Cryptocurrency-mining Windows malware has been found for the first time on a network of industrial control systems (ICS) at an operational treatment plant for a water utility. Radiflow, a security provider for critical infrastructure, made the discovery recently. Initial investigations suggest that the malware arrived via malicious advertising viewed in a web browser on a machine responsible for the ICS's Human Machine Interface (HMI). So really this story is about three problems.
Source :
In a first, cryptocurrency miner found on SCADA network
Water Utility in Europe Hit by Cryptocurrency Malware Mining Attack
(Score: 1, Insightful) by Anonymous Coward on Monday February 12 2018, @07:08AM (1 child)
With stuff like Windows XP it's a good bet that your hardware will still work as badly in 2018 as it did in 2008.
All bets are off for Windows 10 - the updates seem to bork it regularly.
If you say "don't update your Linux kernel" then you have about the same problem as not updating Windows.
Good luck getting OSS drivers for all the hardware you need to run your nuclear power station AND successfully recompiling them AND getting them to work every time the Linux developers break compatibility.
Microsoft used to have a serious commitment to backward compatibility and it mostly worked. Yes the same malware will work for 15 years, but so will the same hardware in most cases with no need for extra human intervention.
(Score: 2) by requerdanos on Monday February 12 2018, @04:16PM
Instead of "not updating" a particular kernel version, which is not a solution, people who want to stay with a particular kernel version update that version, folding security changes from newer versions into that one.
I have at least one host with a 2.6-series kernel released earlier this year. That's an extreme example, but LTS kernels are not kernels that are "not updated", they're kernels that receive the updates, but don't break ABI.
The safety practices in nuclear power plants are extreme, and are made out of money; such drivers would be no exception.
Again, this is only a problem if you are not on an LTS kernel. If a group of Debian volunteers can maintain a LTS kernel, then I would submit that "AC's Nuclear Safety Feature Conglomerate, Inc." should be able to do the same (if nothing else, said corp. could just hire debian developers, who would work a lot cheaper than nuclear engineers...).