back to article US reveals Stuxnet-style vuln in Chinese SCADA 'ware

The US Department of Homeland Security is warning of holes in Chinese infrastructure software which could leave factories and power stations vulnerable to hack attacks. The problems, similar to those suffered by Siemens in Iran, are within Sunway ForceControl 6.1 and pNetPower Version 6 - used to runcontrol systems for …


This topic is closed for new posts.
  1. Anonymous Coward

    How big a bang would you get if 18,000MW of turbines ramped up and down repeatedly?

    1. Destroy All Monsters Silver badge

      It depends

      If these are US treasury securities dammed up, quite a lot.


      "The reported vulnerabilities are heap-based buffer overflows b that could result in a denial of service or the execution of arbitrary code."

      Yup. It's 2011. Do you know whether your kids are programming in C?

  2. Dark haired lord of the undercliff


    and they should know

  3. Ross K Silver badge

    Hardly surprising really

    ...given that the Chinese have probably knocked-off Siemens' work.

    Surely any US power station wouldn't be allowed install a Chinese SCADA setup due to the possibility of some naughtiness happening?

    Mushroom cloud because...

  4. Anonymous Coward
    Thumb Up

    "wouldn't be allowed install a Chinese SCADA setup "

    I haven't checked, but where do you think US PLC vendors like GE get their PLCs built and their firmware written? Not that European or Japanese PLC vendors are likely to be any different.

    In the telco infrastructure sector, Chinese outfit Huawei are doing very nicely in countries where they are not blocked for political reasons.

    What could possibly go wrong?

  5. Alan Firminger

    /* comment */

    Any industrial equipment is liable to be vulnerable by intention. How these holes got in the cheese is another matter.

    Please, buffer overflow. As above , it is 2011.

  6. Russ.T.Starfish
    Black Helicopters

    Warning shot across the bows?

    Given that it is widely speculated America had a hand in crafting the stuxnet worm along with other interested parties, and that there are multiple digital type attacks on western government installations around the globe. It appears to me that America are politically highlighting to china to "backoff the cyber attacks and get your ship in order or something really bad may happen on your turf"

    Obviously not worded as such, worded as a security advisory, but thats how I'm sure it would be taken.

This topic is closed for new posts.

Other stories you might like