Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Security Bug Crime IT

Stuxnet May Represent New Trend In Malware 58

Posted by Soulskill from the stux-on-you dept.
Trailrunner7 writes "As more information continues to come out about the Stuxnet worm and the vulnerabilities that it exploits, it's becoming increasingly clear that this kind of attack may be a preview of the attacks that are likely to become commonplace in the months and years ahead. The most interesting aspect of all of this is the fact that the attackers behind Stuxnet clearly knew about the vulnerability in the Siemens WinCC system before the malware was written. That implies the malware authors had some advance intelligence about the configuration of the Siemens software and knew exactly where there was a weakness."
This discussion has been archived. No new comments can be posted.

Stuxnet May Represent New Trend In Malware More

Stuxnet May Represent New Trend In Malware

Comments Filter:

  • Uh - what? (Score:5, Informative)

    by Anonymous Coward on Sunday July 25, 2010 @09:36AM (#33020738)

    The article that the summary links to in support of the idea that the attackers had inside information is actually about a hardcoded password that existed for *two years* before the vulnerability was found. The article argues pretty strongly that security through obscurity is no security at all and makes no mention of anyone having inside information - how can you get it so wrong?

  • Re:SCADA frustrations (Score:3, Informative)

    by leuk_he ( 194174 ) on Sunday July 25, 2010 @11:52AM (#33021374) Homepage Journal

    NO NO NO. installing a cocktail of AV software is NOT the answer in a system that has to do 27/7 operations and has to be kind of real-time responsive. What you do not wat it that it gives a false positive on an essential program that controls the plant. you do not want to inititiale a scan at the moment 2 reactive componentes are mixed.

    as for the tools, look for
      Right click My Computers > Properties > Hardware > Device Manager:

                - Go to View > Show Hidden Devices
                - Go to Non-Plug and Play Drivers

            Disable both MRXNET and MRXCLS:

    If that is the case you might want to look for some portable virus scanner...

  • Re:Uh - what? (Score:2, Informative)

    by KDR_11k ( 778916 ) on Sunday July 25, 2010 @12:28PM (#33021592)

    It's a result of strong competition, except for price collusion there isn't really a way out of that situation once you and all competitors have driven the margins that low.

  • Re:SCADA frustrations (Score:4, Informative)

    by Runaway1956 ( 1322357 ) on Sunday July 25, 2010 @12:43PM (#33021688) Homepage Journal

    You seem to have read AC's post differently than I did. He didn't suggest that you INSTALL an AV cocktail on your machines. He stated that a cocktail of security applications are necessary to deal with an infected machine. That Geek Squad disk is exactly that - a bootable disk with quite a variety of utilities, suitable for dealing with a wide variety of problems.

    I can't remember offhand, but I think there are six different AV's on the disk, each of which automagically updates itself when the utility is called. And, each of those AV's is on the disk, because it has proven superior to any of the other in certain situations.

    Your advice is sound, you just seem to have misinterpreted what AC said.

Slashdot Top Deals

"If it ain't broke, don't fix it." - Bert Lantz

Close