DHS warns of security holes in Sunway softwares

The US Department of Homeland Security (DHS) has revealed that there are security holes in Sunway’s software applications which are in use in various critical institutions in China including weapons systems and chemical plants. The DHS added that the glitches could be exploited by hackers to bring down public infrastructure and cause destruction, according to a Reuters report.

Beijing-based Sunway ForceControl Technology develops SCADA (supervisory control and data acquisition) software for various industries, including defence, petrochemical, energy, water and manufacturing. DHS Industrial Control Systems Cyber Emergency Response Team said in its advisory that Sunway’s softwares are widely used in China, but are also in use in the US, Europe, Asia and Africa.

The DHS said that the softwares were vulnerable to DDoS attacks as well as attack through remote access as was the case with the Stuxnet worm attack of systems running Iran’s nuclear centrifuges.

The vulnerabilities were discovered by security company NSS Labs.

NSS Labs researcher Dillon Beresford said, "These are vulnerabilities that hackers could leverage to cause destruction."

Sunway has not commented on the matter so far.

Sign up for our regular news round-up!

Give your business an edge with our leading Tech Monitor

Sign up