You are not registered yet. Please click here to register!


 
 
plc storereviewsdownloads
This board is for PLC Related Q&A ONLY. Please DON'T use it for advertising, etc.
 
Try our online PLC Simulator- FREE.  Click here now to try it.

New Here? Please read this important info!!!


Go Back   PLCS.net - Interactive Q & A > PLCS.net - Interactive Q & A > LIVE PLC Questions And Answers

Reply
 
Thread Tools Display Modes
Old July 25th, 2010, 03:55 PM   #1
marshjhm
Member
United States

marshjhm is offline
 
marshjhm's Avatar
 
Join Date: Oct 2006
Location: Spokane, WA
Posts: 38
WinCC and the Stuxnet worm

Has anyone heard what Siemens plans to do about the WinCC admin password vulnerability that is exploited by the Stuxnet worm? This is the first time I have heard of an HMI being attack directly by a worm. Of course the worm uses a Windows vulnerability to get into the system, but still I would think that Siemens would be concerned, and create some kind of patch.
  Reply With Quote
Old July 25th, 2010, 05:20 PM   #2
Saperov
Member
Russian Federation

Saperov is offline
 
Join Date: Mar 2010
Location: Russia
Posts: 98
http://support.automation.siemens.co...ew/en/43876783
This is not the fault Siemens that its program was attacked.
One anti-virus laboratory analyst argued that the virus is directed against one of the Central Asian countries. Guess who is interested in data from the nuclear WinCC/PCS7?
This is the first program of state espionage by the virus to justify the bombing of the future ...
Quote:
If you look at these statistics, mapping the world, it becomes clear that the centers of the epidemic are the three countries - Iran, India and Indonesia (all three on the letter "I", funny).
In each of these countries the number of recorded incidents over KSN 5000.
Realtek is a hardware the company, and writing software for their devices - a by-process, for which the best of all - the use of outsourcers.
And which country is the world leader in the outsourcing programming?
Correct: India.
Can outsourcer, creating software for the company, have the means to "sign" the certificate program this company? Probably yes.
hus, one can assume that the malicious program was created precisely in India (see the map) and, perhaps, not without an insider among the developers of applications for Realtek.

  Reply With Quote
Old July 26th, 2010, 04:08 PM   #3
WencaB
Member
Czech_Republic

WencaB is offline
 
Join Date: Apr 2010
Location: Karlovy Vary
Posts: 1
Angry Iran

Hi everybody,

currently I am in Iran, Bandar Abbas for commisioning of our project for steel making plant.
We have this virus everywhere here, on WinCC server, clients and so on.
This virus was probably transfered from some USB stick from customer.
In this time I downloading Simatic patch and antivirus software from links above.
I am sure, that I have had this virus minimal one month ago in my project backups too.
So tomorow I try remove this virus and i will inform you.
The main problem here is the internet connection is so slow.
So currently of course our PLC and HMI network is not connected to internet, but when we leave who knows ...

I just have one question, if anybody have some problems on running system with this virus?

Thanks
  Reply With Quote
Old July 26th, 2010, 05:02 PM   #4
Saperov
Member
Russian Federation

Saperov is offline
 
Join Date: Mar 2010
Location: Russia
Posts: 98
The expert from Kaspersky Lab wrote about StuxNet
http://translate.google.com/translat..._5&sl=ru&tl=en

http://www.symantec.com/connect/blog...rk-information

Last edited by Saperov; July 26th, 2010 at 05:23 PM.
  Reply With Quote
Old August 3rd, 2010, 05:19 AM   #5
Saperov
Member
Russian Federation

Saperov is offline
 
Join Date: Mar 2010
Location: Russia
Posts: 98
AntiStuxnet hotfix from MS
http://www.microsoft.com/technet/sec.../MS10-046.mspx
  Reply With Quote
Reply
Jump to Live PLC Question and Answer Forum


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 07:50 PM.


.