For those of you who don't know what a SCADA system is think core backbone systems for a country or countries. Power grids, water systems and defense systems to name just a few. A brief overview can be found here.
Often these systems have operated on very old (Win 3.x and OS2) systems which people are to scared to update. The defense has always been "oh we don't connect this core systems to the internet so we are fine". That isn't always the case anymore, more and more SCADA systems are getting internet access whether it is authorised or not. A penetration tester friend of mine recently told me how he was auditing a SCADA infrastructure that had 5 connections to the internet that had never been authorised. Normally I wouldn't have paid much attention but these are systems which control almost everything we use and rely upon delay, cyber warfare anyone?
So why should I write this post now? Well a recent vulnerability discovered by Core Technologies has had exploit code written for it. This exploit code has been made available as a module for Metasploit for anyone to download. I do not encourage any kind of unlawful hacking but surely someone will take advantage of this and take something very important down?
I won't reproduce someone else's work so here is the paper written by the exploit writer Kevin Finisterre.
As always if you have any questions or comments then fire away.
Dave
Posts
An idea to help secure U.S. cybersecurity…
9 years ago
No comments:
Post a Comment