November 2014 – BlackEnergy Malware

November 2014 – BlackEnergy Malware

Systems Affected

This vulnerability impacts GE Cimplicity, and possibly Advantech/Broadwin WebAccess, and Siemens WinCC. It targets the Cimplicity “.cim” files.


The US Department of Homeland Security’s Industrial Control System Cyber Emergency Response Team (ICS-CERT) recently released an alert regarding malware that is targeting popular human-machine interfaces (HMIs) of industrial control systems. Based on a variant of the BlackEnergy malware toolkit, the malware infects HMI systems that have a direct connection to the Internet. Numerous vendors’ products have been targeted in a campaign that appears to have been going on since 2012. Read more…


There is no known impact to Survalent SCADA.