Skip to comments.As Stuxnet Anniversary Approaches, New SCADA Attack Is Discovered
Posted on 06/27/2014 11:56:26 AM PDT by Citizen Zed
Nearly four years since Stuxnet broke onto the scene, F-Secure has discovered another series of attacks against industrial control systems -- this time aiming at mostly European organizations. The attackers' ultimate motives are unclear. Researchers suspect they are simply gathering intelligence in preparation for a more serious attack.
The attackers are infecting SCADA and ICS systems with the HAVEX remote access tool (mostly used for information gathering), using a unique infection vector.
Once HAVEX is installed, it calls back to its command-and-control servers -- which are mostly unrelated third-party websites and blogs that the attackers have compromised -- and receives instructions to download and execute further components.
(Excerpt) Read more at darkreading.com ...
My toaster oven sunk your battleship!
Most public utility resellers, and co-ops use SCADA systems... hrmmm
And STUXNET found many, if not most are not used in a layered security environment, while being set to the default login (which is nothing). I read some security white papers that detailed the findings from the guy who created and launched STUXNET as a curiosity / hobby. Scary stuff!
yah, screwing with OPC...who’d have ever seen THAT coming? /s