Are industrial computers systems vulnerable to attack?

It's well known that ordinary personal and business computer systems are vulnerable to hacking, but computers used to managing industrial machinery could also be at risk. Software was published just this month by security researcher Kevin Finisterre that could potentially give hackers a back door into utility companies, water plants and even oil and gas refineries, according to CIO.com.

Finisterre said he published the software to raise awareness of the flaws in these systems and because he believes these issues are often downplayed by software vendors. "These vendors are not being held responsible for the software that they're producing," said Finisterre, who is head of research with security testing firm Netragard. "They're telling their customers that there is no problem, meanwhile this software is running critical infrastructure."

Finisterre released his attack code as a software module for Metasploit, a widely-used hacking tool. The code exploits a flaw in Citect's CitectSCADA software that was originally discovered by Core Security Technologies and made public in June. Citect quickly released a patch, and the software vendor has said that the issue poses a risk only to companies that connect their systems directly to the Internet without firewall protection.

For more on vulnerable computer systems:
- check out this CIO.com article