Stuxnet malware attacks supervisory control and data acquisition (Scada) systems that use Siemens WinCC Scada software. The Siemens software is used by a range of critical infrastructure providers, such as utilities companies.
“In no case did we note any damage,” said Simon. “No critical infrastructure or production industry was infected.”
Most of the infected plants are in Germany, and no cases have been reported in the UK, he added.
On Wednesday, Microsoft published a patch for the Stuxnet malware, which combines the characteristics of a rootkit, a worm and a Trojan. Siemens is advising its customers to implement the fix as soon as possible.
Globally, Stuxnet has infected between 90,000 and 100,000 systems, according to Symantec. Liam O’Murchu, a Symantec researcher, is scheduled to present a study of the malware at the Virus Bulletin VB2010 conference in Vancouver at the end of September, technology publication Computerworld UK noted on Thursday.
The malware has code which allows a hacker to control industrial systems, and it hides using a number of rootkits. It spreads via USB sticks using a vulnerability in Microsoft Windows.
“Any threat that is capable of taking control of a real-life physical system is worthy of a closer look.”