‘Stuxnet’ Trojan Attacks Siemen’s Industrial Automation Systems

According to security analysts, a fresh malware piece created for Windows has carried out corporate espionage after attacking computer systems, controlling industrial automation, via the SIMATIC SCADA technology of Siemens.

Siemens, a German company, has reported that the malware represents the Trojan virus called Stuxnet. This Trojan, which proliferates through infected USB thumb drives, exploits a security flaw in the Microsoft 'Windows' operating system, as reported by Managing Automation on July 19, 2010.

Eric Byres, an industrial security specialist, states that the assault exploits the flaw while utilizing the Siemens pre-set password for MSSQL account WinCCConnect for gaining access to the PCS7/WinCC data repository so that the attacker can extract HMI screens as well as process data, as reported by Managing Automation on July 19, 2010.

According to 'Randy Abrams' (a researcher at ESET), as the virus contaminates a Siemens computer, it starts to exchange messages with a PC server in the remote. The messages help to capture data on corporate proprietary or compromise the SCADA computers, as reported by Reuters Canada on July 19, 2010. ESET is a privately held security company and has done a study on Stuxnet.

Alexander Machowetz, Spokesman for Siemens, states that by simply viewing the USB device, the Trojan gets activated, as reported by Reuters Canada. Since Siemens became aware of the attack, it is advising that users avoid working with a USB device.

Moreover, the German company stated that on knowing about the Trojan attack, it instantly gathered an experts' team for assessing the situation. It also reassured that it was adopting the necessary precautions to notify clients about the virus' possible dangers, as reported by Managing Automation.

Scott Borg, Chief Economist and Director at the independent watchdog, states that the attack poses a threat to a large number of organizations, as reported by Managing Automation.

According to Borg, the attacker employs certain method which eliminates competitive advantage. This could be via planning to seize extremely precious data about the operations of plants, or the attacker could be employing the method for gaining admission into the control computer for fulfilling sinister purposes leading to influence or monetary extortion from manufacturers.

Related article: “Loopholes did not cause online banking thefts”: ICBC

» SPAMfighter News - 8/2/2010