Pages

Monday, July 19, 2010

Update on SCADA Trojan

The folks at ControlGlobal.com have posted a copy of the press release sent out today by Siemens AG about the Trojan that I reported on last week. Anyone that is using the the Siemens software Simatic WinCC and PCS 7 should read that press release and immediately contact their Siemens technical representative for further information. BTW: Has anyone seen anything about this from DHS ICS-CERT? I certainly haven’t. Does anyone know why not?
at

3 comments:

  1. PCMJuly 19, 2010 at 8:28 PM

    And what is Siemens doing about the hard coded database password issue? THAT is the real problem, not the Microsoft 0-day...

    ReplyDelete
  2. Andrew GinterJuly 20, 2010 at 1:13 PM

    The ICS CERT released an advisory on the malware dated today, July 20. You can find it at:

    http://www.us-cert.gov/control_systems/pdf/ICSA-10-201-01%20-%20USB%20Malware%20Targeting%20Siemens%20Control%20Software.pdf

    ReplyDelete
  3. PJCoyleJuly 20, 2010 at 11:09 PM

    My response to both the PCM comment and the Andrew Ginter comment can be found at: http://chemical-facility-security-news.blogspot.com/2010/07/reader-comments-07-19-10-scada-trojan.html

    ReplyDelete