Comment Re:Ooo! I can solve that one! (Score 1) 291
Sorry, i forgot to mention, Stuxnet only infects PCs and searches for the Step 7 (Siemens Development Environment) Software as well as any possibly connected / accessible PLC. The PCs that are most likely infected are those from the Service/Support or Development Department. These are usually not 'production' system but rather office PCs/Laptops that are likely used for other purposes than to program S7 PLCs most of the time.
PLCs run autonomous and use a real time embedded proprietary OS and are not infected by Stuxnet directly, Stuxnet may upload and hide new code to the PLC, but it does not copy itself to, or run on, a PLC.
Anyway, a few good safety rules should of course protect you from the original Stuxnet variant. Not allowing USB ports is a good measure but most users will revolt. Disabling Mass Storage device drivers is a better way to go in most cases. Not allowing a PC on both Production AND Office/Internet LANs is, of course, another. But usually technicians get lazy.. or they want to continue to play Mincraft SMP while they debug the S7 controlling the reactor safety systems -_-);
PLCs run autonomous and use a real time embedded proprietary OS and are not infected by Stuxnet directly, Stuxnet may upload and hide new code to the PLC, but it does not copy itself to, or run on, a PLC.
Anyway, a few good safety rules should of course protect you from the original Stuxnet variant. Not allowing USB ports is a good measure but most users will revolt. Disabling Mass Storage device drivers is a better way to go in most cases. Not allowing a PC on both Production AND Office/Internet LANs is, of course, another. But usually technicians get lazy.. or they want to continue to play Mincraft SMP while they debug the S7 controlling the reactor safety systems -_-);