Tuesday, July 20, 2010

ICS-CERT: USB Malware Targeting Siemens Control Software

The DHS Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has released an advisory (PDF) related to the Stuxnet rootkit case.

In addition, Siemens has recently guidance information regarding to the Stuxnet worm:
The internal system authentication from WinCC to the Microsoft SQL database is based on pre-defined access data. This data is not visible for the customer and is used as an internal system mechanism for communication between the WinCC system components and the database. Changing the access data would impede communication between WinCC and the database and is therefore not recommended. Tightening up authentication procedures is being examined.


A tool specially developed for Siemens by TREND MICRO which detects the new Trojan and requires very limited system resources, is currently being subjected to a system test to check its compatibility with Simatic software and will be made available after the test has been completed.

No comments:

Post a Comment