Neutralbit identified the vulnerability in NETxAutomation NETxEIB OPC (OLE for Process Control) Server. OPC is a Microsoft Windows standard for easily writing GUI applications for SCADA. It’s used for interconnecting process control applications running on Microsoft platforms. OPC servers are often used in control systems to consolidate field and network device information.Neutralbit also claims this is the first remotely accessible SCADA vulnerability, which the smallest amount of googling shows is not true (I leave that as an exercise for the reader). However, they probably have found a real vulnerability. Continue reading
Neutralbit reports that the flaw is caused by improper validation of server handles, which could be exploited by an attacker with physical or remote access to the OPC interface to crash an affected application or potentially compromise a vulnerable server. Neutralbit has also recently published five vulnerabilities having to do with OPC.
— Hole Found in Protocol Handling Vital National Infrastructure, physorg.com, 25 March 2007
A foreign hacker who penetrated security at a Harrisburg, Pa., water filtering plant is under investigation by the FBI for planting malicious software capable of affecting the plant’s water treatment operations, ABC News has learned.The report says this isn’t the first such water supply cracking incident. Continue reading
The hacker tried to covertly use the computer system as its own distribution system for e-mails or pirated software, officials told ABC.
“The concern was high because it is a computer that controls an important infrastructure system, and if, for some reason, it caused it to fail, it would have disrupted service,” said Special Agent Jerri Williams of the FBI’s Philadelphia field office. Hackers Penetrate Water System Computers Richard Esposito, October 30, 2006 3:15 PM