US investigating Siemens power plant backdoor

The US government has launched an investigation into an alleged backdoor in power plants running Siemens networking equipment, which could give hackers easy access to essential infrastructure.

The US government has launched an investigation into an alleged backdoor in power plants running Siemens networking equipment, which could give hackers easy access to essential infrastructure.

 
Security researcher Justin W. Clarke revealed the bug at a conference in Los Angeles, where he claimed that there was a way to extract the single key used to decode encrypted traffic on the network, with no authentication or checks in place once that key was employed.
 
The equipment is manufactured by RuggedCom, a subsidiary of Siemens, and it is used by a alrge number of power companies throughout the world, raising significant concerns about the security of many nation's power supplies.
 
 US investigating Siemens power plant backdoor
 
The US Department of Homeland Security has contacted RuggedCom asking it to confirm the vulnerability and identify ways to mitigate it.
 
Attempted attacks on critical infrastructure in the US have risen 17-fold between 2009 and 2011, while detected vulnerabilities have jumped by 50 percent to 90 this year so far. Other countries report similar increases.
 
Attacks on important facilities like power and water are seen as a growing threat, with many fearful of the damage that something like the Stuxnet worm can do. That virus hit Siemens SCADA systems used as part of Iran's nuclear facilities, and since then Siemens equipment have been under close scrutiny.
 
Source: BBC