A sophisticated worm designed to steal industrial secrets and disrupt operations has infected at least 14 plants, according to Siemens.
Called Stuxnet, the worm was discovered in July when researchers at VirusBlokAda found it on computers in Iran. It is one of the most sophisticated and unusual pieces of malicious software ever created the worm leveraged a previously unknown Windows vulnerability (now patched) that allowed it to spread from computer to
computer, typically via USB sticks.
The worm, designed to attack Siemens industrial control systems, has not spread widely. However, it has affected a number of Siemens plants, according to company spokesman Simon Wieland. “We detected the virus in the SCADA [supervisory control and data acquisition] systems of 14 plants in operation but without any malfunction of
process and production and without any damage,” he said in an e-mail message.
This is worrisome news because according to a new paper on the worm, set to be delivered at this month’s Virus Bulletin conference in Vancouver, Stuxnet could be used to cause a significant amount of damage if it is not properly removed.
Researchers at Symantec have cracked Stuxnet’s cryptographic system, and they say it is the first worm built not only to spy on industrial systems, but also to reprogram them.
Once installed on a PC, Stuxnet uses Siemens’ default passwords to seek out and try to gain access to systems that run the WinCC and PCS 7 programs — so-called PLC (programmable
Subscribers 0
Fans 0
Followers 0
Followers