One of the security experts has accused Siemens Corporation of lying to the press about security bugs that could result in intruders taking out critical infrastructure.
Billy Rios recently claimed that Siemens' SIMATIC systems could be easily broken into and operated remotely by any user having an Internet connection. And he must be furious about Siemens spinners telling the press that there were no open issues over authentication bypass bugs at the company at all. Indeed, such statement, made by Siemens representatives, was news to Billy Rios who had reported a glaring authentication bypass for their SIMATIC systems eight months ago. Since May 2011, he had been patiently waiting for a fix, because the discovered bug affects almost every Siemens SIMATIC customer.
He went on to disclose the username and password for the company’s SIMATIC systems, saying that if a customer changes his or her password to a new one containing a special character, it may automatically be reset to simple “100”. It is that easy!
Siemens SIMATIC systems appeared in the news when they got compromised by the Stuxnet virus. Considering the fact that Stuxnet was fairly advanced, in case Billy Rios is right it perhaps didn’t have to be. Rios claimed that the session cookie returned by the system when a user logs in seems to be secure, but he discovered that pretty much the same cookie is returned each time a user logs in. After being decoded, the values of the cookies become completely predictable.
In other words, an intruder could gain remote access to a SIMATIC HMI running different control systems and critical infrastructure across the globe. In the end, it might become possible for everyone to take over a control system without even knowing either the username or password!
This can’t sound causing no alarm – either for expert or ordinary users. That’s why Rios is right to be furious that the company dares to announce they had no open issues about authentication bypass bugs at the system at all. Writing in his blog, Billy Rios muttered that next time the company should think more than once before lying to the media about security bugs that are able to affect the critical infrastructure, or it may have no Merry Christmas at all.
Billy Rios recently claimed that Siemens' SIMATIC systems could be easily broken into and operated remotely by any user having an Internet connection. And he must be furious about Siemens spinners telling the press that there were no open issues over authentication bypass bugs at the company at all. Indeed, such statement, made by Siemens representatives, was news to Billy Rios who had reported a glaring authentication bypass for their SIMATIC systems eight months ago. Since May 2011, he had been patiently waiting for a fix, because the discovered bug affects almost every Siemens SIMATIC customer.
He went on to disclose the username and password for the company’s SIMATIC systems, saying that if a customer changes his or her password to a new one containing a special character, it may automatically be reset to simple “100”. It is that easy!
Siemens SIMATIC systems appeared in the news when they got compromised by the Stuxnet virus. Considering the fact that Stuxnet was fairly advanced, in case Billy Rios is right it perhaps didn’t have to be. Rios claimed that the session cookie returned by the system when a user logs in seems to be secure, but he discovered that pretty much the same cookie is returned each time a user logs in. After being decoded, the values of the cookies become completely predictable.
In other words, an intruder could gain remote access to a SIMATIC HMI running different control systems and critical infrastructure across the globe. In the end, it might become possible for everyone to take over a control system without even knowing either the username or password!
This can’t sound causing no alarm – either for expert or ordinary users. That’s why Rios is right to be furious that the company dares to announce they had no open issues about authentication bypass bugs at the system at all. Writing in his blog, Billy Rios muttered that next time the company should think more than once before lying to the media about security bugs that are able to affect the critical infrastructure, or it may have no Merry Christmas at all.
No comments:
Post a Comment