WinCC and the Stuxnet worm

marshjhm

Member
Join Date
Oct 2006
Location
Spokane, WA
Posts
38
Has anyone heard what Siemens plans to do about the WinCC admin password vulnerability that is exploited by the Stuxnet worm? This is the first time I have heard of an HMI being attack directly by a worm. Of course the worm uses a Windows vulnerability to get into the system, but still I would think that Siemens would be concerned, and create some kind of patch.
 
http://support.automation.siemens.com/WW/view/en/43876783
This is not the fault Siemens that its program was attacked.
One anti-virus laboratory analyst argued that the virus is directed against one of the Central Asian countries. Guess who is interested in data from the nuclear WinCC/PCS7?
This is the first program of state espionage by the virus to justify the bombing of the future ...
If you look at these statistics, mapping the world, it becomes clear that the centers of the epidemic are the three countries - Iran, India and Indonesia (all three on the letter "I", funny).
In each of these countries the number of recorded incidents over KSN 5000.
Realtek is a hardware the company, and writing software for their devices - a by-process, for which the best of all - the use of outsourcers.
And which country is the world leader in the outsourcing programming?
Correct: India.
Can outsourcer, creating software for the company, have the means to "sign" the certificate program this company? Probably yes.
hus, one can assume that the malicious program was created precisely in India (see the map) and, perhaps, not without an insider among the developers of applications for Realtek.
stuxnet.gif

34313.jpg
 
Iran

Hi everybody,

currently I am in Iran, Bandar Abbas for commisioning of our project for steel making plant.
We have this virus everywhere here, on WinCC server, clients and so on.
This virus was probably transfered from some USB stick from customer.
In this time I downloading Simatic patch and antivirus software from links above.
I am sure, that I have had this virus minimal one month ago in my project backups too.
So tomorow I try remove this virus and i will inform you.
The main problem here is the internet connection is so slow.
So currently of course our PLC and HMI network is not connected to internet, but when we leave who knows ... :sick:

I just have one question, if anybody have some problems on running system with this virus?

Thanks
 

Similar Topics

In our production plant we have multiple different networks (subnets). IT dept have setup routing between them so different subnets can...
Replies
0
Views
49
Is it possible to connect a PC with running WinCC Advanced or Unified to a siemens PLC such as S7-1200 across different subnets? The computers can...
Replies
0
Views
54
We are using wincc scada WinCC system software V7.5 SP2 , connected to few plc . Past 3 weeks we getting this alarm continously when we checked...
Replies
0
Views
66
Hello, I have a quick question. I have been using scripts to change the color of buttons. The reason, I am usually using multiple hmiruntime.tags...
Replies
1
Views
83
when i tried to go online, why its showing lie this
Replies
1
Views
72
Back
Top Bottom