• On TechRepublic: Five super-secret features in Windows 7
May 18, 2008 10:01 AM PDT

Security hole found in software used by power plants

by Elinor Mills
  • Font size
  • Print
  • 7 comments

We can all live with outages at Yahoo Mail, Twitter, and CNN.com. But what about when there's an outage that affects our electrical power, heating systems, and gas supplies?

Boston-based security firm Core Security has discovered a serious hole in the Suitelink software that is used to automate operations at power stations, oil refineries and production lines, according to a report in New Scientist.

Attackers exploiting the vulnerability could crash the software by transmitting an outsize packet data to a certain port on the computer running Suitelink, the article says.

Fortunately, Wonderware, the company that makes Suitelink, has issued a software patch for the vulnerability. Now it's up to the plants to update their software.

Even without finding security holes in the SCADA control software, it's possible to break into power plants by downloading malware to employee computers through a socially engineered e-mail that directs them to a malicious server, a security expert said at RSA 2008.

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor.
Topics:

Security

Tags:

security,

power plants

Share:
Digg
Del.icio.us
Reddit
Recent posts from News Blog
Nvidia puts NForce chipset development on hold
Opera 10 browser is here
Neil Young Archives Blu-ray: Rip off?
Acronis revises survey results about backup habits
Acronis miscalculates data on users' bad backup habits
Flickr co-founder presses beta button
Comcast, Sony open retail store
Cox to try coaxing the Internet into submission
Related
GM commits $202 million for Chevy Volt engine plant
Microsoft patches critical hole in Windows kernel
A child porn-planting virus: Threat or bad defense?
CNET News Daily Podcast: Droid navigates its way to market
More security breaches hit midsize companies
Phishing, worms spike this year, say Microsoft and McAfee
Barriers loom on road to plug-in cars
Time Warner testing fix to hole in home router
Add a Comment (Log in or register) (7 Comments)
  • prev
  • 1
  • next
by AppleSuxLeo May 18, 2008 1:25 PM PDT
Doh !
Reply to this comment
by timber2005 May 18, 2008 2:35 PM PDT
Glad they've patched it before some company went public with it.
It's funny though, I've got a neighbor who works for Progress Energy in the carolinas, and as I've heard you'd be surprised that if a major computer failure were to occur, we CAN overide it. Even if we think the computers are wrong *cough* three mile island *cough* humans remain in full control.
Yes, some systems might begin automatic shutdown procedures, but after a few hours everything could be back online. Like the recent Flordia blackout.
Reply to this comment
by Boid May 18, 2008 6:57 PM PDT
i have worked with this software for over 10 years. Systems such as these are behind firewalls and are not exposed directly to the Internet. Hackers would first have to penetrate a perimeter firewall to even try to find the SCADA systems.

If they can do this, they can exploit any of the well known Windows flaws. They will probably be totally unaware that Suitelink is running and that there is a specific exploit for it.

This article is trying to build hype but is short on facts and reality.
Reply to this comment
by jollyruss May 19, 2008 9:31 AM PDT
It's scary to know that mission-critical systems such as electrical power plants, heating systems, gas plants, etc. are being managed and controlled with software that runs on Windows...
Reply to this comment
by amigabill May 19, 2008 9:57 AM PDT
Why are these things even on the public net?
Reply to this comment
by amigabill May 19, 2008 9:58 AM PDT
Why are these things even on the public net?
Reply to this comment
by Kgaines May 20, 2008 9:44 AM PDT
Amazing... I work Tech Support for Wonderware. This vulnerability was discovered in February, and a patch released in March. This "Core Security" group are a little late to the game. I sincerely hope large companies don't rely on them for important security bulletins. Needless to say, as Boid has stated, any IT/Network manager worth their salt would not have a critical production environment exposed to the internet...
Reply to this comment
(7 Comments)
  • prev
  • 1
  • next
advertisement

A CNET Conversation with Eric Schmidt

CNET's Tom Krazit and Molly Wood sit down with Google CEO Eric Schmidt to discuss the future of Android, the Chrome OS, the problem of real-time search indexing, and more.

Verizon tests sending RIAA copyright notices

The No. 2 phone company, known for its reluctance to intervene in antipiracy cases, strikes an agreement to forward copyright notices on behalf of the music industry.

About News Blog

Recent posts on technology, trends, and more.

Add this feed to your online news reader

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET