Critical Stuxnet-level vulnerabilities discovered in UK power plants - IT News from V3.co.uk

Source:  Critical Stuxnet-level vulnerabilities discovered in UK power plants - IT News from V3.co.uk

by Alastair Stevenson

14 Mar 2014

Security researchers have discovered three critical vulnerabilities in a popular industrial control system used by more than 7,600 power, chemical and petrochemical plants across the globe.

Rapid 7 researchers discovered the vulnerabilities, specifically relating to Yokogawa Electric Corporation's Centum CS 3000 R3, Windows-based production control system.

Metasploit engineering manager at Rapid 7, Tod Beardsley, told V3 the flaws are troubling as the control system is used by numerous factories and power plants across the globe, including some in the UK, and could be utilised by hackers to mount a variety of attacks.

"If you take a look at Yokogawa's client list you'll see several companies that have global operations, including the UK. The threats that are enabled by the vulnerabilities described range from simple information leakage (screenshots of active engineering projects) to total compromise of the human interface station (HIS)," he said.

"The HIS is ultimately Microsoft Windows machines running server software – if they are reachable from the internet, then an attack can be sourced from anywhere in the world. Since an attacker can control an HIS, he can then take control of the engineering devices that the HIS is intended to manage. This can include things like power turbines and factory floor equipment."

The fact that the vulnerabilities could be used to manipulate physical processes in the plant is particularly troubling as it could allow hackers to mount Stuxnet-level cyber sabotage attacks against the UK's critical infrastructure. Stuxnet is a notorious malware that was discovered in 2010 targeting Iranian nuclear facilities.

The malware is believed to have been created by the Israeli and US governments but has since spread outside of Iran. It was discovered in a Russian nuclear power plant in 2013, and security experts have warned that it is only a matter of time before the Stuxnet malware appears in the UK.

Yokogawa is aware of the vulnerabilities and has begun releasing security patches to fix them. Rapid 7 recommended that companies install the patch on any Centum CS 3000 R3 control systems as soon as possible.

The flaw is one of many to be discovered in critical infrastructure systems this year. The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) called for businesses involved in critical infrastructure to be extra vigilant of a separate flaw in a commonly used SCADA system earlier in January.