Energy Industry Giant ‘Telvent’ Verifies Misuse of Files Regarding to its Control Software
Computerworld.com on September 26, 2012 reported that Telvent, a Canadian energy firm whose system are used to manage almost half of the North America and Latin America oil and gas pipelines claimed that someone crept past its internal firewall, installing malevolent software and pilfering file associated with control software it makes that's used to control the electric grid in several countries.
Last week, the Company bewared the customers that it came to know of the violation of its network on September 10, 2012. Project files linked with the firm OASyS SCADA (supervisory control and data acquisition) software were robbed, the firm says.
The malicious software has disabled all data links between customers and affected portion of its networks as a prevention move.
The company has executed new methods for giving remote support to clients during it works on ridding its network and systems of all malware.
The company summarizes the ongoing efforts to predict the scope and duration of the breach during a series of written communications to clients. In those communications, Telvent said it was functioning with law enforcement and a task force of representative from its parent firm, Schneider electric," as published by krebsonsecurity on September 26, 2012.
A Chinese hacker group, known as Comment Group is associated with the malware used in the attack.
Dale Peterson, CEO of industrial control system (ICS) security firm, Digital Bond disclosed that his website was recently attacked even. "This will be the similar people that drive spear phishing email to Digital Bond and EnergySec, if this Comment Group is same as comment crew," he said, as published by cnet.com on September 26, 2012.
The hackers could insert malware in project files to taint the machine of programs developers or other chief people associated in a project, concern showed by the breach. On of the method that stuxnet unfold the worm that was intended to hit Iran's uranium enrichment program- was to contaminate project files in an industrial control system utilized by Siemens with the objective of inflowing the malware in the computers of developers.
Related article: Emergence of Web 2.0 Increasing Security Concerns
» SPAMfighter News - 04-10-2012