China's National Computer Virus Emergency Response Center has published a notice, stating that it found a new type of virus named Stuxnet through its Internet monitoring.
According to experts, the virus spreads via mobile storage devices and local area networks; and it takes advantage of loopholes existing in Siemens' control system, SIMATIC WinCC/Step7, to infect the supervisory control and data acquisition systems. The SCADA systems are widely used in energy, traffic, and water industries, so people's lives will be seriously affected if these systems are compromised.
According to initial analysis, the major threats caused by the virus include: the virus targets special computing systems for SCADA; the SCADA systems are usually separated from the Internet due to its specificity and importance, so they cannot gain the latest operating system patch in a timely manner; and though the virus now only harms the SCADA systems made by Siemens, there may be its variants that can affect other computing systems.
The National Computer Virus Emergency Response Center suggests related energy, traffic, and waters departments in China enhance their protection against the new virus and make sure the latest patches are used.