• United States



DHS investigates reported vulnerabilities in Siemens RuggedCom Tech

Aug 22, 20122 mins
Critical InfrastructureNetwork Security

DHS is taking the findings of researcher Justin W. Clarke seriously, investigating his claim that Siemens RuggedCom products could be exploited to attack critical infrastructure.

hacking critical infrastructure security
Credit: Thinkstock

Researcher Justin W. Clarke says he has discovered a way to spy on traffic moving through networking gear from Siemens’ RuggedCom division. Since the technology is used in a lot of critical infrastructure, DHS is taking notice.

The agency is investigating his claims, and  its ICS-CERT division released a bulletin, saying, in part:

ICS-CERT is aware of a public report of hard-coded RSA SSL private key within RuggedCom’s Rugged Operating System (ROS). The vulnerability with proof-of-concept (PoC) exploit code was publicly presented by security researcher Justin W. Clarke of Cylance Inc.

According to this report, the vulnerability can be used to decrypt SSL traffic between an end user and a RuggedCom network device. ICS-CERT notified the affected vendor of the report and asked the vendor to confirm the vulnerability and identify mitigations.

ICS-CERT is issuing this alert to provide early notice of the report and identify baseline mitigations for reducing risks to these and other cybersecurity attacks.

Clarke told the Reuters news agency the discovery of the flaw is disturbing because hackers who can spy on communications of infrastructure operators could gain credentials to access computer systems that control power plants and other critical systems.

“If you can get to the inside, there is almost no authentication, there are almost no checks and balances to stop you,” Clarke said.

This is the second time in three months that Clarke has found trouble in RuggedCom products. In May, RuggedCom released an update to its Rugged Operating System software after Clarke found a back door account hackers could use to hijack systems.