Private Crypto Key in Mission-Critical Hardware
August 23rd, 2012Via: Ars Technica:
A private encryption key embedded into widely used mission-critical routers could be exploited by hackers to attack electric substations, railroad switches, and other critical infrastructure, security researchers have warned.
The flaw, uncovered in devices made by Siemens subsidiary RuggedCom of Ontario, Canada, is the second this year to affect its Rugged Operating System. The firmware runs mission-critical routers that have been used by the US Navy, petroleum giant Chevron, and the Wisconsin Department of Transportation to help administer industrial control systems and supervisory control and data acquisition systems, which flip switches, turn valves, and manipulate other machinery in industrial settings. Rugged OS is fluent in both the Modbus and DNP3 communications protocols used to natively administer such ICS and SCADA gear.
According to security researcher Justin W. Clarke, Rugged OS contains the same private key used to decrypt secure-sockets-layer communications sent by administrators who log into the devices. This allows attackers who may have compromised a host on the network to eavesdrop on sessions and retrieve user login credentials and other sensitive details. Plenty of small and home office routers also contain private SSL keys. What’s different here is that RuggedCom devices, which are designed to withstand extreme dust, heat, and other harsh conditions, are connected to machinery that controls electrical substations, traffic control systems, and other critical infrastructure.
