Researcher Finds Nearly Two Dozen SCADA Bugs In a Few Hours

Trailrunner7 writes "It is open season on SCADA software right now. Last week, researchers at ReVuln, an Italian security firm, released a video showing off a number of zero-day vulnerabilities in SCADA applications from manufacturers such as Siemens, GE and Schneider Electric. And now a researcher at Exodus Intelligence says he has discovered more than 20 flaws in SCADA packages from some of the same vendors and other manufacturers, all after just a few hours' work."

Re:WTF is SCADA then?

[stpere]

Google is your friend, as usual. It's basically a system to monitor and control an industrial site/process remotely (power plant, utilities, etc..).

http://en.wikipedia.org/wiki/SCADA [wikipedia.org]

firewalls!

[pointyhat]

Everyone knows about the holes, including the manufacturers. They're designed to operate on controlled, private networks. Every time someone gets hacked, they should go after the implementors, not the vendors as they should factor security onto their site designs. I'm not excusing the manufacturers, just people need to know this is engineering and not infosec - people buy black boxes which do stuff and that's all that matters to them.

Re:When the light turns on...

[ArhcAngel]

IF you plan to see Skyfall read no further.

The current Bond is pretty much nothing but a SCADA horror story.