Digital Bond and Tenable Network Security collaborate on continuous critical infrastructure protection

(20/01/2012)

Digital Bond and Tenable Network Security released new SCADA plugins for both Tenable’s Nessus and Passive Vulnerability Scanner (PVS), at the S4 Conference.
These plugins will identify insecure PLC configurations that would allow an attacker to take control of a critical infrastructure such as the electric grid, an oil pipeline, a chemical manufacturing plant or water treatment plant.

Tenable’s Passive Vulnerability Scanner plugins allow a control system network to be monitored continuously without any interaction or impact to the network. The PVS not only identifies these PLC vulnerabilities, it also discovers a wide variety of systems which speak common SCADA protocols such as ICCP, MODBUS and DNP3.

There are seven new Tenable SCADA plugins for the GE D20, Schneider Modicon Quantum and SEL 2032 SCADA PLCs or controllers. These are the devices that communicate with sensors and actuators and tell valves to open, breakers to trip or control some form of a physical process. An attacker who is able to gain control of a PLC can implement a blunt attack that could stop the physical process or a more sophisticated attack that would give the hacker more control over the physical process – posing a more significant threat.

The seven new SCADA plugins are:
· GE D20 Default Telnet
· GE D20 TFTP Sensitive Data
· Modicon Quantum Default FTP
· Modicon Quantum Default HTTP
· Modicon Quantum Default Telnet
· Modicon Quantum TFTP Enabled
· SEL 2032 Default Telnet

Dale Peterson, founder of Digital Bond, said, “We felt it was important to provide tools that critical infrastructure owners can use to determine if their PLCs are at risk. These plugins identify some of the most critical configuration errors we found in Project Basecamp – a project designed to assess the security of a set of popular industrial control system (ICS) field devices with an Ethernet interface for a common set of vulnerabilities. We plan to continue to provide Tenable Network Security with additional PLC security checks from Basecamp.”

“Tenable’s products including Nessus, and the Passive Vulnerability Scanner are designed to go beyond vulnerability scanning for workstations and servers, with functionality that assesses and monitors these special purpose PLCs in real time, — delivering a full featured ICS platform,” said Ron Gula, CEO and CTO of Tenable Network Security. “We’re working closely with many organisations that manage critical infrastructure to help safeguard their systems from external intrusion that could wreak havoc and present a threat to public safety.”

Project Basecamp and the resulting tools were presented at Digital Bond’s S4 Conference with a team of six researchers assessing the security of six widely used PLC’s in the critical infrastructure in front of an audience of leading SCADA security researchers from around the world.

Related topics:  Crime and Fraud Prevention   Hacking and intrusion prevention   Intrusion detection   Network Security   Safety and protection systems   Sensors and detectors 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources