WinCC and the Stuxnet worm

marshjhm

Member
M
Join Date
Oct 2006
Location
Spokane, WA
Posts
38
Has anyone heard what Siemens plans to do about the WinCC admin password vulnerability that is exploited by the Stuxnet worm? This is the first time I have heard of an HMI being attack directly by a worm. Of course the worm uses a Windows vulnerability to get into the system, but still I would think that Siemens would be concerned, and create some kind of patch.
 
http://support.automation.siemens.com/WW/view/en/43876783
This is not the fault Siemens that its program was attacked.
One anti-virus laboratory analyst argued that the virus is directed against one of the Central Asian countries. Guess who is interested in data from the nuclear WinCC/PCS7?
This is the first program of state espionage by the virus to justify the bombing of the future ...
If you look at these statistics, mapping the world, it becomes clear that the centers of the epidemic are the three countries - Iran, India and Indonesia (all three on the letter "I", funny).
In each of these countries the number of recorded incidents over KSN 5000.
Realtek is a hardware the company, and writing software for their devices - a by-process, for which the best of all - the use of outsourcers.
And which country is the world leader in the outsourcing programming?
Correct: India.
Can outsourcer, creating software for the company, have the means to "sign" the certificate program this company? Probably yes.
hus, one can assume that the malicious program was created precisely in India (see the map) and, perhaps, not without an insider among the developers of applications for Realtek.
stuxnet.gif

34313.jpg
Click to expand...
 
Iran

Hi everybody,

currently I am in Iran, Bandar Abbas for commisioning of our project for steel making plant.
We have this virus everywhere here, on WinCC server, clients and so on.
This virus was probably transfered from some USB stick from customer.
In this time I downloading Simatic patch and antivirus software from links above.
I am sure, that I have had this virus minimal one month ago in my project backups too.
So tomorow I try remove this virus and i will inform you.
The main problem here is the internet connection is so slow.
So currently of course our PLC and HMI network is not connected to internet, but when we leave who knows ... :sick:

I just have one question, if anybody have some problems on running system with this virus?

Thanks
 

Similar Topics

C
How to Time Sync? S7-400H CPU (Time Master) With Wincc Runtime V7.5(Time Slaves)
hello s7-400h and wincc are connected to each other via Ethernet. I need help on how to do time synchronization
Replies
0
Views
41
Controller5848
C
P
Wincc v8.0 change page tags are blocked
Greetings I have a problem, my system is the following: wincc v8.0 (demo), logo8.3, abb m2m analyzer. I created some pages to display the...
Replies
0
Views
53
Pietro71
P
K
WinCC Flexible 2008 Advanced
Hi, We have upgraded our laptop which includes Windows 11. It appears that WinCC flexible 2008 advanced does not support Windows 11. What...
Replies
11
Views
254
mk42
M
A
WinCC PC-PLC cross-subnet communication configuration in TIA
In our production plant we have multiple different networks (subnets). IT dept have setup routing between them so different subnets can...
Replies
0
Views
84
aamirawan91
A
A
WinCC SCADA to the S7-PLC cross-subnet communication?
Is it possible to connect a PC with running WinCC Advanced or Unified to a siemens PLC such as S7-1200 across different subnets? The computers can...
Replies
0
Views
74
aamirawan91
A
Back
Top Bottom