This is so not the kind of thing I want to read on a Monday morning--especially when I'm in a pitched battle with my least favorite winter guest, bronchitis--but this is important. So listen up. If Stuxnet didn't scare you, and Walt's most recent post on bad data didn't, try this on for size. Another Industrial Control System virus is out there alive and well, and while it may lack the geopolitical glam of Stuxnet, it might me even more worrisome. The virus folk McAfee are calling it Night Dragon. It has hit multiple companies in the oil and gas sector and, according to Chemical Facility Security news, it iwas mainly an IT system cyber espionage attack; ICS-CERT notes that data was also collected from SCADA systems.
Here are some links to get you up to speed. First is the blog post from Chemical Facility Security News. (You'll have to scroll down the page to get to the specific post.) There there's the quick report from CNet. Then there's the whole detailed analysis from McAfee. (PDF).
Happy reading.
