Latest News

Industrial control systems are less secure than iTunes

The recent Kaspersky Security Analyst Summit in Puerto Rico featured a fascinating demonstration.

Security experts from Cylance executed a special script that remotely took control of an industrial control software (ICS) setup.

With the audience watching, the script took just 25 seconds before seizing control over the device which centralises control over alarm systems, doors, climate control systems, and other equipment.

The hijacking vulnerability was demonstrated in Niagara AX-branded hardware and software sold by Tridium.

There are estimated to be more than 21,000 Internet-connected devices sold by Honeywell are vulnerable to the hack demonstrated by Cylance.

Security experts warn that attackers may use the bug to enter networks and then further penetrate the system using additional vulnerabilities that may be present.

Several other ICS products have been found to contain similar problems, including those from Siemens-owned RuggedCom.

Cylance's Billy Rios has said that the security of iTunes was more robust than most industrial control software.

Tridium is an independent business entity of Honeywell.

Read more.

Send this to a friend