Students Found SCADA Vulnerabilities at PHDays

  • May 28, 2013

    Mikhail Elizarov, a first year student of the North-Caucasus Federal University (Nevinnomyssk, Stavropol Territory), and Arseny Levshin, a student from Minsk, won the contest related to SCADA security assessment, which took place as part of the international forum Positive Hack Days III.

    SCADA is used to control important objects in such sectors as energy, transportation, etc. For instance, such systems are employed in nuclear power plants and electric trains. Any SCADA failure can lead to a disaster and extensive damage, however, the developers of such systems still pay little attention to their software security. This was proved by the contest results.

    The Choo Choo Pwn participants needed to detect and exploit the vulnerabilities of industrial equipment used to control and automate technological processes. The contest was aimed at accessing the control system of a railroad and cargo re-loading model and at bringing down a video surveillance system as part of an extra task.

    Alexander Timorin, Ilya Karpov, Gleb Gritsay, and Dmitry Efanov, the information security experts at Positive Technologies, were engaged in development of the railroad model and SCADA.

    Mikhail Elizarov told us about the competition, "At first, we tried to obtain control over the re-loading system, which was running on Modbus. We managed to detect a system, which emulated this protocol. It allowed us to find out control bits and render them to the system gaining control over the crane. We could hardly detect all the vulnerabilities of the provided protocols — we were short of time."

    According to Mikhail, SCADA contains a lot of vulnerabilities because developers expect these systems to have no direct connection to the Internet, and thus do not pay due attention to security.

    "Franky speaking, I've just cut my teeth on industrial protocols. The contest provided quite a serious emulation of SCADA, so it was very interesting to participate in the security assessment competition", said Arseny Levshin.

    "When Stuxnet and direct ICS attacks appeared, the security of industrial systems became a top issue in publications, conferences, and researches. On the other hand, this area is Terra Incognita, which requires significant investments. Such contests allow demonstrating how low the current security level of critical infrastructure components is", resumed Sergey Gordeychik, the CTO at Positive Technologies.

    It is worth noting that Mikhail Elizarov also won the contest, which was held as part of the forum.

    The winners received gifts from Positive Technologies, the PHDays organizer, and from the event sponsors. 

Back to the list