A new Oil IT Journal security section this month, inspired by the advent of the Stuxnet trojan. Stuxnet malware is distributed on USB sticks and affects Siemens’ Simatic WinCC SCADA data browser. WinCC provides process visualization and ‘plant intelligence.’ The act of viewing the content of an USB stick could infect a system. According to Siemens1, no cases of damage to customers’ sites have been reported to date. Siemens recommends running Trend Micro’s Sysclean to remove. Some have speculated2 that Stuxnet may herald a wave of new control system attacks.
With what appears to be good timing, Houston-based process software specialist PAS has released ‘Integrity Recon,’ a package that improves reliability of Microsoft Windows-based automation systems and process control networks. Integrity Recon monitors and reports KPIs and control system vulnerabilities, improving infrastructure management and helping monitor aspects of the control systems, such as license management. Recon also aids with common operating environments (COE) compliance. COEs are approved configurations of hardware and software that enable security, reliability, and facilitate troubleshooting. Hardware and software upgrades are also facilitated by identifying existing components and dependencies. More on such ‘exploits’ from the US National Vulnerability Database www.oilit.com/links/1007_18.
© Oil IT Journal - all rights reserved.