Your one-stop web resource providing safety and security information to manufacturers

By Gregory Hale
While some users in the industry may think they are in the clear because they don’t use Siemens software, think again because any Windows-based system can suffer from this malware, regardless of whether or not it uses Siemens software, according to a white paper entitled “Analysis of the Siemens WinCC / PCS7 “Stuxnet” Malware for Industrial Control System Professionals” written by Eric Byres, chief technology officer at Byres Security.
Stuxnet is a computer worm designed to take advantage of a number of security vulnerabilities in the Windows operating system and Siemens SIMATIC WinCC, PCS7 and S7 product lines. The list of vulnerable systems has expanded to include all unsupported and current versions of Windows including Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008 and Windows 7, according to Byres’ paper. Of particular importance are the Windows 2000 systems, as there are no patches for these systems. It appears that Stuxnet will infect Windows NT machines, but will then abort.
Byres along with Scott Howard of Byres Security created a Stuxnet Mitigation Overview chart.

Pin It on Pinterest

Share This