Siemens 'flaw' claim sparks US power plant security probe

The US government is investigating claims that a flaw in Siemens' networking equipment could enable hackers to attack power plants and other critical systems.

A security expert said that he had found a backdoor in hardware from a Siemens subsidiary, RuggedCom.

The equipment is widely used by power companies.

The Department of Homeland Security said it was in contact with the firm to assess the claim.

The alleged flaw was made public by security researcher Justin W Clarke at a conference in Los Angeles.

He told delegates that the firm used a single software "key" to decode traffic that it encrypted across its network, and that he had found a way to extract the key.

"If you can get to the inside, there is almost no authentication, there are almost no checks and balances to stop you," Mr Clarke said.

He added that if hackers could spy on the communications of infrastructure operators, they might be able to gain credentials to access systems used to operate power stations and other infrastructure.

In an alert, Homeland Security's Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) said it was aware of his findings.

"According to this report, the vulnerability can be used to decrypt SSL traffic between an end-user and a RuggedCom network device," read the advisory.

It said that it had "notified the affected vendor of the report" and had asked it "to confirm the vulnerability and identify mitigations".

The BBC contacted RuggedCom but the firm declined to give any more information.

Mr Clarke researched the issues in his spare time, purchasing RuggedCom equipment via eBay.

It is the second time that Mr Clarke has reported a bug in products from the firm. In May the company released an update to its software to address his earlier finding.

Although there have been no publicly reported cases of damage caused by cyber-attacks on US critical infrastructure, the issue is a growing problem.

Earlier this year the country's National Security Agency reported that there had been a 17-fold rise in the number of attempted attacks between 2009 and 2011.

ICS-CERT has also reported that 90 vulnerabilities have been identified this year, up from 60 in 2011.

Countries around the world have been alerted to the threat after revelations that the Stuxnet virus had targeted a uranium enrichment facility in Iran.

Earlier this month security firms reported another type of malware - dubbed Shamoon - had struck "at least one organisation" in the energy sector.