Reminiscing Stuxnet Exploit: US Government
While referring to a research report by an audit firm, the US Government alarmed about certain defects that were noticed in two Iconics Scada systems namely Genesis32 and BizViz on May 11, 2011, as per the news published in V3 on May 13, 2011.
CERT while warning against the vulnerabilities of Genesis32 and BizViz products, manufactured by the Massachusetts-based Iconics Company, exclaimed that malware by these products allow attackers to remotely execute malicious code that run these SCADA. The malware can even gain supervisory control and acquire data, programs, and the Industrial Control Systems.
The definite impact to individual organizations is dependent on several factors that may vary from one organization to another. According to the recommendations by the ICS-CERT, every organization should estimate the impact of this vulnerability on the basis of their environment, architecture, and product implementation.
ICS-CERT has cautioned users at companies that are still running the compromised systems from opening any web links or unsolicited attachments in emails. IT managers operating in these facilities should also preserve explicit security and minimally expose network for all control system devices.
At the onset, it is necessary to site control system networks and remote devices that exists behind firewalls and segregate them from the business network, recommended, advisory ICS-CERT. Secure methods, such as virtual private networks should be used only on the requirement of remote access.
In another revelation of Scada systems, similar discoveries have been undertaken since Stuxnet worms were demonstrated and caused a dramatic effect on the industrial systems.
In case of any suspicious observation of malicious activity by an organization, internal procedures should be followed and the findings of the report should be provided to ICS-CERT for the purpose of tracking and maintenance of correlation against other incidents. ICS-CERT also prompted organizations to conduct proper impact analysis and risk assessment before adopting any defensive measures.
Related article: Ransomware Trojan Asks for $300 for Giving User Data Back
» SPAMfighter News - 23-05-2011