June 7, 2016– Abhisam has published a new white paper on Industrial Cybersecurity titled “How to detect Stuxnet like malware in your Control System”.
Stuxnet was the world’s most infamous malware that was apparently used to damage nuclear plant equipment at Iran’s Natanz facility, by unknown actors. This malware did damage to a lot of critical equipment in that facility. It did not just stay inside Natanz however, it spread everywhere, not only in Iran at other facilities, but also was found on many other Siemens make systems in Asia, Europe and elsewhere. After being discovered, security software researchers analyzed it, guessed its objectives and revealed their findings online. They also put the code online (presumably for other security researchers to analyze and take steps to harden other control systems).
Now that the Stuxnet code was there in the open, cyber security and cyberwar experts were warning us about copycat attacks, using code similar to Stuxnet. Any other malicious actor could simple copy and use it in creating similar attacks. This apparently seems to have been done, with the discovery of “Irongate” named by Fireye, who have released a report about it on their blog.
Abhisam’s whitepaper explains a simple way to detect these kind of malicious code that may enter your Control system or Safety Instrumented System.