US computer security research firm NSS Labs warned that it uncovered new ways that hackers could sabotage power plants, oil refineries or manufacturing operations.
"There are no fixes to this right now," he continued. "Bad guys would be able to cause real environmental and physical problems and possibly loss of life."
NSS said that it shared its findings with the US Computer Emergency Readiness Team and was briefing legitimate industrial facilities that are at risk but was revealing little publicly for the sake of safety.
NSS researcher Dillon Beresford reported finding "multiple vulnerabilities" in Siemens programmable logic controllers (PLCs) used in plants worldwide to automatically regulate temperatures, pressures, turbine speeds, robot arms and more.
While the Stuxnet virus struck at PLCs through a plant's operating system software, Beresford discovered ways to reprogram the devices directly if they can be reached on a network, according to Moy.
"Comments were made that it took a nation state millions of dollars and teams of people to create Stuxnet," he continued. "We don't believe that to be true; it was not that hard to create these problems."
Posts
