News

Hackers find serious vulnerabilities in LHC management system

By admin
Spread the love

Russian security researchers have found a vulnerability in the management software used, among other things, to control experiments at the Large Hadron Collider. They also found security vulnerabilities in a number of other scada systems.

The vulnerability allowed attackers to run their own code on a Simatic WinCC system from Siemens, a so-called scada system that is used, among other things, to control experiments in the Large Hadron Collider. The systems are also in use in nuclear power plants and other critical systems; it was these systems that were attacked by the Stuxnet virus in Iran in 2010.

The fact that the researchers found vulnerabilities in the software used by the LHC does not mean that the particle accelerator itself could actually be hacked; the hackers did not investigate that. In any case, an attacker would have to have access to the scada system via the network in order to exploit the problems. In the case of the particle accelerator, it will not be easy; since it probably isn’t connected to the internet.

The researchers from the ethical hacker group Scada Strange Love, who presented their findings at the CCC security conference in Hamburg, were able to execute proprietary code via the system’s web server. To that end, the server was overloaded with data. In a demonstration, the researchers showed how to start up the Windows calculator; a sign that an attacker can run proprietary code.

The encryption that WinCC uses also turned out to be faulty. The software was found to have a hardcoded encryption key, which read ‘Ths13sMy**encryptonkey’. In 2012, the same researchers also found a hard-coded encryption key in the WinCC software. The way the system’s web interface uses cookies was also found to be used to take control of the system by brute-forcing the code in the cookie. The system also had a version of OpenSSL on board for some time that was vulnerable to the Heartbleed bug.

All security issues have now been resolved. “So we prevented terrorists from generating a black hole in the LHC,” said one of the researchers. In 2012, the researchers also found twenty security vulnerabilities in Simatic’s WinCC system, which, according to the researchers, has a large market share.

The researchers also found security vulnerabilities in Nordex NC2, which is used to drive wind turbines. The software turned out to have a third party web server on board that hadn’t been updated for years and was no longer supported, and as a result had onboard security vulnerabilities that had been known since 2002. “They were very simple security vulnerabilities,” said one of the researchers.

Sunny Webbox, a system that owners of solar panels can use to keep track of how much energy they generate, also turned out to be vulnerable. The software has a hardcoded password on board. Similar software, called SolarLog, had an onboard vulnerability that allowed a full backup to be downloaded without authentication. That backup included the admin panel password, which was poorly encrypted. All security issues have been resolved.

You might also like
Technology

What are the plans with the Moon in 2025 and 2026?

News

Rip Felix Baumgartner: these are his best Skydive stunts

eCommerce

Attention starters: these are the fastest growing jobs from 2025 according to…

eCommerce

The top 5 jobs with the least workload

Apps

These two new Apple apps can now be tested

Apps

Popular apps Pixelmator and Photomator are now from Apple