Feeds

back to article Attackers fling Stuxnet-style RATs at critical control software in EUROPE

Security researchers have uncovered a series of Trojan-based attacks which have infiltrated several targets by infecting industrial control system software from the makers of SCADA and ICS systems. The majority of the victims are located in Europe, though at the time of writing at least one US firm's compromised gear appears to …

COMMENTS

This topic is closed for new posts.
Silver badge
Facepalm

"The attackers have [made] Trojanised software available for download from ICS/SCADA manufacturer websites in an attempt to infect the computers where the software is installed", Finnish security software firm F-Secure reports.

The amount of FAIL on the vendor's part here is staggering,

4
0
Bronze badge
Paris Hilton

Add all that to networked Windows XP systems and maybe it could be promoted to MEGA-FAIL?

5
0
Silver badge
FAIL

Lessons of history, etc...

Put stuff on internet, watch it get hacking attempts.

Put critical stuff on internet, use software that was developed historically for stand-alone use, find patching said system is a major PITA because the hardware etc out live the software development cycle time-scale, and watch it get hacked.

Again, and again.

7
0

...and then try to run SCADA system on Windows machines - just how many points of vulnerability do you need?

The utter stupidity of the beancounters who won't countenance anything other than Microsoft OS purchases, the beancounters trying to run technologically sophisticated enterprises without the slightest understanding of what the company does or how it does it - no wonder so many tech companies fail.

As long as we have beancounters valued more highly than engineers, these stupidities will continue. People need to understand that book-keeping is trivially simple - I can teach anyone to do it in an hour - and an "accountant" is just a book-keeper in a suit. They should be paid accordingly.

OTOH, engineers actually ADD VALUE to a company, and so should be well paid - ideally with some kind of profit-share as real motivation. They should also have the majority of input into technical products.

Thank goodness that Windoze is banned from most nuclear sites!

10
2
Silver badge

just how many points of vulnerability do you need?

Deresilience in depth. In the Cloud. Keeping civilization going!

0
0

...and then try to run SCADA system on Windows machines - just how many points of vulnerability do you need?

Any OS is full of holes.

2
1
Anonymous Coward

"won't countenance anything other than Microsoft OS purchases"

Windows Server has a far better security record as a server than say Linux.

"Thank goodness that Windoze is banned from most nuclear sites!"

Who told you that? Not true at all. Most SCADA and similar systems are Windows only.

Even Apple's Mac factory production line runs on Windows!

0
0
Big Brother

2003 is calling and wants its SCADA vulnerabilities back ..

"Technical Analysis of the August 14, 2003, Blackout:"

http://www.nerc.com/docs/docs/blackout/NERC_Final_Blackout_Report_07_13_04.pdf

0
0
This topic is closed for new posts.