Sunday, 11 January 2015

Factories Target Online Banking Malware

Trojans designed to steal money from online bank accounts are also used at industrial plants and factories, so has had a security researcher know. Kyle Wilhoit anti-virus firm Trend Micro discovered thirteen different types of malware that occurred as software in SCADA (supervisory control and data acquisition) environments used. It involves, for example, Siemens WinCC, GE Cimplicity, Advantech and other human machine interface (HMI) products.

Although attacks on industrial environments often with attacks by countries are linked, it would be here involve ordinary cybercriminals. "It's an interesting trend, traditional banking Trojans and no targeted attacks," Wilhoit as late versus Dark Reading know. According to the researcher criminals focus their sights on SCADA / ICS systems because they are unsafe.

Many HMI machines run on Windows and would not use a virus scanner or are not equipped with the latest signatures. Most malware Wilhoit encountered no problems would be detected by an up-to-date virus scanner. While targeted attacks are still at risk managers should also take into account normal "crimeware", as the consequences can be just as bad. HMI systems are very susceptible to interference. Infection by a banking Trojan can also just as easily get the system down.

Wilhoit saw in October for the first peak in the attacks, but does not know what the occasion is. The criminals behind the malware use spear phishing mails and drive-by downloads to infect computers. Fake websites are used on that instance, resemble those of Siemens and supposedly download a WinCC update, while it is actually malware. Wilhoit 32 recently discovered malware instances that occurred as WinCC software. Next week, the researcher during a conference SCADA give more details about his research.

No comments:

Post a Comment