Sign In

Communications of the ACM

ACM News

Stuxnet Could Hijack Power Plants, Refineries



A worm that targets critical infrastructure companies doesn't just steal data, it leaves a back door that could be used to remotely and secretly control plant operations, a Symantec researcher said on Thursday.

The Stuxnet worm infected industrial control system companies around the world, particularly in Iran and India but also companies in the U.S. energy industry, Liam O'Murchu, manager of operations for Symantec Security Response, told CNET. He declined to say how many companies may have been infected or to identify any of them.

"This is quite a serious development in the threat landscape," he said. "It's essentially giving an attacker control of the physical system in an industrial control environment."
The malware, which made headlines in July, is written to steal code and design projects from databases inside systems found to be running Siemens Simatic WinCC software used to control systems such as industrial manufacturing and utilities. The Stuxnet software also has been found to upload its own encrypted code to the Programmable Logic Controllers (PLCs) that control the automation of industrial processes and which are accessed by Windows PCs. It's unclear at this point what the code does, O'Murchu said.

View Full Article


No entries found