34 SCADA Vulnerabilities Published
It’s hard to tell how serious this is.
Computer security experts who examined the code say the vulnerabilities are not highly dangerous on their own, because they would mostly just allow an attacker to crash a system or siphon sensitive data, and are targeted at operator viewing platforms, not the backend systems that directly control critical processes. But experts caution that the vulnerabilities could still allow an attacker to gain a foothold on a system to find additional security holes that could affect core processes.
mdb • April 1, 2011 7:13 AM
I used to install these systems at water and waste water plants. Everyone I worked with was on a separate network with no outside access. That was 10 years ago, so I don’t know if that it changed. There were also the usual operators issues (e.g. plugging the computer into another jack), but it is one reason that I think stuxnet was designed and released the way it was.