SCADA industry debates flaw disclosure
Security The outing of a simple crash bug has caused public soul-searching in an industry that has historically been closed-mouthed about its vulnerabilities. The guys who are setting up these systems are not security professionals. And many of the systems that are running SCADA applications were not designed to be secure--it's a hacker's playground. Jonathan Pollet, vice president and founder, PlantData Technologies, a division of Verano

The flaw, in a particular vendor's implementation of the Inter-Control Center Communications Protocol (ICCP), could have allowed an attacker the ability to crash a server. Yet, unlike corporate servers that handle groupware applications or Web sites, the vulnerable server software--from process-control application maker LiveData--monitors and controls real-time devices in electric power utilities and healthcare settings. The best known types of devices are supervisory control and data acquisition (SCADA) devices and distributed control system (DCS) devices.

Read this full article at Security Focus

Only registered users can write comments.
Please login or register.

Powered by AkoComment!