The global site of the UK's leading magazine for automation, motion engineering and power transmission
23 October, 2017

Product and Supplier Search

Facebook

Malware targets GE and Siemens HMI software

30 October, 2014

The US Government’s industrial controls cyber-security agency, ICS-Cert, has uncovered a “sophisticated” malware campaign that, it says, has compromised numerous industrial control systems (ICSs) using a variant of the malware known as BlackEnergy. Analysis suggests that this campaign has been underway since at least 2011.

ICS-Cert (the Industrial Control Systems Cyber Emergency Response Team) reports that “multiple companies” that it is working with have identified the malware on Internet-connected HMI systems running software including GE Cimplicity, Siemens WinCC, and Advantech/Broadwin WebAccess. It is currently unknown whether other vendor’s products have also been targeted. ICS-Cert is working with the affected vendors to evaluate the activity and to notify their users.

So far, ICS-Cert has not identified any attempts to damage, modify, or otherwise disrupt the victims’ control processes, and it has not been able to verify whether the intruders expanded access beyond the compromised HMI into the rest of the control system. However, typical malware deployments have included modules that search out network-connected file shares and removable media. The malware is highly modular and not all of its functions are deployed to all of its victims.

ICS-Cert is “strongly” encouraging owners and operators to look for signs of compromise in their control systems. It has issued an alert containing details of its findings and recommendations.




Magazine
  • To view a digital copy of the latest issue of Drives & Controls, click here.

    To visit the digital library of past issues, click here

    To subscribe to the magazine, click here

    To see the latest Products & Services Directory, click here

     

Exhibition

Birmingham 2018The next Drives & Controls Exhibition and Conference will take place in Birmingham, UK, from 10-12 April, 2018. For more information on the event, visit the Show Web site

Poll

"Do you think that robots create or destroy jobs?"

Newsletter
Newsletter

Events

Most Read Articles