September 2010

Why OPC Security Matters

Just about everyone who has ever commissioned an OPC Classic-based system has at least one horror story about how product X did the really strange and unexpected. And if you are in the security business like me, often the story is about how the particular product violated every reasonable security requirement known to man.

Stuxnet - I was wrong

Back in July when Stuxnet first became public, I wrote in our Siemens PCS7 WinCC Malware White Paper and told anyone that would listen that Stuxnet was targeted at stealing intellectual property from process systems. The code we analyzed showed Stuxnet performing SQL database accesses and process information uploading to servers in Denmark and Malaysia, so this seemed like a sure answer.

The Amazing Mr. Stuxnet

Week after week, the Stuxnet worm continues to amuse and astound all of us that have studied it. Last week it was Ralph Langner’s detailed analysis that showed Stuxnet wasn’t just infecting Windows boxes and stealing data, it was specifically designed to modify PLC logic so it could destroy a physical process. Next it is the amazing number of Windows zero-day vulnerabilities* it exploits to do its dirty work.