Posted 11.18.2010 at 4:41 pm
10 Comments
Stuxnet's Target System
Symantec researchers have figured out that Stuxnet attacks a specific kind of system, changing the frequency output of the converters and altering the speeds of the motors or processes controlled by the system.
Symantec
The Stuxnet worm has generated plenty of commentary from computer industry experts and security pundits, but yesterday the U.S. government’s senior cybersecurity expert at the Department of Homeland Security weighed in, calling the malicious program a “game changer” in cyber warfare. The head of the DHS’s Cybersecurity Center, Sean McGurk, made the statement to the Senate Homeland Security Committee Wednesday.
We already knew Stuxnet was unprecedented, but it’s what is unknown about it that makes it so unsettling. The code can enter systems undetected, steal information or alter processes, and basically live there causing a mess of things while the system appears to security software to be working properly. But authorities don’t know where the Stuxnet worm came from, or what it was specifically designed to attack, McGurk told Senators.
That last part is debatable. While there is still a degree of uncertainty about Stuxnet’s aims, cybersecurity firm Symantec released a report Friday saying that all evidence points to Iran as the target of the worm. “Stuxnet is a threat targeting a specific industrial control system likely in Iran, such as a gas pipeline or power plant,” the report reads. “The ultimate goal of Stuxnet is to sabotage that facility by reprogramming programmable logic controllers (PLCs) to operate as the attackers intend them to, most likely out of their specified boundaries.”
Symantec researchers were able to deduce this from the fact that Stuxnet requires specific industrial control systems from very specific vendors (one in Finalnd, the other in Tehran) to work, and more than 60 percent of infections have been reported in Iran (there have been approximately 44,000 unique infections reported; just 1,600 are in the United States). That has led to speculation that Stuxnet was designed to sabotage Tehran’s controversial uranium enrichment program.
Still, global security experts appear co closer to pinpointing a source of the attack, which is a serious threat to systems that control infrastructure like power grids and pipelines around the globe. That’s more than a little unsettling in a wired world. According to one cybersecuiry expert quoted by CNN, “we’re not only susceptible, but we’re not very well prepared.”
10 Comments
To comment, please Login.
Popular Tags
Technology
|
|
|
|
|
|
June 2013: American Energy Independence
Five amazing, clean technologies that will set us free, in this month's energy-focused issue. Also: how to build a better bomb detector, the robotic toys that are raising your children, a human catapult, the world's smallest arcade, and much more.
Popular on Popsci
Most Commented
Technology
- Defense Distributed's Cody Wilson On Being Told To Remove 3-D Printed Gun Plans: "We Win"
- Thieves Stole $45 Million From ATMs Because The U.S. Uses Absurd 40-Year-Old Technology
- A California State Senator Is Trying To Outlaw 3-D Printed Guns
- 2013 Invention Awards: Family Flier
- Autonomous X-47B Jet Fighter Makes Historic First Launch From An Aircraft Carrier
- U.S. Navy Spends $37 Billion On A Ship That Barely Works
- Time-Lapse GIFs Show Earth Transforming Over 25 Years
- How To Turn An AK-47 Into A Soup Ladle
- How The World's First 3-D Printed Gun Works
- Iran Unveils Absurd New Stealth Drone
Most Emailed
Technology
- NASA Invests In 3-D Food Printer For Mars Missions
- Oklahoma Students Design Drones That Can Fly Into Tornadoes
- Russia's 'Space Ark' Returns All Of Its Lizards And Half Its Mice Safely To Earth
- Google Maps Helps People Find Families They Lost Decades Ago
- Norwegian Geologists Begin Drone-Guided Quest For Oil
- Another Big Milestone For The X-47B: Its First Touch And Go Landing
- South Pole Lab Detects Elusive Deep-Space Neutrinos For The First Time
- Yahoo! Officially Acquires Tumblr For $1.1 Billion
- Mars Rover Opportunity Travels Farther Than A NASA Vehicle Has Ever Traveled On Another Planet
- 7 Reasons Why 'Star Trek Into Darkness' Is A Beginner's Guide To Star Trek [Spoiler Alert]
Most Viewed
Technology
- NASA Invests In 3-D Food Printer For Mars Missions
- Oklahoma Students Design Drones That Can Fly Into Tornadoes
- Russia's 'Space Ark' Returns All Of Its Lizards And Half Its Mice Safely To Earth
- Google Maps Helps People Find Families They Lost Decades Ago
- Norwegian Geologists Begin Drone-Guided Quest For Oil
- Another Big Milestone For The X-47B: Its First Touch And Go Landing
- South Pole Lab Detects Elusive Deep-Space Neutrinos For The First Time
- Yahoo! Officially Acquires Tumblr For $1.1 Billion
- Mars Rover Opportunity Travels Farther Than A NASA Vehicle Has Ever Traveled On Another Planet
- 7 Reasons Why 'Star Trek Into Darkness' Is A Beginner's Guide To Star Trek [Spoiler Alert]
Online Content Director: Suzanne LaBarre | Email
Senior Editor: Paul Adams | Email
Associate Editor: Dan Nosowitz | Email
Assistant Editor: Colin Lecher | Email
Assistant Editor: Rose Pastore | Email
Contributing Writers:
Rebecca Boyle | Email
Kelsey D. Atherton | Email
Francie Diep | Email
Shaunacy Ferro | Email
Today on PopSci.com
Copyright © 2012 Popular Science
A Bonnier Corporation Company. All rights reserved. Reproduction in whole or in part without permission is prohibited.
For those wondering why the U.S. consistently supports a certain country of the Levant...it doesn't want to be on its bad side.
Read "Cyber War" by Richard A. Clark
It will inform you of just how serious this
situatuation is. Our top cyber security experts
in our country and our allies all know how
vunerable we all are and currently there is
not much we can do about it.
Cyber attacking these days is way ahead of cyber defending
Our top cyber defender officials say there are
hackers in other countries out there that
currently have malicious sleeper code in our
most secure networks that control power grids,
nuclear power plants, wall street and banking
institutions, all branches of military including
satelites that control UAVs.
The only thing stopping hackers from triggering
there attacks right now is nothing.
They only need to be provoked and all we can
do is clean up the mess if possible.
This is scary stuff. That is why I always think it is a good idea to have hard copies of stuff. I wish knew more about computers. If I did I would try help expand cyber security, even for free. To make the world a better and safer place sometimes you have to sacrifice time knowing you will not be payed for your work.
The only way any major systems could be affected is if they're connected to the net. Iran was just stupid enough to keep their important computers connected. All that anyone has told them is that they need to disconnect them from their main network and do what everyone else has been doing since 1990.
The only real important system that needs the net is banking, but it also has more money and desire for security than any other system in the world so it's very doubtful that it could be taken down very easily.
Watch the intelligence squared debate on the subject, it's a few months old but interesting still.
If Iran was targeted then I'm sure Israel was behind it!
@zajhein
Not true, the atack came via an USB-stick.
@zajhein
Also there is a bigger push to create "smart" power grids, etc. With that, you have to be connected to some kind of network. When you do that, you open the door for infection via network since most of the will most likely use the internet for communication to keep costs down.
Alot of industrial IT systems are net connected for maintenance purposes - sometimes the owners don't realise they are net connected because they do not realise that back-doors that allow monitoring and maintenance mean that your system is net connected.
The problem is not the worm. The problem is when the systems continually have millions and billions of dollars worth of updated, but basically the same technology base equipment installed. Non UNIX/POSIX is a start. Trinary and a non-hexadecimal are also options. To all of a sudden say we are going to stop the advancement of hardware while we wait for malware to catch up is typical madness, I suppose. We like UNIX/POSIX because it is simple and fairly efficient, but who cares? Storage is cheaper every day. We keep right on turning down very advanced alternative technologies each year in favor of the same old thing-FOR THE SAME PRICES. Stuxnet my butt. Who needs a tunneling worm when a Pfc can dump ForceNet content at will? Isn't it plugged into everything? We don't apparently employ any real data containment measures; not even in an active war zone where a reasonable person would consider every interface or piece of equipment easily compromised.