Nachi Worm on Advanced Process Control Servers
| Event Year: | 2003 | Reliability: | Confirmed |
|---|---|---|---|
| Country: | France | ||
| Industry Type: | Chemical | ||
| Description: | Staff noticed that the Advanced Process Controls (APC) Servers were getting slower and slower. Investigators found Nachi virus on 8 APCs (running Windows 2000) and disconnected these servers from production network for 5 hours. The virus was not detected on the Honeywell DCS stations (running Windows NT). |
||
| Impact: | Incident reduced feed for several hours (Running in a safer mode). |
||
| Action Description: | Changed firewall rules, changed policy, antivirus policy. The company will also be starting measures to better separate the APC Network from central business network. | ||