The Stuxnet worm has generated plenty of commentary from computer industry experts and security pundits, but yesterday the U.S. government's senior cybersecurity expert at the Department of Homeland Security weighed in, calling the malicious program a "game changer" in cyber warfare. The head of the DHS's Cybersecurity Center, Sean McGurk, made the statement to the Senate Homeland Security Committee Wednesday.
We already knew Stuxnet was unprecedented, but it's what is unknown about it that makes it so unsettling. The code can enter systems undetected, steal information or alter processes, and basically live there causing a mess of things while the system appears to security software to be working properly. But authorities don't know where the Stuxnet worm came from, or what it was specifically designed to attack, McGurk told Senators.
That last part is debatable. While there is still a degree of uncertainty about Stuxnet's aims, cybersecurity firm Symantec released a report Friday saying that all evidence points to Iran as the target of the worm. "Stuxnet is a threat targeting a specific industrial control system likely in Iran, such as a gas pipeline or power plant," the report reads. "The ultimate goal of Stuxnet is to sabotage that facility by reprogramming programmable logic controllers (PLCs) to operate as the attackers intend them to, most likely out of their specified boundaries."
Symantec researchers were able to deduce this from the fact that Stuxnet requires specific industrial control systems from very specific vendors (one in Finalnd, the other in Tehran) to work, and more than 60 percent of infections have been reported in Iran (there have been approximately 44,000 unique infections reported; just 1,600 are in the United States). That has led to speculation that Stuxnet was designed to sabotage Tehran's controversial uranium enrichment program.
Still, global security experts appear co closer to pinpointing a source of the attack, which is a serious threat to systems that control infrastructure like power grids and pipelines around the globe. That's more than a little unsettling in a wired world. According to one cybersecuiry expert quoted by CNN, "we're not only susceptible, but we're not very well prepared."
For those wondering why the U.S. consistently supports a certain country of the Levant...it doesn't want to be on its bad side.
Read "Cyber War" by Richard A. Clark
It will inform you of just how serious this
situatuation is. Our top cyber security experts
in our country and our allies all know how
vunerable we all are and currently there is
not much we can do about it.
Cyber attacking these days is way ahead of cyber defending
Our top cyber defender officials say there are
hackers in other countries out there that
currently have malicious sleeper code in our
most secure networks that control power grids,
nuclear power plants, wall street and banking
institutions, all branches of military including
satelites that control UAVs.
The only thing stopping hackers from triggering
there attacks right now is nothing.
They only need to be provoked and all we can
do is clean up the mess if possible.
This is scary stuff. That is why I always think it is a good idea to have hard copies of stuff. I wish knew more about computers. If I did I would try help expand cyber security, even for free. To make the world a better and safer place sometimes you have to sacrifice time knowing you will not be payed for your work.
The only way any major systems could be affected is if they're connected to the net. Iran was just stupid enough to keep their important computers connected. All that anyone has told them is that they need to disconnect them from their main network and do what everyone else has been doing since 1990.
The only real important system that needs the net is banking, but it also has more money and desire for security than any other system in the world so it's very doubtful that it could be taken down very easily.
Watch the intelligence squared debate on the subject, it's a few months old but interesting still.
If Iran was targeted then I'm sure Israel was behind it!
Not true, the atack came via an USB-stick.
Also there is a bigger push to create "smart" power grids, etc. With that, you have to be connected to some kind of network. When you do that, you open the door for infection via network since most of the will most likely use the internet for communication to keep costs down.
Alot of industrial IT systems are net connected for maintenance purposes - sometimes the owners don't realise they are net connected because they do not realise that back-doors that allow monitoring and maintenance mean that your system is net connected.
The problem is not the worm. The problem is when the systems continually have millions and billions of dollars worth of updated, but basically the same technology base equipment installed. Non UNIX/POSIX is a start. Trinary and a non-hexadecimal are also options. To all of a sudden say we are going to stop the advancement of hardware while we wait for malware to catch up is typical madness, I suppose. We like UNIX/POSIX because it is simple and fairly efficient, but who cares? Storage is cheaper every day. We keep right on turning down very advanced alternative technologies each year in favor of the same old thing-FOR THE SAME PRICES. Stuxnet my butt. Who needs a tunneling worm when a Pfc can dump ForceNet content at will? Isn't it plugged into everything? We don't apparently employ any real data containment measures; not even in an active war zone where a reasonable person would consider every interface or piece of equipment easily compromised.