When probability becomes reality
A new 0-day vulnerability has recently been discovered in Windows (even though it is not strictly speaking a vulnerability, but a feature of the operating system) which allows unauthorized execution of files through the desktop shortcut icons. Our laboratory urges users to apply the small application released by Microsoft as a workaround until the definitive patch is developed (despite its side effects).
Besides the clear threat that this issue might represent should a cyber-crook develop specific malware to exploit this feature massively (in which case we can expect some weeks of high-activity…), it turns out that somebody had already realized this possibility of infection and had already developed and distributed a malware specimen specifically designed to affect SCADA systems.
SCADA systems –for those not familiar with the term- are normally used to control public services like electricity, water, as well as other large-scale industries and infrastructures related to the stability and functioning of countries, such as nuclear plants.
Since we started the National Cyber-Security Advisory Council (www.cnccs.es) in May 2009, one of the initiatives we have most strongly pushed for is the need to tighten up security in critical infrastructures. When we talk about this, people usually react as if these arguments actually belong to the script of the latest Hollywood summer blockbuster rather than a real danger.
We always argue that it is not that these threats are not real, but they -fortunately enough- have not yet been exploited… Even though we don’t have to go too far back in time to find news about potential cyber-attacks between countries.
Now, this malware strain is capable of silently infecting a user simply by sharing a memory device, and letting cyber-crooks, cyber-activists or even cyber-terrorists take control of any of the aforementioned infrastructures.
You must also bear in mind that these infrastructures are considered more vulnerable. Why? For a number of reasons:
- SCADA systems connect and communicate over the Internet.
- All sectors are increasingly dependent on information and communication technologies
- The “bad guys” have gradually more access to tools and networks that let them conduct this type of attack.
Add to this the existence of vulnerabilities or features that make their job easier and you will have the perfect ingredients for a devastating attack.
What is clear is that what once seemed to be a science-fiction scenario is now seen as a real threat (even though this danger existed in the past…). We hope these types of attacks take a long time to arrive… And we are truly prepared to neutralize them should they eventually occur.
![[Post to Twitter]](http://www.pandainsight.com/en/wp-content/plugins/tweet-this/icons/tt-twitter.png){kind=icon}
