外国黑客公布中国SCADA攻击代码,病毒工厂蠕虫stuxnet或将现身中国

外国黑客把漏洞挖掘的对象转移到SCADA系统上了，发现漏洞后报给了中国人民，但是他说中国人民没搭理他。传统行业哪有这种觉悟啊，想找个报漏洞的地方都没的，估计老外是报给了webmaster@willintech.com或者webmaster@kingview.com 刚才看了下他们网站，乖乖，用户真不少。

不知道Stuxnet在中国会有什么表现，这是对传统行业信息安全应急响应能力及速度的考验，咱买的MCAFEE、趋势、SYMANTEC或者某IPS的服务会及时告诉我们这个风险吗？会告诉我们这个风险吗？如果他们没告诉我们这个风险，出了事谁背锅？

顺便科普一下SCADA系统

SCADA(Supervisory Control And Data Acquisition)系统，即数据采集与监视控制系统。SCADA系统是以计算机为基础的DCS与电力自动化监控系统；它应用领域很广，可以应用于电力、冶金、石油、化工等领域的数据采集与监视控制以及过程控制等诸多领域。

在电力系统中，SCADA系统应用最为广泛，技术发展也最为成熟。它在远动系统中占重要地位,可以对现场的运行设备进行监视和控制，以实现数据采集、设备控制、测量、参数调节以及各类信号报警等各项功能,即我们所知的＂四遥＂功能.RTU(远程终端单元),FTU(馈线终端单元)是它的重要组成部分．在现今的变电站综合自动化建设中起了相当重要的作用．

具体的历史也结构详见 http://baike.baidu.com/view/592871.htm

转载开始

Faced with no response from the vendor for months, a security researcher published exploit code for a critical vulnerability in a widespread Chinese SCADA software package.

The affected software is called KingView and is developed by Beijing WellinControl Technology Development Co., Ltd., commonly referred to as WellinTech.

According to Dillon Beresford, a security researcher at NSS Labs, the latest stable version of the software (6.53) distributed from the vendor’s site, contains a heap overflow vulnerability that can be exploited to execute arbitrary code.

The researcher claims he attempted to make contact via email with WellinTech, as well as with CN-CERT, China’s National Computer Emergency Response Team, on September 28, 2010, but received no reply.

“While I found it extremely disappointing that Wellintech never responded to my disclosure, I was far more bothered with the fact that CN-CERT never responded. What are they doing over there?” the researcher writes.

Supervisory control and data acquisition (SCADA) systems are involved in the operation of critical equipment at industrial facilities, factories, power plants, oil and gas refineries and so on.

Therefore, a critical vulnerability in one of the most popular SCADA software packages in China should be treated very seriously.

Even more so since many Chinese industrial installations were hit hard by the notorious Stuxnet industrial espionage worm that also targets SCADA systems.

Faced with not response, the researcher tried to co-ordinate the disclosure through US-CERT, but they didn’t manage to reach their Chinese counterparts or the vendor either.

“Moreover, after waiting several months to see if Wellintech would quietly issue a patch to fix the security vulnerability they didn’t. I made a decision to develop a working exploit with code execution to prove that this wasn’t just another software bug’,” Beresford notes.

The exploit code was released as a module for the Metasploit penetration testing framework and in stand-alone form on exploit-db. The researcher hopes that following the disclosure, the vendor will be alerted through other channels and will address the flaw quickly.