Processing Magazine

Virus Targets Siemens Industrial Control Systems

July 20, 2010
According to Reuters, hackers have built a computer virus that attacks Siemens AG''s widely used industrial control systems, creating malicious software that analysts said can be used for espionage and sabotage. The German company said the malware is a Trojan worm dubbed Stuxnet that spreads via infected USB thumb drives, exploiting a yet-to-be-patched vulnerability in Microsoft Corp''s Windows operating system. Stuxnet is among the first to surface that attacks software programs that run Supervisory Control and Data Acquisition, or SCADA, systems. Such systems are used to monitor automated plants -- from food and chemical facilities to power generators. Analysts said attackers may have chosen to spread the malicious software via a thumb drive because many SCADA systems are not connected to the Internet, but do sport USB ports. Security experts have long theorized that hackers would one day develop viruses that target SCADA systems. They could be used to steal sensitive data or sabotage major infrastructure facilities by instructing software to attack those plants. Siemens, Microsoft and security experts who have studied the Stuxnet worm have yet to determine who created the malicious software.