The Inquirer-Home
Hardware

Virus can take over power stations

Truth matches fiction
By Nick Farrell
Wed Jul 21 2010, 10:18

IT HAS BEEN a staple of computer related spy fiction that a computer virus can take over a power station and hold a region to ransom.

Now it seems that hackers have actually written a computer virus that attacks Siemens AG's widely used industrial control systems.

And the malware, a Trojan dubbed Stuxnet, is evolving according to Sophos with a new version the insecurity company is imaginatively calling Stuxnet-B. Both versions use infected USB thumb drives to get about.

They exploit a yet-to-be-patched vulnerability in Windows that Sophos calls UPLINK. Once loaded it snuffles about looking for Siemen's Supervisory Control and Data Acquisition, or SCADA, systems.

Siemens spokesman Alexander Machowetz told Industry Week that Siemens recommends avoiding the use of a USB stick in buildings where its SCADA system is used.

Once the worm infects a Siemens SCADA system, it tries to set up communications with a remote server computer. This might then steal proprietary corporate data or potentially could take control of the SCADA system.

We are not sure how the Trojan can connect to a command and control server as SCADA systems are typically not connected to the Internet. The reason the malware is loaded onto a USB drive is that some such systems do have USB ports, however.

Infection is rare. Siemens said it has so far only identified one customer in Germany whose SCADA systems were infected by the virus. µ

Share this:

< Previous article| Next article >
Comments
Are they actually that stupid?

HELLO!!! Ignorant IT people. It's really quite simple...

If you have a system or network that either contains information you don't want leaked out,
OR (As in this case)
The system/network that controls a critical operation.

YOU DON'T CONNECT THE FLIPPIN' THING TO THE INTERNET!
There are other methods for systems to interact should they need to. Like Encrypted land line? Radio? WAN using the flipping power lines for data transmission? HELLO!!! WAKE UP!!!

I don't care what OS it's running. None of them are bullet proof.

posted by : LoCatus, 10 February 2011 Complain about this comment
Hate to be on a hacked plane

*Flight attendant walks into the seating area*

"Excuse me everyone, is there anyone present who has computer hacking or security skills?"

(Scene taken from a rejected Die Hard 2 script)

posted by : Wombat2, 22 July 2010 Complain about this comment
@Bigger

Now that is scary!
"Really, would you get on an airplane knowing its flight control system runs under Windows?"

MAC would be you can't turn left if you hold the steering wheel with your hands at 10 and 2.

posted by : Vinster, 21 July 2010 Complain about this comment
I try not to think about vital systems with Windows.

Really, would you get on an airplane knowing its flight control system runs under Windows?

posted by : bigger_luddite, 21 July 2010 Complain about this comment
aboutus
Advertisement
Subscribe to INQ newsletters
Click here to sign up Existing user
INQ White papers

Databases

Network management

Security

Service oriented architecture

Storage
Advertisement
INQ Jobs
INQ Poll

Authorities in several countries raided Megaupload recently, shut down all of its services, seized hundreds of servers and arrested several of its executives on criminal charges.

Do you think the move was justified?

View other polls
Follow us:
Business & Technology websites:
Business research resources:
Products:
Investment Market IT websites:
Find out what you are worth:
Search for a job:
Recruitment Agency A-Z Directory
Accreditations: