News

Stuxnet worm is prototype for cyber-weapon, say security experts

The exact target of the Stuxnet worm that appeared more than a year ago is still a matter of speculation, but security experts agree it is one of the most sophisticated pieces of malware seen to date.

Researchers have described Stuxnet as a one-of-a-kind, sophisticated malware attack backed by a well-funded, highly skilled team.

The malware exploited four zero-day vulnerabilities in software from Microsoft and two valid security certificates to target about a dozen Siemens supervisory control and data acquisition (Scada) systems around the world.

Microsoft and Siemens have since released security patches for all vulnerabilities exploited in the attacks.

Stuxnet is believed to be the first known piece of malware to target real-world critical infrastructure such as nuclear power stations and water plants.

The attackers had an intimate knowledge of Scada technology, according to security firm Kaspersky Lab, which has been studying the malware.

Stuxnet proves that the defence of any critical infrastructure cannot be put in the hands of traditional security technologies, said Mark Darvill, director at security firm AEP Networks.

"The sophistication of this threat has the potential to cause widespread disruption or worse, if successful," he said.

Darvill said infrastructure providers need to scale up security in the same way the military does when delivering intelligence to dangerous combat zones.

Security thinking needs to switch from allowing everything in until it is proved to be bad, to preventing anything from coming in unless it is proved to be good, said Alan Bentley, senior vice-president international at security firm Lumension.

Stuxnet marks a distinct move from financially-motivated crime to cyber-terrorism and cyber-war, said Eugene Kaspersky, chief executive of Kaspersky Lab.

Speaking at the Kaspersky Security Symposium in Munich, Germany, Eugene Kaspersky described Stuxnet as the "opening of Pandora's box".

"Stuxnet was not designed to steal money, send spam or grab personal data. It was designed to sabotage plants and to damage industrial systems," he said.

Kaspersky Lab believes that Stuxnet is a working prototype of a cyber-weapon that could lead to a cyber-arms race.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy