Security researchers have discovered a new malware known as Irongate that is targeting Industrial Control Systems and has gone undetected for years until now. Irongate shares some similar traits as Stuxnet:
Tim Erlin, Director of IT Security and Risk Strategy at Tripwire says,“Striking the right balance of alarm without underrepresenting a threat or inciting panic is always tricky with discovered code. It’s naïve to think that interest in attacking control systems hasn’t continued since Stuxnet. We see less activity against control systems in part because of the lack of financial motivation for attackers and in part because the adversaries tend to be better funded or place a higher value on secrecy.
Irongate isn’t a wake-up call, but it is a reminder that researchers and attackers alike are still focusing on industrial control systems. Based on the evidence, this code has been around since 2012. That’s four years before someone happened to upload it to VirusTotal so it could be discovered. What other code is out there that simply hasn’t surfaced? “