Eric Byres has updated his recommendations for security of SCADA systems from the Stuxnet worm as a result of the Microsoft patch. His revised white paper “Siemens PCS7 WinCC Malware” is available for download by all Tofinosecurity.com members now. (If you are not a member, you can become one by signing up. There is no charge and Byres says he’s created a very complete program to ensure member privacy.) He has also started a security blog for those who would like to keep up with his latest thinking on security topics.
Byres Updates Stuxnet Security on SCADA
by Gary Mintchell | Aug 6, 2010 | Automation, Security | 3 comments
3 Comments
Submit a Comment Cancel reply
This site uses Akismet to reduce spam. Learn how your comment data is processed.
Is your control system really that secure?
A lot of people talk about security these days, but is your control system really all that secure? The only way to tell is to "kick the tires", and there is no better time to do that than during shop testing (or FAT as we all call it). As a minimum, every system should include a Vulnerability Assessment, and for the more critical systems, a full blown penetration test should be considered. Attacks like Win32/Stuxnet demonstrate the need to move ICS security out of the realm of the theoretical and into that of practical – look for vulnerabilities and having qualiied professionals determine if these can be exploited on actual control systems.
I have only heard of the Stuxnet problem in association with Seimens, but has this worm or others like surfaced in Rockwell Automation systems?
I have only heard about this attack on a Siemens system at (evidently) a utility. Speculation was that it was industrial espionage. The worm has appeared in many other places, especially Iran. View this as a wake-up call to assure best practices and policies in security efforts.