As some of you may know, the Stuxnet worm (and Conficker) has been running amok on both private and corporate networks. The malware spreading via USB devices is always the source of new threats. The latest development of Stuxnet exploits zero day vulnerabilities to target supervisory control firms and data acquisition (Scada) and other industrial systems. Such systems are being used to control pipelines’ pressure or motor work rates on industrial factory floors. Typical environments can be oil pipelines and power-plants, factories etc.
Conficker/Stuxnet detects platforms with Scada systems installed on and uses Windows vulnerabilities to gain access and spread through the network. In the light of current events and the continuous spread of the worm through USB ports and USB portable devices, endpoint security and data loss prevention solution developer CoSoSys has created a four-step strategy against Stuxnet that’s extremely easy to implement:
1. Disable the Autorun function for all portable storage devices
To do so, all you need is AutoRun Disable by Endpoint Protector, a free software available here.
2. Block all USB ports and all other connection interfaces for all computers in your network. There are a few endpoint security solutions you can use to achieve this: Secure it Easy, Endpoint Protector, or the software as a service My Endpoint Protector solution which is free for home users. More details on the solutions mentioned above can be found here.
3. Make sure your Antivirus is up to date
4. Make sure you perform all available Windows updates