Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Siemens' malware could disrupt whole power grids globally

Add to del.icio.us     Digg this story Digg this

July 23, 2010

Click here to order the best dedicated server and at a great price.

Late yesterday, Siemens said it has concocted a program it is making available for detecting and disinfecting malware and viruses attacking its complex power-grid management software.

Siemens' software also controls critical oil & gas refineries and manufacturing plants. The German enginerring firm warns that customers who use the infected software could have the devastating effect of disrupting whole power grids in the U.S., Canada, South America, Europe and Asia.

Siemens began distributing SysClean, a malware and virus scanner made by Trend Micro. It has been updated to remove StuxNet, a worm that spreads by exploiting two separate security flaws in Siemens's SCADA (supervisory control and data acquisition) software and every supported version of Microsoft Windows.

“As each plant is individually configured in a very unique method, we cannot rule out the possibility that removing the malware may affect your plant in any way," the Siemens advisory said.

The company also advised customers to keep the scanner updated at all times because “there are already some new derivative versions of the original virus around, and we are trying our best to mitigate these and other security issues.”

Recently, Siemens has come under blistering criticism for not removing the security vulnerability two years ago, when, according to Wired.com, the default password threat first came to light.

So far, StuxNet has infected the engineering environment of at least one unidentified Siemens customer, and has since been eliminated, Siemens said.

The company added that there are no known infections of production plants to this day, but warns that there's always the possibility that some could be discovered in the near future.

The worm spreads whenever a system running Siemens's SCADA software is attached to an infected USB stick. The attacks use a recently documented vulnerability in the Windows shortcut feature to take control of customer's personal computers in the workplace. Once there, the worm takes advantage of default passwords in WinCC, the security-prone, problematic SCADA software provided by Siemens.

Late yesterday, Siemens said it has updated WinCC to fix the security vulnerability. For its part, Microsoft has issued a stop-gap fix but hasn't said yet if and when it plans to patch the the Windows security flaw.

Chris Wysopal, CTO of application security tools firm Veracode says “Siemens has put their own customers at risk with this egregious vulnerability in their software. Worse, is all the many customers from around the world who purchased the software not knowing of any of its many security risks."

"Software customers that are operating SCADA systems on critical infrastructure such as power grids, oil and gas refineries or their factories with the WinCC software had a duty to their customers to not purchase this troublesome software without proper security testing. It is obvious now that no security tests were ever performed on SCADA before putting it in place in the field-- not by Siemens itself and not by the customer. This is totally unacceptable,” added Wysopal.

Add to del.icio.us     Digg this story Digg this

Source: Siemens.

Save Internet Security.ca's URL to the list of your favorite web sites in your Web browser by clicking here.


You can link to the Internet Security web site as much as you like.


| Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact |
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer



Install your server in Sun Hosting's modern colocation center in Montreal. Get all the details by clicking here.


Get your Linux or Windows dedicated server today.