Posted on 09/24/2010 6:35:14 AM PDT by SmartInsight
A piece of highly sophisticated malicious software that has infected an unknown number of power plants, pipelines and factories over the past year is the first program designed to cause serious damage in the physical world, security experts are warning.
The Stuxnet computer worm spreads through previously unknown holes in Microsoft’s Windows operating system and then looks for a type of software made by Siemens and used to control industrial components, including valves and brakes.
“It is not speculation that this is the first directed cyber weaponâ€, or one aimed at a specific real-world process, said Joe Weiss, a US expert who has testified to Congress on technological security threats to the electric grid and other physical operations. “The only speculation is what it is being used against, and by whom.â€
They suggest that it is most likely associated with a national government and that terrorism, ideological motivation or even extortion cannot be ruled out.
(Excerpt) Read more at ft.com ...
It is infecting Siemens Step 7 PLC programming? That’s the only thing that I know of that they use in industrial operations.
And the silly people in days of old did things manually,ain’t technology grand.
Of course not. Someone else is doing it to us. Either a hostile foreign government or a hacker.
The first question I always ask myself when I see something like this is: “Why was it necessary to have this system connected to the web?”
If the answer is “Convenience” well, I can think of a lot of people who are going to be inconvenienced if the system goes down because of improper security.
From reading the article, I don’t see any reason for these systems to be this vulnerable.
This is not a Windows issue.
This is poorly implemented security, at best.
They can infect systems without them being connected to the Internet. I think I read somewhere that some new, in-the-box thumbdrives and harddrives that were being sold in stores were infected. Connect it to a network and you are done.
Also, this article said that this particular worm can stay dormant, so you might not even know it’s there, until the time for when it’s programmed to do its damage.
They can infect systems without them being connected to the Internet. I think I read somewhere that some new, in-the-box thumbdrives and harddrives that were being sold in stores were infected. Connect it to a network and you are done.
Also, this article said that this particular worm can stay dormant, so you might not even know it’s there, until the time for when it’s programmed to do its damage.
If it had to happen, it makes me kind of giggle that it is happening to the Siemens S7....WORST PLC EVER!!!!!
So I guess the $64,000 question is one of who has developed software to check for and purge the worm from individual systems, and where can that be obtained?
But that was at least 10 years ago.
Of course a lot of upgrades are not really necessary if the existing system is doing the job you need.
How long until it's a snot nosed teenager ushering in the dark ages?
Thumbdrives are probably the biggest phyical security hazard today.
If I was in charge ,the computers at my workplace would have all those ports shut off,maybe phyically blocked as well.Employees routinely bring in thumbrives full of music and vacation pictures to show others or play while working.From a security standpoint,any company that allows this is foolish.
Unfortuneately some expensive software uses "secure" thumbdrives as license keys;that makes disconnecting the port a problem.
In reading the article, there as talk about unknown browsers scanning these systems.
This indicates, at least to me, a very real problem with network security and internet security. Sensitive systems should not be on the internet. If it’s absolutely necessary for remote access, then someone should have to physically enable access. And, as soon as the remote work is done, access is removed.
With thumb drives, it’s possible to deny ordinary users the rights to run executables. I believe Sandisk is notorious for having some sort of stupid executable that runs when you insert the thumb drive. That’s the kind of thing you can’t allow in the interests of security.
I have met Joe a number of times as well, and he gets plenty of press.
From what I understand, the Suxnet is not coming over the web, but from infected USB memory sticks.
People give these things away like candy, pass them around all over the place, and you really have no idea what may be on them.
Be careful with them and never use one in an important device.
Agree with that...but first time I’ve seen him mentioned on FR!
Rename the main Siemens files so the bad program won’t know that is the program running.
Won’t then recognize the program it was supposed to attack.
“How long until it’s a snot nosed teenager ushering in the dark ages?”
“To destroy a dam physically would require “tons of explosives,” Assistant Attorney General Michael Chertoff said a year ago. To breach it from cyberspace is not out of the question. In 1998, a 12-year-old hacker, exploring on a lark, broke into the computer system that runs Arizona’s Roosevelt Dam. He did not know or care, but federal authorities said he had complete command of the SCADA system controlling the dam’s massive floodgates.
Roosevelt Dam holds back as much as 1.5 million acre-feet of water, or 489 trillion gallons. That volume could theoretically cover the city of Phoenix, down river, to a height of five feet. In practice, that could not happen. Before the water reached the Arizona capital, the rampant Salt River would spend most of itself in a flood plain encompassing the cities of Mesa and Tempe — with a combined population of nearly a million. “
http://www.washingtonpost.com/wp-dyn/content/article/2006/06/12/AR2006061200711_pf.html
Used to love Sandisk but now won’t buy anything that has their name on it over that issue. As if loading software on storage that you bought wasn’t cheeky enough, they made it look like a CD so it was read-only when you plugged it in! Not only do they know better than you what’s good for you, you’re not even allowed to use your man hours to correct their mistake! On flash memory you’ve paid for!
Now, they DID post a utility on their website to “fix” the drives, but forgive me if I’m not all aflutter that the fix to unsolicited executable code is...more unsolicited executable code. Sounds like the kind of company you’d get if you left Democrats in charge.
I'll bet most Qaeda cyber-terrorists were trained in American Universities... or maybe all....
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.