Stuxnet-targeted SCADA software still vulnerable
Siemens SCADA application still vulnerable to remote takeover hacks
The Siemens SCADA control software that was targeted by the Stuxnet malware has still not been properly secured, according to security researchers from Positive Technologies.
Flaws in Siemens' WinCC SCADA (Supervisory Control And Data Acquisition) software was exploited by the creators of Stuxnet to disrupt production processes at Iranian nuclear facilities.
Researchers from Russia-based Positive Technologies report finding more than 50 vulnerabilities in the latest version of WinCC.
The researchers had been due to present their findings to the Defcon security conference in July this year, but cancelled the presentation at the request of Siemens, as the company was still working to patch the flaws. Positive image CTO Sergey Gordeychik has now revealed the results of their research, that found many vulnerabilities in WinCC that would allow an attacker to take over the system remotely. Details are still being withheld as Siemens has still not released patches for the application.
Gordeychik said that while Siemens appears to be taking security seriously, there are so many vulnerabilities that the company has had to develop a roadmap to patch them all.
Positive Technologies also demonstrated how login credentials for a WinCC SCADA system could be stolen, if the systems operator was simply using the same browser to access the internet while using WinCC's web interface.