The root of Stuxnet is unknown, but the root of security is people, says Sophos

The politicisation of malware in 2010 shows that the gloves are off, and business organisations need to prepare for a whole new game

The politicisation of malware in 2010 shows that the gloves are off, and business organisations need to prepare for a whole new game, says Graham Cluley, senior technology consultant at Sophos.

The denial-of-service attacks in support of Wikileaks and the emergence of the Stuxnet worm, he believes, are two of the strongest indicators that the game has changed and of what is to come in 2011.

The importance of Stuxnet is that it hinted at the potential of malware to attack and subvert the kind of sensitive national infrastructure that conspiracy theorists have long suggested as a prime target, according to the Sophos 2011 security threat report.

"In all likelihood, there will be more Stuxnet-like pieces of malware in the coming year," said Cluley. "In 2010, we really did see a change in the threat landscape that went beyond a general escalation."

Although we are likely never to know for certain who created Stuxnet and for what exact purpose, he said it demonstrates that highly targeted malware can be used to affect the functioning of critical infrastructure hardware.

The value of Stuxnet is highlighted in the Sophos threat report, which said it exposed a number of flaws in many layers of security processes.

Stuxnet, which the report said will be remembered more for its media impact than its effect on global politics or industry, continues to provoke speculation about its origins and purpose.

The latest theory is that the virus was designed as an American-Israeli project to sabotage the Iranian nuclear programme.

A recent report by The New York Times strings together, mostly anonymous, statements by computer scientists, nuclear enrichment experts and former officials, that support the view that the race to create Stuxnet was a joint project between the Americans and the Israelis, with some help, knowing or unknowing, from the Germans and the British.

But, by the report's own admission, many mysteries remain, chief among them being exactly who constructed a computer worm. The only consensus around this much-discussed worm is that Stuxnet is remarkable for the sophistication of the code and the amount of work involved in its creation.

Despite the highest-ever levels of sophistication, it is generally necessary to trick someone into doing something they should not, according to the Sophos report.

The report concludes that the root of cybersecurity is all about people, because computer threats are no more than attempts to trick people into doing what cybercriminals want them to do.

"Understanding of the threats, the threat methods and the tools we can use to protect ourselves now and in the future is the best and simplest way to minimise the danger," the report said.

Read more on IT risk management