Cryptocurrency-mining Windows malware has been found for the first time on a network of industrial control systems (ICS) at an operational treatment plant for a water utility. Radiflow, a security provider for critical infrastructure, made the discovery recently. Initial investigations suggest that the malware arrived via malicious advertising viewed in a web browser on a machine responsible for the ICS's Human Machine Interface (HMI). So really this story is about three problems.
Source :
In a first, cryptocurrency miner found on SCADA network
Water Utility in Europe Hit by Cryptocurrency Malware Mining Attack
(Score: 0) by Anonymous Coward on Monday February 12 2018, @04:41AM (2 children)
Not just Windows - Windows XP.
(Score: 2) by Runaway1956 on Monday February 12 2018, @06:17AM
The exact OS is relatively unimportant. You could have relatively "critical" machinery running on *DOS3.1, so long as it does not:
Problem 2: employees allowed to play on critical systems
Problem 4: with access to the internet
Problem 5: with a web browser
Problem 6: without an ad blocker
Problem 7: without antivirus (although with current attacks even a mediocre ad blocker will be far more effective than the best antivirus.)
Around the time that XP was at SP2, I found a computer in a Coca Cola bottling plant, in Dallas, running software on Windows 3.11. No internet, no gaming, no browser, just Windows, and a handful of applications, some of them designed in house, others heavily customized for in house use. I have no idea what they've done with that computer since then - they may have virtualized the damned thing, and they're still using the same software for the same purposes.
(Score: 2) by shortscreen on Monday February 12 2018, @10:33AM
If they were XP systems, I gotta wonder if the hardware was even useful for mining. How many old single-core Celerons does it take to equal one modern GPU?