The U.S. Department of Homeland Security on Thursday warned that Chinese-made software used by chemical, defense, and energy firms contains major security holes that hackers could exploit and use to harm critical systems.
With so many hacking incidents in the news right now, including events with Lockheed Martin and Sony, the Homeland Security advisory is particularly worrisome. If a hacker had a clear path to, say, a nuclear power plant’s systems, who knows what damage could be done?
Homeland Security warned specifically of vulnerabilities in software made by Beijing-based Sunway ForceControl. The company makes supervisory control and data acquisition (SCADA) software, which controls and monitors manufacturing plants and equipment used in all sorts of industries. The security holes, which were found by NSS Labs researcher Dillon Beresford, could allow hackers to issue denial-of-service attacks or remotely execute code on critical systems.
Upon learning about the security flaws, Homeland Security notified both Sunway and China’s National Vulnerability Database. Sunway said it has issued patches for both holes.
June 5th: The AI Audit in NYC
Join us next week in NYC to engage with top executive leaders, delving into strategies for auditing AI models to ensure fairness, optimal performance, and ethical compliance across diverse organizations. Secure your attendance for this exclusive invite-only event.
Sunway’s products are mostly used in China, but the report says the software is also used in parts of Europe, the Americas, Asia, and Africa. Industries that use SCADA software include “petroleum, petrochemical, defense, railways, coal, energy, pharmaceutical, telecommunications, water, manufacturing, and others,” according to the Homeland Security advisory.
How concerned are you about hacking incidents? Do you think companies need to be taking extra precautions with cybersecurity?
