The software power plants use to automate their operations contains a vulnerability hackers could exploit to crash the system, reports New Scientist.
Core Security in Boston, Massachusetts, has discovered a serious vulnerability in a software package called Suitelink that is widely used to automate the operation of power stations, oil refineries and production lines. This could allow attackers to crash Suitelink by sending an outsize data packet to a certain port on the computer running the program. Suitelink's maker, Wonderware, has since issued a software patch to plug the security gap.
As Cnet.com's News Blog explains, the problem won't be solved until power plants that run Suitelink update their software.
New Scientist notes that Core Security Technologies found the vulnerability early on during its security tests, which means more vulnerabilities may exist in the software.