Slashdot Mirror

← Back to Stories (view on slashdot.org)

Stuxnet Worm Infected Industrial Control Systems

Posted by Soulskill on from the going-for-the-gusto dept.

Sooner Boomer writes "ComputerWorld has an article about the Stuxnet worm, which was apparently designed to steal industrial secrets and disrupt operations at industrial plants, according to Siemens. 'Stuxnet has infected systems in the UK, North America and Korea, however the largest number of infections, by far, have been in Iran. Once installed on a PC, Stuxnet uses Siemens' default passwords to seek out and try to gain access to systems that run the WinCC and PCS 7 programs — so-called PLC (programmable logic controller) programs that are used to manage large-scale industrial systems on factory floors and in military installations and chemical and power plants.' If the worm were to be used to disrupt systems at any of those locations, the results could be devastating."

4 of 167 comments (clear)

  1. deserved by Anonymous Coward · · Score: 4, Insightful

    If they still use default password, they deserve to be hacked and face total havoc.

    Industry`s security is still so crappy.

  2. Re:Wow by gmuslera · · Score: 4, Insightful

    Probably the network is behind a firewall, so they think they are safe from outsiders. The problem is when insiders have both windows and no clue.

  3. Re:Wow by denobug · · Score: 4, Insightful

    Our past experience indicate the IT staff does more damage to the stability of the system than anything else could. Most IT and network personnel has zero understanding of reliability of a system. The architecture they design are simply too complex and not robust enough. So before anybody can hack in, the system itself becomes unstable, crashed, and end up causing dangerous situation.

    One of the most common mistake observed is a super complicated VLAN scheme that link multiple network together under the name of "ease of management" or "security", while in fact the first thing they need to do is to completely seperate the control network with corporate network, and then flatten the control network with air-gap from the corporate network. Also make sure you have zero wireless network access to the control network would be a wise choice not only in security but also improves each component's availability in general.

    Again, common sense goes a very long way.

  4. Re:Wow by networkBoy · · Score: 4, Insightful

    This is manifested in the door security where I work.
    We have RFID badge readers.
    My boss recently wanted to add one to a lab he controls. When he found out the bill was $10K he balked. We told him it was for the security conduit (intrusion detection conduit, I assume gas charged & detect pressure drop in a leg?).
    His response? We don't need the conduit, just run the wire.

    Luckily security said F off and use a key lock, we're not installing it without the conduit. But that same attitude is why these machines still have the default passwords.

    -nB

    --
    whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump