Vulnerability in software used by power plants

Boston-based security firm Core Security has discovered a serious hole in the Suitelink software that is used to automate operations at power stations, oil refineries and production lines, according to a report in New Scientist.

Attackers exploiting the vulnerability could crash the software by transmitting an outsize packet data to a certain port on the computer running Suitelink, the article says.

Fortunately, Wonderware, the company that makes Suitelink, has issued a software patch for the vulnerability. Now it's up to the plants to update their software.

Even without finding security holes in the SCADA control software, it's possible to break into power plants by downloading malware to employee computers through a socially engineered e-mail that directs them to a malicious server, a security expert said at RSA 2008.

This article was originally a blog post on CNET News.com.

Talkback 0 comments

• Info Security Advisor 42955
• Senior Manager Information Risk and Compliance / Melbourne / $
• Senior Compliance & Risk Manager
• Senior Engineer – Network and Information Security
• Project Engineer ( Security Pdt / $14K X 13)

TechGuides

Use shades of gray to enhance scale in Excel

Excel's palette is generous, but don't throw buckets of pigment all over your spreadsheets just because you can.

Read more »

Latest from Blog Central

Time to map out

Read more »

Cutting-edge technology from premium sponsors

Adaptive Threat Management

High Performance Security for your Distributed Enterprise

Achieve lower TCO, agility, risk mitigation, compliance, and productivity

Webcast series: Cybercrime is a growth industry - is your organisation prepared?

More resources to optimize the security of your enterprise »

Brought to you by:

 

 

 

More Tech Showcases:

Juniper Networks

Hitachi Eco-Products