Siemens SCADA is targeted With a New Worm
By Gina on July 20, 2010 | Phishing, Siemensa SCADA, worm, malware, password, phishing, attack, target, spy rootkit
Recently discovered an attack of the new spy rootkit – Stuxnet - made Siemens to warn their customers about new threats and advised does not change their passwords after the attack.
It seems like changing the password could disrupt the Siemens system, potentially throwing large-scale industrial systems that it manages into chaos. Siemens Industry spokesman Michael Krampe said: „We will be publishing customer guidance shortly, but it won't include advice to change default settings as that could impact plant operations“.
He also added that the company plans to release a web page that will provide information about the first-ever malicious code to target the company's SCADA (supervisory control and data acquisition) products.
The worm spreads via USB sticks, CDs and etc. This spy rootkit takes an advantage of vulnerabilities that are left in Microsoft's Windows operating system. When it finds the Siemens WinCC software on the computer it goes away silently only making a copy of itself. Worm seeks to get information.
Gerry Egan, a director with Symantec Security Response, commented: „If Stuxnet does discover a Siemens SCADA system, it immediately uses the default password to start looking for project files, which it then tries to copy to an external website“.
Eric Byres, chief technology officer with SCADA security consulting firm Byres Security, says that changing the WinCC password would prevent critical components of the system from interacting with the WinCC system that manages them.
Siemens' Krampe commented: „Siemens has started to develop a solution, which can identify and systematically remove the malware“, but it is still unknown when it will be available.
More Phishing news
Free iPhone 5 on Tumblr? Avoid the scam!
Tumblr blogs are blazing with iPhone 5 presentations and giveaways; unfortunately, the news is far from being genuine. "Get the all new iPhone 5" and similar posts are fraudulent and they are only meant to trick people into filling online surveys. Those usually collect personal information which can be sold later.The iPhone5 Tumblr frauds may look quite legitimate as they present most of the posts as written by Tumbrl staff. Read more.- Newest Facebook scam - Russel Brand and Kate Perry leaked tape
- Scammers utilize the closing of Megaupload
- Facebook users attacked once again
- Scammers utilize Facebook's Timeline to their benefit
- New year for Facebook - a Ramnit worm
- New year but the same security problems: Facebook's clickjacking scam spotted
- Be careful as holidays are very profitable season for scammers
- iPhone 4S holiday scam
- iPad scam on Lady Gaga Facebook fan page
- Tumblr accounts harvester spotted
