Security Experts:

Connect with us

Hi, what are you looking for?


Black Hat

Black Hat Researchers Remotely Hack Into SCADA Systems on Oil Rigs

SCADA systems used on oil rigs and other areas of the oil industry are using outdated networking protocols that can easily be compromised, SCADA experts told attendees at the Black Hat security conference.

SCADA systems used on oil rigs and other areas of the oil industry are using outdated networking protocols that can easily be compromised, SCADA experts told attendees at the Black Hat security conference.

Attackers can cause an oil tank to nearly overflow by sending spoofed commands to the programmable logic controller, Brian Meixell and Ercik Forner, researchers from Cimation, told attendees on Thursday. In a live demonstration, Meixell and Forner sent commands to a simulated model of an oil well and a pump to switch to “high” and spill the oil. The team also sent fake data using several Python scripts, making the system think the pump was empty when it was actually close to overflowing.

Hacking Oil Rigs“So you can have the operator seeing something entirely different than what’s happening in the process, causing the pipe to burst and the tank to overflow,” Forner told attendees. “The operator would see the tank levels decreasing, when in fact they were increasing.”

The duo also hacked the remote terminal unit’s HMI and cause a game of Solitaire to appear on the screen at the conclusion of the talk.

Unlike previously disclosed issues in SCADA systems, Forner and Meixell didn’t exploit any specific security flaws of vulnerabilities in the systems for their attack. This hack relies entirely on the fact that there is no security built-in to the serial Modbus/TCP networking protocol. Dating back to the 1970s, Modbus operates on port 502, and has “no authentication or security at all desgigned into it,” Forner said.

The SCADA system is sending packets over the network without any kind of authentication and using scripts to send remote commands to the PLC devices. The researchers were able to disable logic designed to detect the status of the pump and make it work opposite to what it was supposed to do.

Forner and Meixell are familiar with the issues in these systems, as they support and install SCADA systems in oil rigs. “We only had a 24-volt pump in the demo, but this could cause a complete environmental catastrophe” if used against a real oil-drilling operation, Forner said.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

Black Hat

Black Hat 2019 recently wrapped in Las Vegas, where somewhere between 15,000 and 20,000 experts descended to experience the latest developments in the world...


Cybersecurity firm Forescout shows how various ICS vulnerabilities can be chained for an exploit that allows hackers to cause damage to a bridge.


Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.


More than 1,300 ICS vulnerabilities were discovered in 2022, including nearly 1,000 that have a high or critical severity rating.

Cybersecurity Funding

Internet of Things (IoT) and Industrial IoT security provider Shield-IoT this week announced that it has closed a $7.4 million Series A funding round,...


Siemens and Schneider Electric address nearly 100 vulnerabilities across several of their products with their February 2023 Patch Tuesday advisories.