Siemens' security pummelled by researchers

By on
Siemens' security pummelled by researchers

Industrial control experts have lashed out at industrial control systems vendor Siemens for failing to patch serious vulnerabilities identified in its Programmable Logic Controllers (PLC).

The S7-300 and S7-400 controllers are core components of Siemens' Supervisory data Acquisition and Control (SCADA) systems, which the company claims to be in use "in a wide variety of industrial applications worldwide".

Researcher Dillon Beresford revealed at Black Hat that he found a hardcoded username and password in the firmware of the controllers, plus a series of security compromises that he said Siemens had failed to fix despite knowing of the flaw for more than a year.

The login details accessed a telnet and http server which were superfluous to the PLC.

Dillon said he was able to log in and then "dump memory, delete files and execute commands”.

The news riled SCADA security experts.

Eric Byres said he was "embarassed" to have earlier praised the company for its incidence response and quality assurance.

"Letting unnecessary services run on a PLC and the use of hardcoded passwords are both basic security errors. This should have never been allowed through the Siemens development and quality assurance process.

"Even knowing that the bad news was going to come out, they have done little. Their current advisory provides no useful guidance. There are simple mitigations such as placing a firewall in front of the PLCs to block the http and telnet. Setting up a basic IDS to check for the string “Basisk” would also be a simple solution.

"None are proposed by Siemens."

DigitalBond SCADA consultant Dale Peterson said the vulnerabilities were likely the tip of the iceberg.

"My view is Siemens has a complete lack of an SDL based on the other vulnerabilities Dillon and others have identified," Peterson said. "Control of the engineers is not even close to the biggest problem."

SCADA expert and analyst of the Stuxnet malware Ralph Langer agreed with the assessment.

Dillon also found a "dancing monkeys HTML Easter egg" graphic coded into the firmware by Siemens developers. That move led some to question Siemens quality control.

 

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:
plc scada security siemens

Partner Content

Kaseya Dattocon APAC 2024 is Back
Kaseya Dattocon APAC 2024 is Back
How NinjaOne Is Supporting The Channel As It Builds An Innovative Global Partner Program
How NinjaOne Is Supporting The Channel As It Builds An Innovative Global Partner Program
Ingram Micro Ushers in the Age of Ultra
Ingram Micro Ushers in the Age of Ultra
Channel can help lead customers to boosting workplace wellbeing with professional headsets
Channel can help lead customers to boosting workplace wellbeing with professional headsets
Build cybersecurity capability with award winning Fortinet training from Ingram Micro
Build cybersecurity capability with award winning Fortinet training from Ingram Micro

Sponsored Whitepapers

Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
Pulseway Essential Eight Framework
Pulseway Essential Eight Framework
7 Best Practices For Implementing Human Risk Management
7 Best Practices For Implementing Human Risk Management
2025 State of Machine Identity Security Report
2025 State of Machine Identity Security Report

Events

techpartner.news MSP index - Brisbane
techpartner.news MSP index - Brisbane
techpartner.news Channel Leader List / Golf day
techpartner.news Channel Leader List / Golf day
techpartner.news Pipeline Conference 2025
techpartner.news Pipeline Conference 2025
Integrate Expo 2025
Integrate Expo 2025
Security Exhibition & Conference 2025
Security Exhibition & Conference 2025

Most read articles

Vic gov to spend $100m on cyber security

Vic gov to spend $100m on cyber security
MSPs pressed to review ransomware response as new reporting rules commence

MSPs pressed to review ransomware response as new reporting rules commence
AI ambition: Nick Beaugeard looks to harness AI agents to provide tech services

AI ambition: Nick Beaugeard looks to harness AI agents to provide tech services
Tech Research Asia to present Australian IT M&A report

Tech Research Asia to present Australian IT M&A report

Log in

Email:
Password:
  |  Forgot your password?