By Kevin Coleman
Defense Tech Cyber Warfare Analyst
Malicious code was discovered and disclosed in late July that appears to target infrastructure control systems. The code is called Stuxnet and is designed to exploit a Zero Day flaw in Windows and targets SCADA controllers and systems.
Definition: SCADA is the acronym that stands for - Supervisory Control And Data Acquisition. It refers to industrial control systems aka a computer system used for monitoring and controlling a process or process control equipment. These industrial systems are typically used to control critical processes and equipment at power generating and distribution facilities, manufacturing facilities, water treatment plants, and even nuclear power plants. Many of the systems are relatively old and are thought to contain numerous vulnerabilities.
The exploit seeks out and steals industrial data from SCADA systems running Siemens Simatic WinCC or PCS 7 software. So far the malware is thought to have infected around 20,000 computers worldwide, mostly in Iran, Indonesia and India.
As you may recall Congressman Jim Langevin, who chaired a subcommittee on cyber security, had called representatives of the nation's electric utilities to Washington to find out what they were doing to address cyber security and defend against cyber attacks. This was part of a 60 Minutes special investigation into cyber security that aired in November of 2008.
If you saw the piece then you may recall his committee was told that the problem was being addressed. However, at a subsequent hearing that took place almost seven months later, the committee found out that was not to be the case! Now it is a mad scramble to address the cyber security of not just the power grid but the entire U.S. critical infrastructure.
