IT risk management

Siemens issues software fix to protect against Stuxnet

Warwick Ashford

German engineering firm Siemens has issued a fix for the software vulnerabilities in its programmable logic controllers (PLCs) that were exploited by Stuxnet.

The computer worm was discovered in 2010 when it caused malfunctions at industrial plants and factories using Siemens equipment and PLCs.

Iran's nuclear enrichment plants were the supposed target of Stuxnet, which was found in the control systems for several of the country's nuclear facilities, including a nuclear facility at Natanz.

The effectiveness of the Siemens security updates, issued two years later, may never be proven, however, because Stuxnet had a "kill date" of 24 June 2012.

This means the worm has now stopped spreading, said F-Secure's chief research officer, Mikko Hypponen, in a blog post. “But that has little significance, as the operation had already been active for years and reached most of its targets by 2010," he wrote.  

The software update from Siemens comes as reports circulate of a fresh cyber attack on an Iranian nuclear enrichment project, according to the BBC.

F-Secure reported that it received an e-mail believed to have been sent by a scientist at Iran's Atomic Energy Organisation, claiming that two of its plants had been hit by another cyber attack.

Hypponen said F-Secure had not been able to confirm any of the details in the message. However, he did confirm that the message had come from within Iran's Atomic Energy agency.             

The message said: "I am writing to inform you that our nuclear program has once again been compromised and attacked by a new worm, with exploits which have shut down our automation network at Natanz and another facility, Fordo near Qom.

"According to the e-mail our cyber experts sent to our teams, they believe a hacker tool Metasploit was used. The hackers had access to our VPN. The automation network and Siemens hardware were attacked and shut down. I only know very little about these cyber issues as I am scientist, not a computer expert."

On 23 July, Iran issued a statement saying it had successfully "confronted" sophisticated malware and thwarted all the cyber attacks against the nation's infrastructure.

In June, security researchers reported that there was evidence that the creators of the Flame and Stuxnet malware cooperated at least once during the early stages of development.

The research linking Stuxnet and Flame could bolster the belief of many security experts that Stuxnet was part of a substantial US-led cyber programme still active in the Middle East and perhaps other parts of the world, said Reuters.


Image: Hemera/Thinkstock


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy