SCADA-phobia

I honestly don’t know if this is something to take seriously or just the latest in cyberwar hype, but….

Anti-virus specialists report that a new trojan is spreading via USB flash drives, apparently exploiting a previously unknown hole in Windows.

….An investigation by malware analyst Frank Boldewin has shown that this is not just any old trojan designed to harvest passwords from unsuspecting users….During his investigation, Boldewin came across some database queries the trojan made that point towards the WinCC SCADA system by Siemens. As Boldewin explained in an email to The H’s associates at heise Security, a “normal” malware programmer wouldn’t have managed to do that. Boldewin continued “As this Siemens SCADA system is used by many industrial enterprises worldwide, we must assume that the attackers’ intention was industrial espionage or even espionage in the government area”.

Stewart Baker explains what he thinks this means:

This particular exploit is remarkably sophisticated and singleminded….Most troubling is what the malware goes looking for once it starts up. The entire attack seems designed to exploit holes in the Siemens SCADA software that runs electric grids around the world.

As far as I can tell, there’s no reason to compromise a SCADA system other than to take it down. The SCADA system doesn’t contain credit card numbers or other financial data, and I doubt that compromising it is a cost-effective way to steal power for free….There are no obvious secrets to steal from a SCADA system — other than the secret of how to bring the system down. So the logical goal of the malware is not so much espionage as sabotage.

Let me repeat that for emphasis. This elaborate, previously unseen piece of malware, which surely could have been a big moneymaker if used to create a botnet or to send spam, has instead been put to use for a purpose that has no obvious economic payoff — compromising the power grid.

The comment thread on Baker’s post is lively and, needless to say, not everyone agrees with him that this is as big a deal as he thinks. And since I don’t have the chops to have an independent opinion, don’t take this post as an endorsement of what Baker says. But it seemed interesting and potentially ugly. Just thought I’d pass it along.

And while I’m on the subject, if you didn’t read Mark Bowden’s Atlantic piece about the Conficker worm, “The Enemy Within,” when it came out a few weeks ago, it’s well worth your time. It’s pretty riveting stuff if you have even a little touch of nerd in you.

One More Thing

And it's a big one. Mother Jones is launching a new Corruption Project to do deep, time-intensive reporting on the corruption that is both the cause and result of the crisis in our democracy.

The more we thought about how Mother Jones can have the most impact right now, the more we realized that so many stories come down to corruption: People with wealth and power putting their interests first—and often getting away with it.

Our goal is to understand how we got here and how we might get out. We're aiming to create a reporting position dedicated to uncovering corruption, build a team, and let them investigate for a year—publishing our stories in a concerted window: a special issue of our magazine, video and podcast series, and a dedicated online portal so they don't get lost in the daily deluge of headlines and breaking news.

We want to go all in, and we've got seed funding to get started—but we're looking to raise $500,000 in donations this spring so we can go even bigger. You can read about why we think this project is what the moment demands and what we hope to accomplish—and if you like how it sounds, please help us go big with a tax-deductible donation today.

We Recommend

Latest

Sign up for our newsletters

Subscribe and we'll send Mother Jones straight to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.

Subscribe

Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.

Donate