Over the last few months, we have been hearing more and more about the Stuxnet Worm. Originating in 2007, it became a topic of conversation in the main stream media after its global deployment in 2010. At the time, Symantec reported that less than 2% of all known Stuxnet infections were on machines in the United States. Now, almost two years later, it is once again front and center for both its relationship to the newly discovered Flame malware, and recent surge in infecting new networks and machines.
From the moment the music started and the partition wall was removed in a backlit shroud of darkness, attendees of the ThinManager 6.0 Launch Event started thinking that this was not going to be a typical expo event. Less than 10 minutes later as the lights came up on a large room filled with rocket shaped display booths and more technology than they could shake a stick at, that feeling was confirmed.
Immediately following, Matt Crandell, CEO of Automation Control Products, took to the stage and clearly conveyed the magnitude of this event to a packed house. There would be no product pitch or chest thumping because the ThinManager platform could stand alone without a need for bells and whistles. There would be no “dead time” or aimless wandering because there was something for everyone regardless of the time of day. And most importantly, there would be ample opportunity for everyone to experience a true interactive environment. “The best way to explain the product is to put it in people’s hands and let them experience it for themselves,” said Crandell.
There is a new villain in the computer virus world and it is from the Stuxnet family of malware. The Stuxnet attack exploits a vulnerability in Microsoft Windows software, WinCCConnect, which is an integral component of the distributed control and SCADA systems that facilitate production operations in many process-manufacturing companies. The vulnerability would allow the virus to extract process data and possibly HMI screens.
The director and chief economist of the independent watchdog The US Cyber Consequences Unit Scott Borg says “Either the attacker is planning on stealing very valuable information or they are going to use this access to the control system to do bad things.” The virus’s purpose seems to be what can only be termed as industrial espionage as attackers could steal information on how plants are run to possibly extort money or influence manufacturers by taking away the competitive edge with the information obtained.