Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in you inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
  • Go

Stuxnet Worm Attacks Industrial Systems

As per Siemens, the largest electrical engineering and electronics companies, a sophisticated worm crafted to steal industrial secrets and interrupt operations has attacked nearly 14 plants.

The 14 infected locations were mainly processing plants. However, the good thing is that critical infrastructure was not affected.

The worm uses Siemens' hard-coded MS SQL database access credentials to gain control of the SCADA [Supervisory Control and Data Acquisition] system's data. According to the reports, the worm hasn't spread widely. The company spokesman Simon Wieland stated that it had affected several Siemens plants, as per the reports by Zdnet on September 16, 2010.

Wieland further said that they had found virus in the SCADA systems of 14 plants in operation. But the systems were running without any failure of process, production and any damage, as per the reports by Computerworld on September 14, 2010.

Symantec Security Response Supervisor Liam O'Murchu revealed that the software worked in two stages after infection, as per the reports by Computerworld on September 14, 2010.

Firstly, it sent configuration details about the Siemens system to a command-and-control-server. Then, the attacker picked up a target and reprogrammed the way it works. O'Murchu stated that they had planned modus operandi of PLCs and then sent code to the infected system that would change the working method of PLCs.

As per Symantec's analysis, Stuxnet can substitute or add individual blocks of PLC code. It reportedly includes around 70 (encrypted) blocks to implement new functions. The malware hides its PLC malfunctions. If a WinCC user access the code blocks, any blocks added by the worm would not be visible. Thus, Symantec has named the malware the first publicly known rootkit for industrial control systems.

In addition, the Stuxnet worm first came up in July 2010. Since then, it has been spreading on a large scale.

Aleks, a Kaspersky Lab Expert and one of the main researchers, informed that Stuxnet was made by the professionals who have a comprehensive knowledge of antivirus methods and their shortcomings, as per the reports by Internet Evolution on September 17, 2010.

Related article: Stuxnet malware Signed With JMicron Certificate

ยป SPAMfighter News - 01-10-2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next