Stuxnet. Your New and Improved Malware
Posted by Ray Powell on Fri, Oct 01, 2010
Malware has become of age. Until a few months ago, malware was more of an annoyance than a real threat. Now, it is highly targeted and aimed not at keylogging, etc, but reprogramming sophisticated industrial systems. It attacks the Supervisory Control and Data Acquisition (SCADA) systems. The Stuxnet first appeared in July focusing its target on Iran, this introduced a new era of cyberwarfare.
Many security researchers believe that this new worm is created to sabotage the Iran’s nuclear industry. Yes, you heard me right; nuclear facilities. “Stuxnet was discovered in July 2010, when a Belarus-based security company discovered the worm on computers belonging to an Iranian client. Since then it has been the subject of ongoing study by security researchers who say they've never seen anything like it before. Now, after months of private speculation, some of the researchers who know Stuxnet best say that it may have been built to sabotage Iran's nukes” (PC World.com).
Currently, these facilities are in startup mode. If done right, this malware will delay Iran starting these facilities by over a year. Maybe 2 years. Done wrong ... we don't know. This isn't your typical criminal. There is no monetary reward.
Don't worry about BinLaden, he can't do much on a laptop in a cave, powered by a generator!
Stuxnet is over .5MB in size (most malware is a 1% of this in size). Heavily encrypted and from what they've seen so far, written in a number of languages. We were all worried over "zeus", but it did nothing. If Stuxnet gets in the hands of the wrong guys (!!), say goodbye to our electrical grid, air flight grid and the US defense systems. Will this secretive and highly sophisticated worm start a new era of industrial cyber espionage?
We are all told, time after time, to keep changing our passwords!
Well, it seems they can't change the password on these chips as the system might fail! Opps, big time!
So, who wrote it? Dr. NO? no. SPECTRE? no. MI5, MI6, CSIS, FBI, Tamil Tigers, PLQ? no.
Oil companies? no. Disgrunted Iranians? no. Mafia? no. Russian Mafia? no. That leaves only the sacked French FIFA football team, or a government body.