The U.S. Department of Homeland Security is warning IT administrators and operators of industry control systems about the danger posed by the Flame (aka sKyWIper) malware after Microsoft acknowledged that the malware is able to spoof its Windows Update service to push malicious code onto vulnerable systems.
DHS issued a Joint Security Awareness Report on Tuesday (PDF), saying that spoofed Windows Updates now represented an “avenue for compromised that may be used by additional attacks on systems not originally the focus of the (Flame and) sKyWIper malware.”
For owners and operators of industrial control systems, ICS-CERT and US-CERT recommended that administrators review a June 3 advisory from Microsoft and work with ICS equipment makers to install the update, and to do impact analysis and risk assessment of the vulnerability prior to taking action.
What if we solve this problem simply and cheaply by having SCADA systems and servers use Linux ?
(A novel idea!)
Describe the SCADA methods.
Whoever has the most operating systems out there will be the biggest target. Noone is invulnerable.
maybe I will dust off my pretty little old iMac.
Your old iMac has vulns too NOOB