Skip to content

After delay, hacker to show flaws in Siemens industrial gear

June 8, 2011

Black Hat USA 2011 (Credit: Black Hat)

NSS Labs Researcher Dillon Beresford expects to go public at the Black Hat security conference in Las Vegas on Aug. 2–3 with his research showing problems with Siemens computers used in power plants, heavy industry, and chemical plants.

In May, Beresford was pulled out of a Dallas hacking conference at the last minute when Siemens was unable to fix problems he’d found in the firmware of its S7 programmable logic controller.

Devices like the S7 do things such as control how fast a turbine spins  (Stuxnet, a computer virus, targeted an S7 computer at Iranian nuclear facilities) or open gates on dams. Beresford has discovered six vulnerabilities in the S7 that “allow an attacker to have complete control of the device,” says NSS Labs CEO Rick Moy.

Siemens has said that the NSS attack was made “working under special laboratory conditions.” Beresford wasn’t impressed with that comment. In a May interview, he called for Siemens to publish a security advisory on the bugs along with a timetable of when they will be fixed.


From → Uncategorized

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: