Virus Attacks Siemens

http://online.wsj.com/article/SB10001424052748703954804575381372165249074.html?mod=googlenews_wsj "Virus Attacks Siemens Plant-Control Systems "
[ .... Computer hackers have designed a virus that targets industrial control systems built by German engineering giant Siemens AG, activating a kind of malicious software that analysts say represents a growing corporate-espionage threat.
The virus, dubbed Stuxnet, is spread by devices plugged into USB computer ports. .... ]
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
(off-topic crosspost)
Cliff <Clhuprichguesswhat aoltmovetheperiodc.om> wrote:

http://online.wsj.com/article/SB10001424052748703954804575381372165249074.html?mod=googlenews_wsj
Hmm. I wonder how many good paying jobs Siemens has outsourced/exported to India. Oh well.
--























> Path:
news.astraweb.com!border5.newsrouter.astraweb.com!news.glorb.com!news2.glorb.com!news.musoftware.de!wum.musoftware.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail

  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
wrote:

that is a seriously dangerous development
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

SB1000142405274870395480457538137216524...
If true no one should be surprised, Siemens control systems run on Micro $oft products.
--
Regards, Curly
------------------------------------------------------------------------------
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
wrote:

-----
it was forecast long ago that hackers/ terrorists will attack manufacturing through the computerized control systems- force a plant to shut down to either pay a blackmailer's fee or bring in it antivirus experts to clean their systems; altering part geometry that might cause a critical component to fail- the possibilities and potiential are almost endless
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

---------------------------------------------------------------------------­---
---------------------------------------------------------------------------­---
Yup, the industry has had a decade to prepare. Many have, some have even jettisoned Micro$oft.
--
Regards, Curly
------------------------------------------------------------------------------
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

this is not a microsoft problem - you put a program on a machine and allow me access, I'll change it. There is no reason that any USB port on any production machine should be open. There is no reason that any production facility should have a pathway to the internet - there should always be an air gap. The simplest possible security practices completely eliminate this threat
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

not just usb ports; some shops are using wireless networking
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

using wireless is asking for trouble. using wireless with weak or no encryption is guaranteeing trouble
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

wireless is important for shops with many machines on numerous different parts; wired brings in a whole host of networking problems caused by rf; also robots are helping to move stuff around too - I know of one shop hereabouts that has gone this direction. even at home my desktop cnc is running off a laptop with wireless network which I use to transfer my programs; even just at home I have too many LAN cables requirements that necessitate wireless. wireless is easier for IT to deal with than copper.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
">> >> > --

of course wireless is easier, so is not having locks on the door - but both leave you open to intrusion - wireless can be secure, but many folks don't take the time to do so - as for RFI or EMI - wired includes fiber cable, and that is pretty immune to RFI. Certainly if you are running a wireless network, I'd configure the security so that only computers already known to you have access to the network.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Might not a virus spread even easier & faster that way? Depends on handshaking protoclls suppose .. do you have a secret or encrypted one? IIRC the first IP address to reply that it IS that specific IP gets the traffic (& cable TV networks are easy to abuse if the forged IP is upstream of the real one).
--
Cliff

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload


that is why you don't do it by IP address - you use the MAC address - when I said "computer known to you" I specifically DID NOT mean an IP address
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

And when, exactly, were all the protocalls & standards changed? Defined?
--
Cliff

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
wrote:

Energy providers *require* internet connection.
I also challenge you to hack an OpenBSD system.
Even with a user account.
--
Regards, Curly
------------------------------------------------------------------------------
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Yup. Rule one of security "deny them access".
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Hell, my engineers don't want my assembly cells connected to the corporate network. Do you have any idea how disruptive it is when some pin head at corporate decides to push out a patch to a system running production? I had a cell a few years ago that died every patch tuesday at 11:50 PM. Updating a winbox while programming asics isn't a great idea. Nor is it a great idea when testing the performance of said asics in the next station using another winbox.
Here is another corporate brain storm. PC's used to access the corporate network must have a screen saver installed with a corporate mandated timeout value. Really sucks when the PC is connected to air gaging and the operator has to do the mouse shake to gage parts after he can see the screen again. LCD screens, how much are they saving? We got the microsoft windows crawly thing going on so even the backlight is powered up.
We can't get that one changed. They have software that enforces corporate registry settings.
Wes -- "Additionally as a security officer, I carry a gun to protect government officials but my life isn't worth protecting at home in their eyes." Dick Anthony Heller
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Industrial control systems like those that manage water, sewer, electric infrastructure.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Polytechforum.com is a website by engineers for engineers. It is not affiliated with any of manufacturers or vendors discussed here. All logos and trade names are the property of their respective owners.