New virus attacks industrial systems
Relevant offers
Digital living
Hackers have built a computer virus that attacks Siemens AG's widely used industrial control systems, creating malicious software that analysts said can be used for espionage and sabotage.
The German company said the malware is a Trojan worm dubbed Stuxnet that spreads via infected USB thumb drives, exploiting a yet-to-be-patched vulnerability in Microsoft Corp's Windows operating system.
"Just viewing the contents of the USB stick can activate the Trojan," said Siemens spokesman Alexander Machowetz. "Siemens recommends avoiding the use of a USB stick."
Siemens first learned of the problem on July 14, he said.
Stuxnet is among the first to surface that attacks software programs that run Supervisory Control and Data Acquisition, or SCADA, systems. Such systems are used to monitor automated plants - from food and chemical facilities to power generators.
Once the worm infects a Siemens system, it quickly sets up communications with a remote server computer that can be used to steal proprietary corporate data or take control of the SCADA system, said Randy Abrams, a researcher with ESET, a privately held security firm that has studied Stuxnet.
Analysts said attackers may have chosen to spread the malicious software via a thumb drive because many SCADA systems are not connected to the Internet, but do sport USB ports.
Siemens said it has so far only identified one customer whose SCADA systems were infected by the virus, a customer in Germany that Machowetz declined to identify by name.
Security experts have long theorized that hackers - including ones working for nation states or terrorist groups - would one day develop viruses that target SCADA systems. They could be used to steal sensitive data or sabotage major infrastructure facilities by instructing software to attack those plants.
"It could be very valuable to a nation-state for war-like espionage. It could be very valuable to terrorist organisations," said ESET's Abrams.
Microsoft spokesman Jerry Bryant said he did not know when the company would update its Windows software to address the vulnerability that Stuxnet exploits.
Now that the exploit has been publicized, other hackers will quickly rush to develop malicious software programs that take advantage of the same vulnerability, said McAfee Inc spokesman Joris Evers.
Siemens, Microsoft and security experts who have studied the Stuxnet worm have yet to determine who created the malicious software.
- Reuters
Sponsored links
Google algorithm measures funny
Second Megaupload co-accused bailed
Review: Kingdoms of Amalur: Reckoning
Protests erupt across Europe against ACTA
Review: Sony HMZ-T1 Personal 3D Viewer
Career destroyed over battle of the planets
NZ police access Facebook evidence
Facebook can alienate people further - study
Brazil files injunction against Twitter
Review: Catherine for Xbox 360
Top selling games in New Zealand
Kiwi women obsessed with weight
Riots as Greece approves austerity
Pat Lam still mum on Piri Weepu's Blues role
Qantas grounding 'good for brand'
Seriously ill man found on beach
NZ's best farm land 'already sold off'
New Zealand lose Las Vegas final to Samoa
Kiwis' confidence in police soars
They even took the kitchen sink
Houston died in bathtub - coroner
Christchurch cricket bat murder admitted
Hundreds of unfit teachers in class
Daily trivia quiz: February 13
Superbike champion dies after race crash
Volunteers fight fires in a truck that won't stop
Tainui leader ousted from board
Bus survivor praises her heroic rescuers
Hundreds of unfit teachers in class
Volunteers fight fires in a truck that won't stop
Houston died in bathtub - coroner
Your top 10 cheesy pickup lines
Ethnic rights advice stuns communities
NZ, mate, you might have a drinking problem
Paul Henry's disjointed return to TV
Hundreds of unfit teachers in class
Kiwi women obsessed with weight
