Private Key Found Embedded In Major SCADA Equipment 105
sl4shd0rk writes "RuggedOS (A Siemens Subsidiary of Flame and Stuxnet fame), an operating system used in mission-critical hardware such as routers and SCADA gear, has been found to contain an embedded private encryption key (PDF). Now that all affected RuggedCom devices are sharing the same key, a compromise on one device gets you the rest for free. If the claims are valid, systems in use which would be affected include U.S. Navy, petroleum giant Chevron, and the Wisconsin Department of Transportation. The SCADA gear which RuggedOS typically runs on is often connected to machinery controlling electrical substations, traffic control systems, and other critical infrastructure. This is the second security nightmare for RuggedCom this year, the first being the discovery of a backdoor containing a non-modifiable account."
Rule One (Score:5, Funny)
Never, ever, name any software "Rugged".
You're just asking for it.
Re:Rule One (Score:5, Funny)
Is that why there are so many hookers named Chastity?
Re:Rule One (Score:5, Insightful)
Re: (Score:2)
There is a strip club in my city called "Elegance", where the girls are anything but... I'm sure it is some kind of joke. The men who go there presumably don't want elegance, they want boobs and arse waved in their face.
Re: (Score:2, Interesting)
I couldn't help but notice that one of the players on the U.S. women's volleyball Olympic team was named "Destiny Hooker." I don't know what her parents had in mind for her, but she is a hell of a volleyball player.
Re: (Score:2)
Don't forget Hope and Charity, virtues that appeal to many customers.
Re: (Score:2)
From Pterri Pratchett's Lords and Ladies
I don't feel like the Queen of the Fairies, moaned Bestiality Carter.* [google.com]
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
At least not as bad as Oracle's "Unbreakable Enterprise Kernel", IMHO.
about that... [oracle.com]
Re: (Score:2)
Never, ever, name any software "Rugged".
Good point, but all joking aside, this security flaw points out one of the huge problem with "little black boxes". Developers can do stupid stuff like this and nobody but the attacker, and the company, will ever know. It also makes for easy disregard of full disclosure thereby protecting your brand's image, even though you're making garbage software like this.
Re: (Score:1)
I know what you're getting at, but just for sake of knowledge, the name RuggedOS comes from the name of the company, Ruggedcom, which is known for making networking gear capable of surviving in harsh environments, mainly, places that need networking, but don't have A/C units. Think power distribution stations, traffic signal enclosures, remote metering stations, etc. A lot of traffic departments, aside from the state of Wisconsin, use these devices.
Not a surprise (Score:5, Informative)
At least now they know that their system is insecure, instead of having it come as a complete surprise when some attacker exploits the weakness to cause some sort of disaster.
Re: (Score:1)
This sort of security bypass "feature" is designed into the system on purpose, most likely at the behest of the German government and/or military. This is similar to how things are done in the US (and most every nation).
Thinking that any sort of high tech device is "secure" is certainly a mark of insanity. Then we have running an entire nation's worth of nuclear reactors on a shared network... insanity on a level that can only be described as "infinitely stupid".
Re:Not a surprise (Score:5, Interesting)
RuggedOS was a recent acquisition by Seimens from a Canadian firm, who had various security worries before its sale, but took care to suppress such news to preserve its valuation. It's doubtful there's any German government involvement. What actually seems to have happened is that the RuggedOS was just a huge turd of a product, which its new owners are slowly coming to discover.
Re: (Score:3)
Theres TONS of regulation at the top, its just that big companies are super good at dealing with it.
Asking for MORE regulation just helps to kill the competition you seem to be implying is needed.
Re: (Score:3)
There can be problems trying to get a lot of security into embedded products. There is resistance from management at times because it slows down the release. If the customers aren't demanding it then it's an extra expense without income. Plus good security is always inconvenient by its nature. The more convenient you make something the less secure it becomes. Customers want to just plug in a device and have it work, they want to do upgrades without any hassles, etc.
Then having security gets in the way
Re: (Score:2)
If you're a professional engineer tasked with utilizing private / public key encryption you should have known enough to secure the private key.
If you didn't know better your incompetent, if you did know better your as negligent as the management team that let it happen.
Re: (Score:3)
Re: (Score:2)
They will just claim that security problems are the work of evil Chinese cyber-terrorists. No-one expects aircraft to be bomb-proof so why expect software not to have security flaws that terrorists can exploit?
Of course we can actually make bomb-proof cargo containers for aircraft, but the added weight and additional cost mean they don't get used much.
Re: (Score:2)
anything that connects to commodity stuff is evil (Score:3)
you cannot have security if you have random connections... walkabout machines, removeable media that can be read by office and home machines, modem connections, most evil The Connected Internet... that permit a cross of the security barrier.
there has to be an airgap, and the secure stuff stays inside the secure area, and the other world(s) can't get in there.
otherwise, you are open to attack, and eventually will be attacked.
amazing how damn lazy everybody has gotten. I learned this in the 70s.
Re: (Score:1)
Re: (Score:1)
Of course it has a private key (Score:5, Insightful)
That part isn't the story. The story is the fact that they all have the same one. That part is insanity. Without key lifecycle management, including creation, distribution, and revocation, you might as well not use asymmetric encryption at all.
Re: (Score:2)
Re: (Score:1)
I've never heard of key lifecycle management and I don't know enough to pick the good hits from a google search, could you please drop a couple of good newbie links so I could get started? Or mention some books. That would be most helpful.
Old key(s) compromised, use new key(s).
Make sure everyone knows to trust new key(s).
Re: (Score:2)
It's called a public-key infrastructure. The Wiki article on PKI [wikipedia.org] is not very good, but still gives some kind of introduction to the topic.
Re: (Score:2)
Even if they do have all the same one (after all, all devices come with the same default password), it isn't an issue if you can change the key is it?
WiDOT (Score:2)
Hooray! We're all doomed... DOOOOOOOOOOOOOOOOOMED.
Wait, what does the WiDOT have that's SCADA that would end the world? I think the worst that would happen is that the times on the billboards above 41 would be wrong... or warn us of zombies ahead.
Re: (Score:3)
Re: (Score:2)
Traffic light overrides?
Lately they've been on a building frenzy adding those gates that drop to prevent people from entering the interstate, like the ones they use in flyover sand states so they can evac from the monthly hurricane using both sides of the interstate... You know, for the coastal defense of Wisconsin during hurricane season. Seriously we're about 1200 miles away from a coast, I have no idea why we have brand new interstate gates. Probably black helicopter and tinfoil hat time. When Obama declares martial law and
Re: (Score:2)
They put those gates up because they want to be able to shut the highway down when some FIB decides that 90 was a great speed and rolls his lexus eight times over and causes a semi to jack knife and roll.
In my neck of the woods, the only thing that's automatic about these gates are the lights. You still have to dispatch an officer to the gate to crank it down. Once its down, the officer can relieve himself to do other tasks if the closure is going to be long-term. The alternative is to keep an expensive
Re: (Score:2)
Not many hurricanes in Colorado but we do get BLIZZARDS and they use the gates to close the road during them. Seems to me I remember a few blizzards growing up in Wisconsin so ya think that might be part of the reason.
Re: (Score:2)
They may be planning to start to drop the gates whenever it snows, but that would be a first.
Speaking as a local with decades of experience they rely on inadequate surface street plowing to keep people off the interstate during blizards. If I can get to the interstate they plow continuously and its an easy drive... HOWEVER good luck getting there if they won't plow in front of your house until the storm ends, or they won't plow main roads more than every couple hours. The last thing you'd want to do is cl
Re: (Score:2)
Are you talking about Colorado or Wisconsin because I have experienced both during the winter and Wisconsin is way better than Colorado when it comes to plowing, Of course that was before Walker and all his cutbacks.
Re: (Score:1)
Most overrides I've seen nowadays have a visible feedback showing that it's activated. Additionally, they have been activating to all-directions-all-red so that the emergency vehicles may just go in the opposite lane to get around. So, other than snarling traffic for a bit, nothing major.
Re: (Score:2)
Railway switches and signals? That would be an *interesting* playground.
Re: (Score:2)
US Navy...hmm..polaris missile launch destroys a major city. Chevron oil refineries start catching fire and economic chaos ensues.
But the Wisconsin Department of Transportation?! Dear God--I could cut off cheese deliveries to North America! Now that's power!!
(Note: I'm sure that I couldn't use this hack to launch a polaris missile. Yes, I'm aware there are tons of failsafes regarding nuclear weapons. This is meant to be humorous.)
Re: (Score:1)
California cheese is better.
Simens is suicidal (Score:2)
It is obvious by now.
To provide "mission critical" and then share weaknesses around.
To insert single point of privacy/authorization failure...
And all that from a German company.
Still puzzled.
Re:Simens is suicidal (Score:5, Funny)
And all that from a German company.
Well, to be fair, the alloy chosen, the temper, and tooling tolerances, on the shared private key were damn beautiful...
Re: (Score:1)
It's unfortunate that a major event, or political push, will need to occur before things change.
The prevailing attitude about industrial equipment, such as PLC and SCADA systems and related items seems to be that even if someone gained access, they'd have to be familiar with the software, own a copy of the software, and know what they are doing.
In other words, only an engineer could hack such a system and they would never do that; so we have nothing to worry about.
I suspect that the same attitude existed re
Re: (Score:2)
If you've ever called Seimen's Atos technical support in the Philippines, you'd know they're not just suicidal, but Kafkaesque (and of course, incompetent).
What?? (Score:1, Funny)
What the fuck is wrong with people? Don't they know we live in a post-PC world? Just throw that old gear on the trashpile of history where it belongs and buy everybody iPads. Problem solved.
L /thread
Re: (Score:1)
Yeah. Just like you could throw away all those old Caterpillar Excavators and buy everyone a Ferrari 612 Scaglietti to do that kind of work.
Re: (Score:1)
Caterpillar should just stop making those. In my survey of self-reported results only 1% of people have ever used one. Stop being some crusty old person who is resistant to change.
Do I even want to know? (Score:4, Insightful)
What possible reason would there be to have a shared private key among all devices? Even if there is some (weird, and probably not a good idea) requirement that it be identical across an entire user site, that should be part of a programming/keyfill process. If uniqueness is good, it should just generate a key on first boot...
Re: (Score:2)
What possible reason would there be to have a shared private key among all devices? Even if there is some (weird, and probably not a good idea) requirement that it be identical across an entire user site, that should be part of a programming/keyfill process. If uniqueness is good, it should just generate a key on first boot...
My guess from dealing with embedded stuff as a user and programmer, and from dealing with lots of idiots, but no experience with this particular hardware, is the intersection is probably something like a "secure boot and config" infrastructure where only official firmware upgrades and configurations can be uploaded.
Anyone out there who's ever cut and pasted a cisco config knows what I'm talking about. Now imagine having to sign anything you cut and paste into the config with a annual license key, which eve
Re: (Score:2)
Wouldn't the signed binary/config scenario you describe rely on a shared public key across all devices, with unique private keys per support contract or customer and the secret CA keys at the top? There are certainly ways to screw that up; but there shouldn't be any need to expose private keys on endpoints at all, and such an arrangement can and does work(SSL is fucked at an organizational level; but the math works just fine).
Re: (Score:2)
Easy to think of answer is that if you are required to validate a One True Config as part of an RFP process, and that the firmware installed on all devices must be 'identical' and come with SSL out of the box, that you need to pre-program all devices with the same key.
Should you be able to change the key that mitigates the problem entirely.
"If the claims are valid..." (Score:5, Informative)
"The vulnerability with proof-of-concept (PoC) exploit code was publicly presented by security researcher Justin W. Clarke of Cylance Inc."
I strongly suspect that the claims are valid.
Re: (Score:1)
Nice try, chinese hacker!
just do the math (Score:2)
i-th root of pi minus 1 in a 17-bit field. you're welcome, feel free to implement it in Gray code.
Great! (Score:2)
By now they're not even trying anymore.
Well... Surprise! Surprise! Surprise! (Score:5, Interesting)
And what do you want to bet that the backdoor came from an unfriendly foreign power in the form of an intern or a contract programmer? Takers? Any takers on that action?
Note to Siemens and the US military: You are not magically protected from software sabotage, particularly when you farm out your software production overseas.
Re:Well... Surprise! Surprise! Surprise! (Score:5, Insightful)
And what do you want to bet that the backdoor came from an unfriendly foreign power in the form of an intern or a contract programmer?
Meh; gross incompetence is far more likely, considering history...
large committee, overruled by the director (Score:2)
isn't it always?
Re: (Score:1)
Nah. Arrogance and apathy.
The design meeting probably sounded a little like this: "who are you worried about? Why would anyone be interested in any of this anyway? They'd first have to know (insert secret here) and know where to look it up. And they'd need the right software and settings. Even if they did, what would they do with it? See, one in a million chance that all of that comes true."
Maybe you're right, it does sound like incompetence...
Re: (Score:2)
We just ignore the problem, just like we ignore all the Manchurian Microchips that infest military, government, commercial, and personal computers in the USA.
Hey, guess what - any chip fabbed in China or Israel probably has extra code doing things we will never see.
Re:Well... Surprise! Surprise! Surprise! (Score:5, Interesting)
We're talking about a Canadian company who, when confronted with the backdoor earlier this year, refused to fix it. So it's safe to say that the company just doesn't care about security. Check you sinophobia at the door, please.
Re: (Score:2)
So I should replace it with Canuckaphobia? Look, I'm not suggesting that China, Pakistan, Iran, etc. are any worse than we are. I'm pointing out that this is an obvious attack vector they would be foolish to ignore and they are anything but foolish. If anything, we're fools for ignoring the possibility to appease a bunch of civilian contractors who contributed to the campaign of Congressperson X, Y or Z.
Re: (Score:2)
Come on, Canadians are nice guys, there can be only whitehats in Canada. Canadians would never exploit security holes for malicious purposes.
Re: (Score:2)
They fixed it. http://www.ruggedcom.com/productbulletin/ros-security-page/ [ruggedcom.com]
A year to late yes, but it was fixed.
As far as the original vulnerability goes, that required someone to connect to the public internet a device an authentication protocol which would transmit the password in the clear (telnet, RSH). Plus, it was a L2 switch, not a router.
Maybe like many small hardware engineering companies it isn't like they don't care about security, maybe management is just bad at supporting it and QA testing it ..
Re: (Score:2)
Mr. Potatohead. (Score:2)
Mr Potatohead!
Backdoors are NOT secrets!
No problem (Score:4, Insightful)
For a few million dollars Siemens will quickly patch it.
Idiot Certificate Authorities (Score:2, Informative)
I lay blame at the CA's, I've spoken to two CA's about using certificates in Embedded devices using lots of low cost subdomains guid.domain.com Both recommended that I just use a wildcard certificate.
quickly (Score:2)
by changing the single worldwide default key and sending out new manual pages telling you what it is.
Newbie question (Score:1)
Are there markings who clearly differentiate the two like:
<!--PRIVATE KEY GOES HERE --!>...<!-- END PRIVATE KEY --!>
or something?
Re:Newbie question (Score:4, Informative)
-----BEGIN RSA PRIVATE KEY-----
MIIBOQIBAAJBAKLdFpep/qw/SIf/wsO4T17GnttlhLjLrVCfM9p4D2gnnz3OiO45
Xw1wonFOPR0D9ewAIi4yAhcMFXc2jyw3GbMCAwEAAQJAJV7R1k89jsyemgZH7J0Y
KUkuHm22/KhPxpYhUdoGvwEqvuyEFdM6kGuFj5AwMD/R8E9g1JFrQSej1aXCvHM5
oQIhANE3nxoo1pSLRrPv3/dPkq8l9VYtTcjCkiivbh6XHVa5AiEAx0gCx6DMBiGA
rxdplBG9pA91lUptz6wQbiMsFsvzfcsCIB1zD+E1yGamaDBh3ovIVqRy2mLkA6Pz
x3EUqJKDwOx5AiBW7DgaLy8O9YoV1VZ9+YcIip21MrPXQ6we/kR65RceJQIgYDV0
I5e4ncpwsbz6q+VWjZ3mNaOnNgkxESmtQY4vzQo=
-----END RSA PRIVATE KEY-----
The base64 data in the middle is a structure that contains a bunch of numbers. The numbers present in a private key are different (a supserset) of a public key, so even if it's in a format that doesn't have the BEGIN..., by parsing the structure, you can see what's in it. (Try pasting the key block above into the stdin of openssl rsa -noout -text.)
*yawn* (Score:2)
Your management plane should not be accessible to anything but your management VLAN. If the bad guys have access to that, it's already all over. With management VLAN access they'd just MitM attack your SSL session and serve another "factory" cert that isn't signed by a CA and most admins will just blindly ignore it. This is not news, but a low priority patching event.
Wanted (Score:2)
Re:what goes around comes around (Score:5, Informative)
There is no involvement of the Chinese in this story at all. The original company that created RuggedOS is Canadian. Who the heck modded the parent +5 Insightful?
Re:what goes around comes around (Score:4, Funny)
Are you saying that Snow Mexicans are behind this threat?
Re: (Score:2)
Canadians?
Yo Grark