Curious that this virus designed to destroy an industrial facility. The experts who dissected discovered that some systems targeted by Siemens and think that this Trojan, conveyed by USB, is specifically directed against the Iranian nuclear plant at Bushehr.
Stuxnet, worm, malware would be the first to address the real-time control of an industrial system. Discovered in July 2010, Worm.Win32.Stuxnet was studied, among others, by a German computer scientist, Ralph Langner, who has deciphered the operation.
Stuxnet rely on SCADA WinCC, Siemens designed and intended to fly from a Windows computer systems SCADA (Supervisory Control and Data Acquisition).According to this expert, Stuxnet, which is particularly sophisticated, do not install anywhere but in some industrial PLCs from Siemens. From there, he can order different equipment, "such as valves, for example."
According to information reported by PC World, an expert on Canadian Eric Byres (responsible Byres Security), who had studied Stuxnet in July, would, he discovered an additional detail. The virus specifically modify a sub-program to monitor real-time processes with very fast response time of 100 milliseconds.
The worm leaves carry on USB sticks or flash memory cards and also spreads via local networks, and even through the connected printers. We know it exploits multiple vulnerabilities in Windows, as shown by various studies, including Microsoft, which would allow him to take remote control of a machine. The case is also taken seriously by Siemens, which has issued a method and a patch to detect and remove this malware.
Where is he? Where is he?
What could it serve? "It could bring down such a centrifuge, said Eric Byres (remarks reported by PC World), but it could be used in many other goals. The only thing I can say is that it's designed to break something. "
He was reportedly found in Iran, India and Indonesia. "An unknown number of power plants, pipe-lines and factories could be infected, experts said. Ralph Langner from his analysis a practical conclusion: the target of the worm would be the Bushehr nuclear power plant, along the Persian Gulf. Siemens AG was involved in the construction of the plant in the early 1970's until the 1979 Islamic revolution. After the bombing of Iran-Iraq war and opposition from the United States, the restarting of the plant has been conducted with the help of Russia.
This is also a Russian company that collaborated in this restart, Atomstroyexport, Ralph Langner designates as a possible vector of the virus to his illegal entry into Iran.According to Symantec, which also focused on this virus, the country concentrated in July 60% of infections.
The sophistication of this malware and the perfect knowledge of systems from Siemens that it suggest that this is not a hack of the game Sunday. A State could he have referred this plant by a cyber-attack? According to Siemens, in any case, the assumption fails because the German company has delivered to the Bushehr plant is no system of the type is infected Stuxnet ...
No comments:
Post a Comment