Siemens: Stuxnet infected 14 industrial plants

Stuxnet malware attacks supervisory control and data acquisition (Scada) systems that use Siemens WinCC Scada software. The Siemens software is used by a range of critical infrastructure providers, such as utilities companies.

The 14 infected locations were mostly processing plants, and critical infrastructure organisations had not been affected, Siemens spokesman Wieland Simon said.

“In no case did we note any damage,” said Simon. “No critical infrastructure or production industry was infected.”

Most of the infected plants are in Germany, and no cases have been reported in the UK, he added.

On Wednesday, Microsoft published a patch for the Stuxnet malware, which combines the characteristics of a rootkit, a worm and a Trojan. Siemens is advising its customers to implement the fix as soon as possible.

Globally, Stuxnet has infected between 90,000 and 100,000 systems, according to Symantec. Liam O’Murchu, a Symantec researcher, is scheduled to present a study of the malware at the Virus Bulletin VB2010 conference in Vancouver at the end of September, technology publication Computerworld UK noted on Thursday.

The malware has code which allows a hacker to control industrial systems, and it hides using a number of rootkits. It spreads via USB sticks using a vulnerability in Microsoft Windows.

“Any threat that is capable of taking control of a real-life physical system is worthy of a closer look.”

Globalized Cyber Crime

FBI Special Agent Conor Phoenix, a coordinator in the New Haven Computer Crimes Task Unit, will speak on September 27 at the New Canaan Library at 7:00 P.M on Globalized Cyber Crime.  This free program is part of the Great Decisions series.

International cyber crime creates new challenges for the US. The remote nature of cyber crime places new challenges in a world governed by jurisdiction and the weak laws of neighboring states. Yet with the explosive growth of internet worldwide, computer crimes increasingly are prone to have international dimensions.  Agent Phoenix will speak to these issues.

Great Decisions, a program of the Foreign Policy Association, is presented by the World Affairs Forum, whose mission is to expand understanding of global affairs and America’s role in the world.

Over a million websites served malware in Q2

Over a million websites were compromised by malware in the second quarter of this year, according to a report from security firm Dasient.

The report was compiled from the company’s telemetry systems which, it claims, monitor millions of websites daily. The figures are then extrapolated to render infection rates across the internet.

Malware attacks appear to be rising at a rate averaging around 24 per cent according to the numerous research figures on the internet. Dasient’s own figures show 56,000 websites poisoned at the end of last year followed by 720,000 in the next quarter. With the new figure of 1.3 million the trend seems to be a rapidly rising curve.

Malvertising is an area of concern, according to the research team.

Malicious online advertising, or malvertising, is an area of concern, according to the company. They look like harmless adverts but deliver malicious code when they are clicked on or lead the victim onto a more treacherous website.

It was estimated that 1.6 million malvertisements are served every day. Usually, the website owners soon eliminate them but the attackers have discovered a way to gain time. By posting the ads at the end of the week they usually have a few days before a webmaster comes anywhere near the site and then the malvert has to be discovered.

The researchers reckon that the average malvertising campaign can last for 11.5 days before being eradicated.

Another attack highlighted is the use of third-party widgets on sites. It appears that 75 per cent of websites import JavaScript widgets for building the site. If just one of these becomes infected it will potentially affect hundreds of thousands, dependent on the widget’s popularity.

A further 42 per cent of sites use advertising-related resources to manage their own in-house ads or to show third-party ads on auxiliary sites. Even financial websites have been known to fall for this but the main villains are publisher sites.

The Dasient team offers the following advice: “The malware epidemic is not slowing down – on the contrary, it’s exploding. Now is the time for businesses to educate themselves on how they can put safe security practices in place for their websites to protect their customers, their brand and their revenue. The first step is to make sure they are not exposed by monitoring their websites for malware regularly.”

Things you should know before you decide to install Antivirus software

First I want to start by saying that Antivirus software is as good as the user behind it.

Here are a few simple but very important things you should consider when choosing your Antivirus software.

1. Always test Antivirus software before you decide to buy it, all the tests and reviews can’t tell you if the program will be compatible with the rest of your system. Most Antivirus programs have 15-30 day trial versions and that is enough time to see if the program will suite your needs and blend in with the rest of your programs.

2. Be honest about your knowledge and experience and pick a program that you understand.

3. Inform yourself about the possibility of False Positives, most vendors will not talk about it, but False Positives are very common and can cause as much damage as  viruses. Almost all of today’s Antivirus programs have some form of heuristic detection, this ,in other words, means they are able to detect new variants of viruses without receiving signatures for them. This method of detection is known to produce False Positives, be sure that you understand what False Positives are before you decide the activate this feature.

4. You have to understand that Antivirus programs are your first line of defense, therefore you need to keep them updated at all times. It is strongly recommended to enable automatic updates upon installation.

5. Enable Real Time protection. Real Time protection is the most important feature of all security applications, its job is to block and prevent infections.

6. When choosing Antivirus software, try to find a balanced solution. The best options are the programs that provide high level of Real Time protection, have good malware removal capabilities and have low False Positives rates. This is about the hardest thing you will have to do, but at the end you will see that it was worth it.

7. Don’t make your system a slave. Many people get obsessed with internet security and choose applications that are recommended by other users, this may or may not be the best solution for you. Many times people install quite a few security applications thinking that then they will be secure.What they don’t realize that their system, the one they are protecting, is carrying a tremendous load and is not able to function properly with all the programs running.

8. What is more valuable then any Antivirus program? You, you decide , in 99.9% of the cases, what comes into your computer and try to make wise choices and think twice before you click on something.