Lee and his team looked at real world malware targeting ICS and found a dozen cases where hackers sent malware to critical infrastructure facilities, malware that was tailored to compromise them, as opposed to random old malware that somehow finds its way to ICS networks.

In an upcoming paper that Lee is previewing at an infrastructure hacking conference on Tuesday, he will reveal two new malware samples and campaigns found targeting ICS facilities. One used a PDF of a document about nuclear material management, which was laced with malware; and the second one pretends to be legitimate software to target Siemens programmable logic controllers, or PLCs, essentially the computers that control how industrial control systems operate. The malicious Siemens malware infected 10 sites across the world, mostly in the United States but also Europe and China, according to Lee.

Link zur Quelle

hatr