News Archive 2011

9
Aug
2011
Vulnerabilities in industrial control software Handling Automation, Life Sciences, Process Automation, Infra Automation
pcs-vulnerabilities-siemens-software1
Have you already heard about the new weaknesses that have been discovered in Siemens industrial control software? After Siemens systems last year were affected by Stuxnet, new vulnerabilities now have been found in the various Siemens PLCs which work with the Step 7-system.

“One of the weaknesses is a hard-coded password, which is in fact a backdoor to the system for malicious persons.” Whereas Stuxnet was limited to intercepting or obstructing commandos, these vulnerabilities offer malicious persons the possibilty to directly control the PLC, even without misusing Step-7 software. For more information on this and other discovered vulnerabilities we would like to refer you to this link. Egemin Automation is an expert in the area of Process Control Security and comes therefore into action with our special Process Control Security Competence Center.

The consequences for you

Have you ever stopped to think what would happen if a malicious individual would gain access to your process environment? The damage caused by digital incidents is often impossible to look over. Loss of data, unnoticed forwarding or theft of confidential data or even modifications of digital company data: it is all possible. This unwanted damage to systems can not only severely disrupt business processes, but can also have serious physical consequences, such as personal injury (or even death) and environmental disasters.

The (digital) security of Process Control Systems often fails nowadays, despite this very real and growing danger. There is also a common lack of awareness that the absence of security measures is, in many cases, against the law or contrary to regulations.

What can we do for you?

Let us inform you or your company about the possible risks of these issues and which measures you can take. We offer you practical advices regarding the countermeasures you should take. Think in this case of risk-based measures in the area of Zoning, ‘Defense in Depth’, Access Control, IDS and Patch Management. For more information and a conversation about Process Control Security, please contact your account manager or (directly) our:

Process Control Security Competence Center
E-mail security@egemin.com
Tel. +31 183 643 331


Receive our newsletter