Massive flaw could give hackers full control of critical infrastructure

A flaw in two Schneider Electric applications used in manufacturing, oil and gas, and water facilities could have given bad actors complete control of the systems.

Security challenges with OT/IT convergence With the growth of the IoT, we're going to be seeing the convergence of Operations Technology and IT Teams. When you add that to BYOD, this presents considerable challenges for the corporate security officer. How does the enterprise maintain its corporate security policy in the face of all these challenges?Martin Cook, Solutions Architect from LogRhythm, joins us to discuss this and more.
Building a slide deck, pitch, or presentation? Here are the big takeaways:
  • A critical remote code execution vulnerability found in two Schneider Electric applications commonly used in manufacturing, oil and gas, water, automation, and wind and solar power facilities could give cybercriminals complete control of the systems. -- Tenable, 2018
  • Schneider Electric was alerted to the critical vulnerability in its applications and has patched them. -- Tenable, 2018

A critical remote code execution vulnerability found in two Schneider Electric applications could have given attackers free reign over systems that control manufacturing, oil and gas, water, automation, and wind and solar power facilities, according to a report from security firm Tenable.

If exploited, attackers would have been able to use the compromised system to move through the network and expose more systems to attack, including human-machine interface (HMI) clients, the report noted. This would allow them in the worst case scenario to disrupt or harm plant operations.

Specifically, the vulnerability impacted InduSoft Web Studio (an automation tool used to develop HMIs, SCADA systems, and solutions that connect OT with the internet or corporate intranet) and InTouch Machine Edition (a scalable HMI client). This software is commonly used across several industries, the post noted.

SEE: Intrusion detection policy (Tech Pro Research)

The discovery comes after the Department of Homeland Security and the FBI issued a joint warning in March about Russian state-sponsored attacks against US critical infrastructure. Tenable alerted Schneider Electric to the vulnerabilities, and they were patched in early April.

With the spread of the Internet of Things (IoT) into critical infrastructure, cybercriminals are increasingly targeting those systems for attack. It's more important than ever for businesses to ensure they have strong security measures in place to avoid being exploited. For some best practices on protecting these systems, click here.

Outside of the private sector, local governments should be aware that as their cities become increasingly connected, the potential for security flaws also rises. Governments must be alert to potential threats and have security measures built into smart city initiatives.

"Digital transformation has made its way to critical infrastructure, connecting once-isolated systems to the outside world," Dave Cole, chief product officer at Tenable, said in a press release. "This Schneider Electric vulnerability is particularly concerning because of the potential access it grants cybercriminals looking to do serious damage to mission-critical systems that quite literally power our communities."

Also see

Image: iStockphoto/pugun-photo