The U.S. Department of Homeland Security (DHS) has issued a warning after a security researcher discovered software from a Chinese company contained bugs which hackers could exploit to launch attacks on critical infrastructure including utilities, Reuters reported.
The newswire wrote Friday that the DHS' Industrial Control Systems Cyber Emergency Response Team cautioned organizations against products from Beijing-based Sunway ForceControl Technology, which are said to be widely used in China to run infrastructure systems and to a lesser extent in other countries including the United States.
The vulnerabilities were discovered by Dillon Beresford, a researcher with private security firm NSS Labs, who told Reuters that hackers could leverage the flaws to "cause destruction". Beresford acknowledged that Sunway had come up with software patches to plug the holes but pointed out that it could take customers months to install the patches, which would present hackers a "window of time in which to exploit those vulnerabilities".
For more on this story, read US warns China software risk to public infrastructure on ZDNet Asia.