22 Jul 2024


Siemens finds a German victim of cyber-attack

Siemens says it has so far identified (but not named) one customer in Germany that has been affected by the computer malware that is targeting users of its Windows-based Simatic WinCC SCADA and PCS7 process control software.

The company says its was notified about the Windows security breach that could affect WinCC and PCS7 users on July 14. It immediately assembled a team of experts to evaluate the situation and is working with Microsoft and the distributors of virus scan programs to analyse the likely consequences and the exact mode of operation of the virus. At the same time, Siemens has started to develop a solution which can identify and systematically remove the malware.

So far, it has established that the Trojan-type virus, which spreads via USB sticks and exploits a Microsoft security breach, can affect computers running Windows operating systems since XP. Just viewing the contents of the USB stick can activate the Trojan. Siemens is recommending that users of its software avoid using USB sticks.

Siemens says it is “taking all precautions” to alert its customers to the potential risks of this virus. It has set up a Web page to keep customers updated on developments regarding the cyber-attack.

The company says it also plans to speak directly to its customers to explain the circumstances. It is urging customers to carry out active checks of their computer systems that run WinCC.

There are already three virus scan programs recommended for Siemens systems, from Trend Micro, McAfee and Symantec. The latest versions of these programs can detect the Trojan. Siemens is analysing the effect of deploying these programs on the runtime environment and it expects to issue an approval shortly.