back to article Energy utilities targeted by Office-spawned recon attack tool

Malware writers are targeting international energy utilities with a new trojan that creates beachheads to enable subsequent more advanced attacks. Symantec security boffin Christian Tripputi says the campaign, detected in the first two months of 2015, has a particular focus on creating beachheads on petroleum and gas utilities …

  1. Anonymous Coward
    FAIL

    Ha.

    "Utilities can be more hamstrung than other sectors in applying patches. Updating operating systems can have significant impacts on industrial control systems, potentially breaking them."

    Pray tell, why would you have a pc that runs the key infrastructure running office apps and email as well.

    Oh yeah, it's saved a few quid.

    1. Robert Helpmann??
      Childcatcher

      Re: Ha.

      Oh yeah, it's saved a few quid.

      I was going to say "Because you're an idiot," but you beat me to it.

    2. Richard Jones 1
      FAIL

      Re: Ha.

      Standard dumb reasons:

      Corporate specification PCs strike again?

      Of course those Office licenses are free aren't they? The PC came with them anyway.

      And on the other hand, "We paid good money for office 97 and 2000, we cannot just throw that out can we?"

      I know someone in the power business who has only stopped using Office 97 in the past 6 months - after 3 years of pressure from others and his complaints about an unstable PC!

      Yes people like that do exist to cause problems!

      1. Anonymous Coward
        Anonymous Coward

        Re: Ha.

        I work at an oil company. Some of our managers and directors would still be using Windows and Office 95 if I let them. Our finance dept would fall for this hack no problem. They open all email attachments no matter who they come from because "it might be something important".

  2. Yag
    Mushroom

    Helium industries?

    Maybe... no, let's hope not...

    1. Paul Kinsler
      Joke

      Re: Helium industries?

      wait ... there's a /helium/ bomb now as well..!?

  3. Anonymous Coward
    Anonymous Coward

    Security

    I do have to wonder if any of the upper management in some of these companies have heard of security, or is it just a meaningless word to them.

    Any one that runs the office and industrial process control on the same network should be taken out the back and put out of their misery.

    On the two systems we manage the only point of contact between the front office and the manufacturing section is a networked laser printer that sits in the office and gets input from manufacturing and prints our daily production figures. It is locked to the manufacturing network by mac address as well as being on a different subnet to the office. In one company some idiot thought he could get direct access to manufacturing by using the printer network cable. All he got was fired - we had thought of that and set access alarms.

    The big question is, why if small companies can do this type of security why can't large ones? It is not difficult but it does require thought which seems to be sadly lacking in senior management today.

    1. Tom 13

      Re: Security

      Thumbs up for this alone:

      In one company some idiot thought he could get direct access to manufacturing by using the printer network cable. All he got was fired

      In too many places that behavior would be excused. Glad you had both the alarms and the backing to do the right thing.

    2. Fatman
      FAIL

      Re: Security, ... you need a slight correction

      The big question is, why if small companies can do this type of security why can't large ones? It is not difficult but it does require thought which seems to be sadly lacking in senior typical of SENILE management today.

      FTFY!!!!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like