Siemens Security Issues, as reported by CNET

WainDude · Aug 14, 2010

Good Evening everyone,

I am new here but thought I would post this, perhaps it has been posted before, but has anyone been following the recent news regarding hacking at major facilities around the world exploiting a bug in Windows that allows hackers access to Program code on Siemens PLC's.

http://news.cnet.com/8301-27080_3-20013545-245.html?tag=topTechContentWrap;editorPicks

This is the news article, its pretty interesting and somewhat scary.

JesperMP · Aug 14, 2010

It is not the PLCs that are affected, it is the WinCC part of PCS7.

Kinda embarrashing for CNET to report so late about something that has already been widely discussed, and for which there is already a remedy.

Eddie Willers · Aug 14, 2010

I thought this was a late followup at first, too, but I read with interest and alarm the claims made by a Symantec researcher that the Stuxnet bot actually loads code into Siemens controllers:

http://www.symantec.com/connect/blogs/stuxnet-introduces-first-known-rootkit-scada-devices

This is going to be a deep, dark story if it ever gets told in full.

Rick Densing · Sep 22, 2010

It appears it may be directed at a specific target. Quite a story. It does appear to alter code in a siemens PLC.

http://news.yahoo.com/s/csm/20100921/ts_csm/327178

Cyber security experts say they have identified the world's first known cyber super weapon designed specifically to destroy a real-world target – a factory, a refinery, or just maybe a nuclear power plant.
The cyber worm, called Stuxnet, has been the object of intense study since its detection in June. As more has become known about it, alarm about its capabilities and purpose have grown. Some top cyber security experts now say Stuxnet's arrival heralds something blindingly new: a cyber weapon created to cross from the digital realm to the physical world – to destroy something.
At least one expert who has extensively studied the malicious software, or malware, suggests Stuxnet may have already attacked its target – and that it may have been Iran's Bushehr nuclear power plant, which much of the world condemns as a nuclear weapons threat.
The appearance of Stuxnet created a ripple of amazement among computer security experts. Too large, too encrypted, too complex to be immediately understood, it employed amazing new tricks, like taking control of a computer system without the user taking any action or clicking any button other than inserting an infected memory stick. Experts say it took a massive expenditure of time, money, and software engineering talent to identify and exploit such vulnerabilities in industrial control software systems

lakesidebc · Sep 26, 2010

Oh my God! The Taliban is after my SoyaMilk plant dammit! They'll cause a Soya Milk spill of Biblical proportions...That'll teach those capitalist devils! What's next? Yogurt? Nothing is safe!

Really, anyone that works in critical infrastructure is hopefully aware of security threats and exploits and keeps their system up to date to protect from issues like this. The existance and possible use of these types of exploits in process control systems is OLD NEWS. News flashes like these are the same as the BREAKING NEWS of the latest Kardashian weight gain scandal. Total inflammatory BS.

" Too large, too encrypted, too complex to be immediately understood, it employed amazing new tricks, like taking control of a computer system without the user taking any action or clicking any button other than inserting an infected memory stick. Experts say it took a massive expenditure of time, money, and software engineering talent to identify and exploit such vulnerabilities in industrial control software systems "

Not too vague, huh?

Those of us at work in critical infrastructure have been investigating and protecting our systems for YEARS, so I'm pretty sure we only have to worry about the occasional Taliban created pudding spill.

3 cheers, another victory for the culture of perpetuating fear and terror. A win for the terrorists.

Paul B · Sep 26, 2010

Related thread: http://www.plctalk.net/qanda/showthread.php?t=58230
Related thread: http://www.plctalk.net/qanda/showthread.php?t=58259

Whenever we have multiple posts about the same topic I've always appreciated a moderator that would merge the threads. Without moderation, posts that connect the two threads are the next best thing.

Siemens Security Issues, as reported by CNET

WainDude

Member

JesperMP

Lifetime Supporting Member + Moderator

Eddie Willers

Member

Rick Densing

Member

lakesidebc

Member

Paul B

Member

Similar Topics