Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Encryption Network Security IT

Private Key Found Embedded In Major SCADA Equipment 105

sl4shd0rk writes "RuggedOS (A Siemens Subsidiary of Flame and Stuxnet fame), an operating system used in mission-critical hardware such as routers and SCADA gear, has been found to contain an embedded private encryption key (PDF). Now that all affected RuggedCom devices are sharing the same key, a compromise on one device gets you the rest for free. If the claims are valid, systems in use which would be affected include U.S. Navy, petroleum giant Chevron, and the Wisconsin Department of Transportation. The SCADA gear which RuggedOS typically runs on is often connected to machinery controlling electrical substations, traffic control systems, and other critical infrastructure. This is the second security nightmare for RuggedCom this year, the first being the discovery of a backdoor containing a non-modifiable account."
This discussion has been archived. No new comments can be posted.

Private Key Found Embedded In Major SCADA Equipment

Comments Filter:
  • Rule One (Score:5, Funny)

    by ColdWetDog ( 752185 ) on Wednesday August 22, 2012 @03:58PM (#41085709) Homepage

    Never, ever, name any software "Rugged".

    You're just asking for it.

    • Re:Rule One (Score:5, Funny)

      by SnoopJeDi ( 859765 ) <> on Wednesday August 22, 2012 @04:01PM (#41085745)

      Is that why there are so many hookers named Chastity?

    • by torjeh ( 1472865 )
      At least not as bad as Oracle's "Unbreakable Enterprise Kernel", IMHO.
    • Never, ever, name any software "Rugged".

      Good point, but all joking aside, this security flaw points out one of the huge problem with "little black boxes". Developers can do stupid stuff like this and nobody but the attacker, and the company, will ever know. It also makes for easy disregard of full disclosure thereby protecting your brand's image, even though you're making garbage software like this.

    • by Anonymous Coward

      I know what you're getting at, but just for sake of knowledge, the name RuggedOS comes from the name of the company, Ruggedcom, which is known for making networking gear capable of surviving in harsh environments, mainly, places that need networking, but don't have A/C units. Think power distribution stations, traffic signal enclosures, remote metering stations, etc. A lot of traffic departments, aside from the state of Wisconsin, use these devices.

  • Not a surprise (Score:5, Informative)

    by jandrese ( 485 ) <> on Wednesday August 22, 2012 @04:02PM (#41085759) Homepage Journal
    The embedded controller market is a market full of devices programmed by hardware engineers, not by security professionals. They don't open up their systems for peer review and thus security flaws make it into the final product. There is definitely a sense of security through obscurity with those products, and it almost works except that the internet makes it too easy to broadcast information to the world.

    At least now they know that their system is insecure, instead of having it come as a complete surprise when some attacker exploits the weakness to cause some sort of disaster.
    • by Anonymous Coward

      This sort of security bypass "feature" is designed into the system on purpose, most likely at the behest of the German government and/or military. This is similar to how things are done in the US (and most every nation).

      Thinking that any sort of high tech device is "secure" is certainly a mark of insanity. Then we have running an entire nation's worth of nuclear reactors on a shared network... insanity on a level that can only be described as "infinitely stupid".

      • Re:Not a surprise (Score:5, Interesting)

        by FhnuZoag ( 875558 ) on Wednesday August 22, 2012 @05:19PM (#41086841)

        RuggedOS was a recent acquisition by Seimens from a Canadian firm, who had various security worries before its sale, but took care to suppress such news to preserve its valuation. It's doubtful there's any German government involvement. What actually seems to have happened is that the RuggedOS was just a huge turd of a product, which its new owners are slowly coming to discover.

    • There can be problems trying to get a lot of security into embedded products. There is resistance from management at times because it slows down the release. If the customers aren't demanding it then it's an extra expense without income. Plus good security is always inconvenient by its nature. The more convenient you make something the less secure it becomes. Customers want to just plug in a device and have it work, they want to do upgrades without any hassles, etc.

      Then having security gets in the way

    • Lame excuse.
      If you're a professional engineer tasked with utilizing private / public key encryption you should have known enough to secure the private key.
      If you didn't know better your incompetent, if you did know better your as negligent as the management team that let it happen.
      • by jandrese ( 485 )
        But they got the product out the door on time and on budget and it's not hard for the customer to use, so everybody is happy. At least for a few years until the blatant security vulnerabilities are published.
        • by AmiMoJo ( 196126 )

          They will just claim that security problems are the work of evil Chinese cyber-terrorists. No-one expects aircraft to be bomb-proof so why expect software not to have security flaws that terrorists can exploit?

          Of course we can actually make bomb-proof cargo containers for aircraft, but the added weight and additional cost mean they don't get used much.

          • by jandrese ( 485 )
            Plus, bombs smuggled on as checked bags doesn't appear to be very common. It seems like it would be a big expense to stop something that doesn't happen.
    • you cannot have security if you have random connections... walkabout machines, removeable media that can be read by office and home machines, modem connections, most evil The Connected Internet... that permit a cross of the security barrier.

      there has to be an airgap, and the secure stuff stays inside the secure area, and the other world(s) can't get in there.

      otherwise, you are open to attack, and eventually will be attacked.

      amazing how damn lazy everybody has gotten. I learned this in the 70s.

  • by Anonymous Coward on Wednesday August 22, 2012 @04:02PM (#41085769)

    That part isn't the story. The story is the fact that they all have the same one. That part is insanity. Without key lifecycle management, including creation, distribution, and revocation, you might as well not use asymmetric encryption at all.

    • by hlavac ( 914630 )
      Having a single key sure simplifies the NSA backdoor management though. Taxpayers are saving money here!
    • by OAB_X ( 818333 )

      Even if they do have all the same one (after all, all devices come with the same default password), it isn't an issue if you can change the key is it?

  • Hooray! We're all doomed... DOOOOOOOOOOOOOOOOOMED.

    Wait, what does the WiDOT have that's SCADA that would end the world? I think the worst that would happen is that the times on the billboards above 41 would be wrong... or warn us of zombies ahead.

    • Traffic light overrides?
      • by vlm ( 69642 )

        Traffic light overrides?

        Lately they've been on a building frenzy adding those gates that drop to prevent people from entering the interstate, like the ones they use in flyover sand states so they can evac from the monthly hurricane using both sides of the interstate... You know, for the coastal defense of Wisconsin during hurricane season. Seriously we're about 1200 miles away from a coast, I have no idea why we have brand new interstate gates. Probably black helicopter and tinfoil hat time. When Obama declares martial law and

        • They put those gates up because they want to be able to shut the highway down when some FIB decides that 90 was a great speed and rolls his lexus eight times over and causes a semi to jack knife and roll.

          In my neck of the woods, the only thing that's automatic about these gates are the lights. You still have to dispatch an officer to the gate to crank it down. Once its down, the officer can relieve himself to do other tasks if the closure is going to be long-term. The alternative is to keep an expensive

        • Not many hurricanes in Colorado but we do get BLIZZARDS and they use the gates to close the road during them. Seems to me I remember a few blizzards growing up in Wisconsin so ya think that might be part of the reason.

          • by vlm ( 69642 )

            They may be planning to start to drop the gates whenever it snows, but that would be a first.

            Speaking as a local with decades of experience they rely on inadequate surface street plowing to keep people off the interstate during blizards. If I can get to the interstate they plow continuously and its an easy drive... HOWEVER good luck getting there if they won't plow in front of your house until the storm ends, or they won't plow main roads more than every couple hours. The last thing you'd want to do is cl

            • Are you talking about Colorado or Wisconsin because I have experienced both during the winter and Wisconsin is way better than Colorado when it comes to plowing, Of course that was before Walker and all his cutbacks.

      • Most overrides I've seen nowadays have a visible feedback showing that it's activated. Additionally, they have been activating to all-directions-all-red so that the emergency vehicles may just go in the opposite lane to get around. So, other than snarling traffic for a bit, nothing major.

    • Railway switches and signals? That would be an *interesting* playground.

    • US Navy...hmm..polaris missile launch destroys a major city. Chevron oil refineries start catching fire and economic chaos ensues.

      But the Wisconsin Department of Transportation?! Dear God--I could cut off cheese deliveries to North America! Now that's power!!

      (Note: I'm sure that I couldn't use this hack to launch a polaris missile. Yes, I'm aware there are tons of failsafes regarding nuclear weapons. This is meant to be humorous.)

  • It is obvious by now.

    To provide "mission critical" and then share weaknesses around.

    To insert single point of privacy/authorization failure...

    And all that from a German company.

    Still puzzled.

    • by fuzzyfuzzyfungus ( 1223518 ) on Wednesday August 22, 2012 @04:12PM (#41085907) Journal

      And all that from a German company.

      Well, to be fair, the alloy chosen, the temper, and tooling tolerances, on the shared private key were damn beautiful...

      • by lewi ( 806353 )

        It's unfortunate that a major event, or political push, will need to occur before things change.

        The prevailing attitude about industrial equipment, such as PLC and SCADA systems and related items seems to be that even if someone gained access, they'd have to be familiar with the software, own a copy of the software, and know what they are doing.

        In other words, only an engineer could hack such a system and they would never do that; so we have nothing to worry about.

        I suspect that the same attitude existed re

    • If you've ever called Seimen's Atos technical support in the Philippines, you'd know they're not just suicidal, but Kafkaesque (and of course, incompetent).

  • What?? (Score:1, Funny)

    by Anonymous Coward

    What the fuck is wrong with people? Don't they know we live in a post-PC world? Just throw that old gear on the trashpile of history where it belongs and buy everybody iPads. Problem solved.

    L /thread

    • by aix tom ( 902140 )

      Yeah. Just like you could throw away all those old Caterpillar Excavators and buy everyone a Ferrari 612 Scaglietti to do that kind of work.

      • by Anonymous Coward

        Caterpillar should just stop making those. In my survey of self-reported results only 1% of people have ever used one. Stop being some crusty old person who is resistant to change.

  • by fuzzyfuzzyfungus ( 1223518 ) on Wednesday August 22, 2012 @04:06PM (#41085815) Journal

    What possible reason would there be to have a shared private key among all devices? Even if there is some (weird, and probably not a good idea) requirement that it be identical across an entire user site, that should be part of a programming/keyfill process. If uniqueness is good, it should just generate a key on first boot...

    • by vlm ( 69642 )

      What possible reason would there be to have a shared private key among all devices? Even if there is some (weird, and probably not a good idea) requirement that it be identical across an entire user site, that should be part of a programming/keyfill process. If uniqueness is good, it should just generate a key on first boot...

      My guess from dealing with embedded stuff as a user and programmer, and from dealing with lots of idiots, but no experience with this particular hardware, is the intersection is probably something like a "secure boot and config" infrastructure where only official firmware upgrades and configurations can be uploaded.

      Anyone out there who's ever cut and pasted a cisco config knows what I'm talking about. Now imagine having to sign anything you cut and paste into the config with a annual license key, which eve

      • Wouldn't the signed binary/config scenario you describe rely on a shared public key across all devices, with unique private keys per support contract or customer and the secret CA keys at the top? There are certainly ways to screw that up; but there shouldn't be any need to expose private keys on endpoints at all, and such an arrangement can and does work(SSL is fucked at an organizational level; but the math works just fine).

    • by OAB_X ( 818333 )

      Easy to think of answer is that if you are required to validate a One True Config as part of an RFP process, and that the firmware installed on all devices must be 'identical' and come with SSL out of the box, that you need to pre-program all devices with the same key.

      Should you be able to change the key that mitigates the problem entirely.

  • by Jane Q. Public ( 1010737 ) on Wednesday August 22, 2012 @04:06PM (#41085819)
    Um..... since, according to the document,

    "The vulnerability with proof-of-concept (PoC) exploit code was publicly presented by security researcher Justin W. Clarke of Cylance Inc."

    I strongly suspect that the claims are valid.

  • By now they're not even trying anymore.

  • by gestalt_n_pepper ( 991155 ) on Wednesday August 22, 2012 @04:16PM (#41085987)

    And what do you want to bet that the backdoor came from an unfriendly foreign power in the form of an intern or a contract programmer? Takers? Any takers on that action?

    Note to Siemens and the US military: You are not magically protected from software sabotage, particularly when you farm out your software production overseas.

    • by CanHasDIY ( 1672858 ) on Wednesday August 22, 2012 @04:37PM (#41086233) Homepage Journal

      And what do you want to bet that the backdoor came from an unfriendly foreign power in the form of an intern or a contract programmer?

      Meh; gross incompetence is far more likely, considering history...

      • by lewi ( 806353 )

        Nah. Arrogance and apathy.

        The design meeting probably sounded a little like this: "who are you worried about? Why would anyone be interested in any of this anyway? They'd first have to know (insert secret here) and know where to look it up. And they'd need the right software and settings. Even if they did, what would they do with it? See, one in a million chance that all of that comes true."

        Maybe you're right, it does sound like incompetence...

    • We just ignore the problem, just like we ignore all the Manchurian Microchips that infest military, government, commercial, and personal computers in the USA.

      Hey, guess what - any chip fabbed in China or Israel probably has extra code doing things we will never see.

    • by FhnuZoag ( 875558 ) on Wednesday August 22, 2012 @05:14PM (#41086739)

      We're talking about a Canadian company who, when confronted with the backdoor earlier this year, refused to fix it. So it's safe to say that the company just doesn't care about security. Check you sinophobia at the door, please.

      • So I should replace it with Canuckaphobia? Look, I'm not suggesting that China, Pakistan, Iran, etc. are any worse than we are. I'm pointing out that this is an obvious attack vector they would be foolish to ignore and they are anything but foolish. If anything, we're fools for ignoring the possibility to appease a bunch of civilian contractors who contributed to the campaign of Congressperson X, Y or Z.

      • Come on, Canadians are nice guys, there can be only whitehats in Canada. Canadians would never exploit security holes for malicious purposes.

      • by OAB_X ( 818333 )

        They fixed it. []
        A year to late yes, but it was fixed.

        As far as the original vulnerability goes, that required someone to connect to the public internet a device an authentication protocol which would transmit the password in the clear (telnet, RSH). Plus, it was a L2 switch, not a router.

        Maybe like many small hardware engineering companies it isn't like they don't care about security, maybe management is just bad at supporting it and QA testing it ..

    • by houghi ( 78078 )

      from an unfriendly foreign power

      Just food for thought: Siemens is German. The unfriendly foreign power could be any non-German country, including the USofA. Oh and Germany.

  • Mr Potatohead!

    Backdoors are NOT secrets!

  • No problem (Score:4, Insightful)

    by aaaaaaargh! ( 1150173 ) on Wednesday August 22, 2012 @04:32PM (#41086179)

    For a few million dollars Siemens will quickly patch it.

    • by Anonymous Coward

      I lay blame at the CA's, I've spoken to two CA's about using certificates in Embedded devices using lots of low cost subdomains Both recommended that I just use a wildcard certificate.

    • by changing the single worldwide default key and sending out new manual pages telling you what it is.

  • How can one be sure the key in question is a private one and not a public key (aside from the working PoC)?

    Are there markings who clearly differentiate the two like:
    <!--PRIVATE KEY GOES HERE --!>...<!-- END PRIVATE KEY --!>
    or something?
    • Re:Newbie question (Score:4, Informative)

      by dlgeek ( 1065796 ) on Wednesday August 22, 2012 @06:19PM (#41087603)
      Actually, yes. The most common format for storing RSA keys is PEM and it looks like this (randomly generated key just for this post):

      -----BEGIN RSA PRIVATE KEY-----
      -----END RSA PRIVATE KEY-----

      The base64 data in the middle is a structure that contains a bunch of numbers. The numbers present in a private key are different (a supserset) of a public key, so even if it's in a format that doesn't have the BEGIN..., by parsing the structure, you can see what's in it. (Try pasting the key block above into the stdin of openssl rsa -noout -text.)

  • Your management plane should not be accessible to anything but your management VLAN. If the bad guys have access to that, it's already all over. With management VLAN access they'd just MitM attack your SSL session and serve another "factory" cert that isn't signed by a CA and most admins will just blindly ignore it. This is not news, but a low priority patching event.

  • Crappy, lazy coders needed to undermine the entirety of industrialized society. Must be willing to kowtow to clueless, incompetent managers to ensure all life or death controls are as simplistic as a coloring book and as secure as an unlocked screen door.

"In matrimony, to hesitate is sometimes to be saved." -- Butler