Introduction: This is known as the list of the SCADAPaas encompasses more than 100 models of products, ranging from the controller to the web server, and related manufacturers involved Allen Bradley, Schneider Electric, Siemens and other industry giants.

From Russia ICS/SCADA researchers has online released a high popularity industrial system list -- but it does not honor roll the finalists used the default password has been successfully unpacked.ICS/SCADA aspects hope can take to remind each supplier - - which include some members of the ICS/SCADA -- adjust their security practices.

This is known as the SCADAPaas list contains more than 100 products, ranging from the controller to the Web server, and related manufacturers to Alan - Bradley, Schneider electric and SIEMENS and other industry giants. Researchers from the products successfully to collect default passwords, such as "admin.admin", "password", "root" and "Administrator" and so on. But what is more worrying is that these passwords from a variety of sources, some have even been on the network open password list and vendor documentation mentioned. In the view of researchers, this is just the default authentication password contains many ICS/SCADA products "the tip of the iceberg."

So-called default password, also is in the factory pre installed in the product passwords. Obviously, clients (such as functional departments) or the installation of officers have a responsibility after to get the product to set a new, higher strength of the password, as it administrators need to manage the network equipment or other hardware password the same. But the researchers stressed that such treatment in ICS/SCADA has not been good to follow.

"Our goal is to change suppliers established ideas, tell them in industrial systems use simple / default password and do not take appropriate safety control mechanism practice special undesirable -- specifically, they need to adjust the first time login and password set to the level of complexity. Focus in the IT industry, suppliers of products" was delivered to the hands of the user, often for the change of the default password to proceed with the installation. But the same situation in the field of industrial control system has a different direction, white hat hackers SCADA odd love team members Sergey Gordeychik explained -- its participation and released the list of SCADAPass.

"Operators are more likely to 'if everything is working properly, then don't touch it' principle. Sometimes they even do not have access to specific information and control functions of the various types of equipment," he said. Using simple passwords -- or simply does not set a password -- in conjunction with local access and physical protection system, such as HMI or MES panel, but is not a big problem. But he stressed said, if the users and network or wireless access the same way of test and verify, can cause -- a huge problem.

He also pointed out that he and his team did not publish a list of the length of the hard encoding password found in the course of the study, specifically, hard encoding password can not be changed for the user.

Of course, the greatest danger or in root of industrial router, PLC or other ICS/SCADA equipment for remote access, it will basically declared the collapse of our operating system. Specific terms, once the invasion is successful, the attacker will understand that the entire industrial processes -- such as water treatment, and like to take this opportunity to launch devastating attacks, he explained.

And find out ICS/SCADA system default login credentials is not difficult, ICS/SCADA consulting enterprise digital bond company CEO Dale Peterson points out. "We over the years has been in the finishing a detailed list of their internal, and continue to to add newly discovered the problem," he said.

According to his statement, announced SCADAPass benefits that help ICS/SCADA operators you are using the password mark. But the resulting consequences is the passwords also may be used by other password finder tool, he noted.

Peterson also said that his company sometimes from customer network to find the default certificate. "Related to it security staff did not realize that they need to test these credentials," so SCADAPass to them undoubtedly is a very useful tool, he adds.

Via an overly long password intrusion

At the same time, some special password can be used for intrusion ICS/SCADA equipment: CyberX researchers found that Schneider electric product part of Modicon m340 PLC product models have a zero day vulnerabilities, and such equipment in a nuclear reactor, water purification and sewage and facilities and traffic management system are useful to.

Such products in the presence of a buffer overflow vulnerabilities found CyberX malicious people can achieve exploit through to the target PLC network interface input 90 to 100 characters length random password. This kind of operation will enable the device collapse, thereby allowing the attacker to remote code execution. Schneider has repaired the part affected type number, but there are still some equipment to wait until January 16 to usher in a suitable patches.

CyberX company CTO NIR giller pointed out that this kind of hacker behavior very ironic, as is the use of products which are built-in validation mechanisms. "This is our first found the password field buffer overflow can be effectively utilized," he stressed that.

For example, the implementation of this type of malicious attackers can be directed against a set of main industrial controller, thereby closing the main PLC and disable the operation of the network, giller pointed out. This kind of attack may also has been further upgraded, and giller himself will be in next week, held in Miami, S4 ICS/SCADA conference presentation specific attack process.

Schneider Inc currently does not respond to the request for this statement in response to the media questions.

Digital bond, Peterson said that ICS/SCADA facilities operating personnel should be more focus on the control system for remote access. "At present, we are facing the biggest risk is to allow many remote access control system -- including employees, suppliers and consultants and so on," Peterson said. This amounts in opening the door to security risks, especially by clever spear phishing attacks to steal the user's authentication credentials, he explained.

As the most ICS/SCADA facilities still in to a very cautious of repair system -- after all, they are still in to normal running time as the main appeal, so that risk management and risk reduction mechanism of introducing can effectively help these facilities from intrusion of hackers who, you security experts warned.