Stuxnet Worm Shows Persistence Of Default Password Vulnerability - InformationWeek
IoT
IoT
Government // Mobile & Wireless
Commentary
7/20/2010
02:36 PM
Keith Ferrell
Keith Ferrell
Commentary
50%
50%

Stuxnet Worm Shows Persistence Of Default Password Vulnerability

The fast-moving Stuxnet worm targets Siemens industrial automation controls via default passwords, yet Siemens recommends that customers not change those passwords. Not a Siemens customer? You're not off the hook. Default passwords may well be more of an issue at your company than you know.

The fast-moving Stuxnet worm targets Siemens industrial automation controls via default passwords, yet Siemens recommends that customers not change those passwords. Not a Siemens customer? You're not off the hook. Default passwords may well be more of an issue at your company than you know.Evidently the Stuxnet worm's vector of choice is USB sticks, but its target is Siemens industrial process control software.

This one is particularly savvy and adngerous -- launching via AutoRun, Stuxnet looks around its new home for Siemens WinCC control software. No WinCC, no harm other than the worm's replication.

But if Stuxnet finds WinCC, the worm seeks to log into the system using a widely known default password.

And guess what? That default password is letting the worm in. Once in, the worm is believed to look for information to steal.

Despite this, and despite the fact that the systems the worm is after include industrial processes that could be targeted for potentially hazardous disruption rather than the intellectual property that's the worm's current goal, Siemens is advising its customers not to change their default passwords.

Doing so, it turns out, could throw the Siemens systems into chaos.

Why a hard-coded default password that has been publicly known (at least to the part of the public that goes to default password boards and listings) for years can't be changed even after a compromise as serious as Stuxnet is between Siemens and its customers.

But default passwords are hardly exclusive to Siemens, and if you haven't done an audit of your company's systems and whether or not any of them are running factory-installed passwords, now's the time.

This this one through and check on all possible default passwords that might be lingering in your workplace.

Not just the wireless routers and other devices that tend to be the first defaults we think of, but also any password-required device that came with a password in-place. Smart networked copiers, for instance -- and don't forget to see whether the manufacturer put a "hidden" default password in place for ease of service technician access.

Change those defaults right away.

Default passwords are a vulnerability you can do something about very easily -- unless of course you're a Siemens customer.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of the Cloud Report
As the use of public cloud becomes a given, IT leaders must navigate the transition and advocate for management tools or architectures that allow them to realize the benefits they seek. Download this report to explore the issues and how to best leverage the cloud moving forward.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of November 6, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll