutterstock

Schneider Electric plugs gaping hole in industrial control kit

A vulnerability in Schneider Electric’s industrial controller management software created a possible mechanism for hackers to plant malicious code on industrial networks. Industrial cybersecurity firm Indegy discovered the recently resolved flaw in Schneider Electric’s flagship industrial controller management software, Unity …
John Leyden, 27 Oct 2016
Welders wearing protective clothing fixing welding and grinding industrial construction oil and gas or water and sewerage plumbing pipeline outside on site. Photo by Andrea Slatter/Shutterstock

Cisco security crew uncovers bug in industrial control kit

Cisco has uncovered a potentially serious bug in widely used industrial control system kit. The vulnerability in Allen-Bradley Rockwell Automation MicroLogix1400 Programmable Logic Controllers (PLCs) arose from the presence of an undocumented Simple Network Management Protocol (SNMP) community string. The flaw might be …
John Leyden, 15 Aug 2016
image byemo http://www.shutterstock.com/gallery-2659924p1.html

Security firm clarifies power-station 'SCADA' malware claim

Malware hyped as aimed at the heart of power plants is nothing of the sort according to security outfit Damballa, which has put its name to analysis claiming the "SFG" malware is run-of-the-mill code without sufficient smarts to target SCADA systems. The so-called SFG malware is the spawn of Furtim, and hit headlines as …
Darren Pauli, 18 Jul 2016

SCADA malware caught infecting European energy company

Security researchers have identified a strain of malware that has already infected at least one European energy company. The malware, dubbed SFG, is related to an earlier sample called Furtim, that created a backdoor on targeted industrial control systems. This backdoor might be used to deliver a payload which could be used to …
John Leyden, 12 Jul 2016
Mullard Radio Astronomy Observatory

Amazingly insecure industrial control systems + internet = Cupful of nope

Many industrial control system are exposed to the internet, creating a severe risk because most are hopelessly insecure, according to a new study by Kaspersky Lab. To minimise the possibility of a cyber-attack, Industrial Control Systems (ICS) are supposed to be run in a physically isolated environment. In total, 188,019 hosts …
John Leyden, 11 Jul 2016

Air-gapping SCADA systems won't help you, says man who knows

Hoping to keep industrial control systems out of reach of hackers by keeping them air-gapped is a hopeless mission that’s bound for failure, according to a SCADA guru. Isolating SCADA systems as a means of protection has been suggested by some as a defensive tactic after hackers briefly took out elements of the power grid in …
John Leyden, 3 Jun 2016

'Irongate' attack looks like Stuxnet, quacks like Stuxnet ...

FireEye threat researchers have found a complex malware instance that borrows tricks from Stuxnet and is specifically designed to work on Siemens industrial control systems. Josh Homan, Sean McBride, and Rob Caldwell named the malware "Irongate" and say it is probably a proof-of-concept that is likely not used in wild. …
Darren Pauli, 3 Jun 2016
image byemo http://www.shutterstock.com/gallery-2659924p1.html

Daisy-chained research spells malware worm hell for power plants and other utilities

BlackHat Asia A world-first proof-of-concept worm - if unleashed - could spell disaster for the world’s critical infrastructure, including power utilities by making attacks exponentially more difficult to detect and stop. It is a stand-alone attack but The Register has confirmed a realistic stealthy end-to-end attack scenario can be …
Darren Pauli, 5 May 2016
Water Treatment Centre pipe sluices off water. Photo by Joe Jungmann, released into the public domain

Water treatment plant hacked, chemical mix changed for tap supplies

Hackers infiltrated a water utility’s control system and changed the levels of chemicals being used to treat tap water, we're told. The cyber-attack is documented in this month’s IT security breach report (available here, registration required) from Verizon Security Solutions. The utility in question is referred to using a …
John Leyden, 24 Mar 2016
Oil Pump Jack by https://www.flickr.com/photos/paul_lowry/  cc 2.0 attribution

SAP plugs critical software flaw that could let hackers into factories

SAP has issued a critical software update that plugged 23 security holes on Tuesday, including a fix for security issues in its industrial manufacturing software. The manufacturing software patch addresses a critical vulnerability in SAP Manufacturing Integration and Intelligence (xMII). The product provides a bridge between …
John Leyden, 10 Feb 2016
Prince philip Thames barrier old control room photo Environment Agency

WirelessHART industrial control kit is riddled with security holes

Widely used WirelessHART-type industrial control products are wide open to exploitation, a security tools firm has warned. Applied Risk, an industrial control systems (ICS) security specialist, has discovered several weaknesses in various WirelessHART products. The vulnerabilities create the potential for hackers of various …
John Leyden, 1 Feb 2016

Techie on the ground disputes BlackEnergy Ukraine power outage story

Updated A Ukrainian telecoms engineer has raised doubts about the widely reported link between BlackEnergy attacks and power outages in his country. Illia Ilin said that reports suggesting Russian state sponsored hackers used the BlackEnergy malware to infect the control systems of energy distribution utilities and cause blackouts …
John Leyden, 27 Jan 2016
Oil Pump Jack by https://www.flickr.com/photos/paul_lowry/  cc 2.0 attribution

Mixing ERP and production systems: Oil industry at risk, say infosec bods

Black Hat Europe Hackers might be able to bridge the gap between supposedly air-gapped systems in oil and gas production by pivoting from enterprise planning onto production systems. Vulnerabilities and insecure installations in SAP business software and other enterprise systems might be used to interfere with loosely-couple but nonetheless …
John Leyden, 18 Nov 2015
china_future_648

GCHQ to pore over blueprints of Chinese built Brit nuke plants

UK spies will go through the blueprints of computer systems of nuclear plants due to be built by Chinese firms in the UK in a bid to allay security concerns, The Times reports. GCHQ’s role in the assessment was confirmed on the eve of Chinese President Xi Jinping's four-day state visit to the UK. Security chiefs have …
John Leyden, 19 Oct 2015

Create a news alert about scada, or find more stories about scada.

Biting the hand that feeds IT © 1998–2018