Virus attacks Siemens' industrial control systems
Industrial control systems built by engineering giant Siemens are being targeted by computer hackers. A virus is currently circulating that activates an unusual kind of malicious software, which some analysts describe as 'corporate espionage'.
The Stuxnet virus is spread by devices plugged into usb computer ports and tries to steal data from computer systems used to monitor large automated plants. These could range from manufacturing to power generation to water treatment.
Siemens, one of the world's largest makers of such industrial automated systems has that it has learned of only one customer whose industrial control systems have been infected. However, researchers analysing the virus warn that it surfaced several weeks ago and is now attempting several thousand infection attempts daily. The malicious software, or malware, is only activated if it lands on a computer running the Siemens systems software.
The Stuxnet worm exploits an unpatched vulnerability in Microsoft Windows operating systems, allowing it to spread through usb devices. Once infecting a Siemens system, it uses default passwords coded in the Siemens software to try to upload control system data to a remote server.
Pierre-Marc Bureau, a senior researcher in the virus lab of ESET, a privately held software-security firm, says that the attack on Siemens' systems marks an escalation in hackers' efforts to use malware for industrial espionage or sabotage purposes. Bureau warned: "This is the first such infection where malware is searching for supervisory control and data acquisition (scada) systems to attack on such a large scale basis. I'm 100% sure that the threat is very professional and much more professional than anything I see on a daily basis."
Bureau believes the virus was probably created in Asia, given the pattern of attacks and technology used. He fears that such viruses could one day be used by terror groups to sabotage power plants and other utility networks key to national security interests.
Microsoft is working on a patch to fix the vulnerability at the usb interface, while several suppliers of virus scanners have developed updated versions that detect and eliminate the virus.
Siemens said it expects to approve the updated virus scanners this week and also plans to provide customers with a diagnostic tool to check if their systems have been infected. In the meantime, the company's website advisory urges customers not to use any usb storage sticks.
A support notice from Siemens can be accessed below.
