This popped up in my email box this morning. It's a note from Eric Byres at Tofino. Eric is a well-known security expert and a sometime contributor to Control. "With announcement on Tuesday of the Microsoft patch for the Stuxnet vulnerability, we have updated our recommendations for addressing this critical SCADA-focused software worm. Our revised white paper "Siemens PCS7 WinCC Malware" is available for download by all Tofinosecurity.com members now.
(If you are not a member, you can become one by signing up. There is no charge and we have created a very complete program to ensure member privacy.)
We have also started a blog called Practical SCADA Security. The intent is to provide clear and simple guidance to our friends and customers when situations like Stuxnet occur. For example, in my next post I will discuss why Stuxnet will infect ALL versions of Windows, including older Windows-NT and Windows 2000 systems."
This might be something you want to check out and/or sign up for. I have a feeling we haven't heard the last of these kinds of attacks, and experts like Eric willing to share what they know will be an invaluable resource.
