Stuxnet Attacks SCADA
SCADA (Supervisory Control and Data Acquisition) networks which control power and water distribution among other things are widely considered to be the most attractive targets for inflicting the most panic on the public. The Stuxnet worm which surfaced a few months ago has put the threat to these systems at the forefront. While the greater public may be downplaying the badness associated with this cyber attack, since it is not targeting the home user, the industrial industry should stay on high alert as the capabilities associated with this malware continue to be investigated. The attackers motives are yet to be fully understood but it is clear from their actions thus far that these malicious actors see benefit in taking control over SCADA enabled systems worldwide.
The worm is seen as primarily targeting industrial networks like Siemens SCADA Visualization Systems. Analysis conducted by Symantec and Kaspersky has shown how sophisticated the worm is and even has the ability to hide in the Programmable Logic Controller (PLC) and replace manufacturer written routines. This very sophisticated feature of the Stuxnet worm allows the controller of the worm to alter how the network acts and behaves.
Back in July Symantec reported the majority of infections were located in Iran, but since then infections have spread to other locations throughout the world. Two of the elevation-of-privilege vulnerabilities associated with this malware are still left unpatched according to Microsoft. In addition Siemens has reported 15 SCADA infections to include the US and UK. Each SCADA infection could have severe impact on the public by influencing hundreds of thousands of subscribers at a time to power, transportation, water, and other services which the world depends on.