Friday, September 24

What is Stuxnet?

Stuxnet is what,
Computer virus that attacks a widely used industrial system appears aimed mostly at Iran and its sophistication suggests a state may have been involved in creating it, Western cyber security companies said on Friday.

"Stuxnet is a working and fearsome prototype of a cyber-weapon that will lead to the creation of a new arms race in the world," Kaspersky Labs said in a statement.

Here are some details on Stuxnet:

HOW DOES IT WORK?

* The virus is malicious software, or malware, that attacks widely used industrial control systems built by German firm Siemens. Experts say the virus could be used for espionage or sabotage.

* Siemens says the malware spreads via infected USB thumb drive memory devices, exploiting a vulnerability in Microsoft Corp's Windows operating system that has now been resolved.

* The malware attacks software programs that run Supervisory Control and Data Acquisition, or SCADA, systems. Such systems are used to monitor automated plants -- from food and chemical facilities to power generators.

* Analysts said attackers may have chosen to spread the malicious software via a thumb drive because many SCADA systems are not connected to the Internet, but do have USB ports.

* Once the worm infects a system, it quickly sets up communications with a remote server computer that can be used to steal proprietary corporate data or take control of the SCADA system, said Randy Abrams, a researcher with ESET, a privately held security firm that has studied Stuxnet.

WHO CREATED IT?

* Siemens, Microsoft and security experts who have studied the worm have yet to determine who devised it.

* Mikka Hypponen, chief research officer at Finnish security software firm F-Secure, says he believes it was a state sponsored attack. Stuxnet is highly complex and "obviously done by a group with serious technological and financial backing."

* Ralph Langner, a German cyber expert, says the attack was by highly qualified experts, probably a nation state. "This is not some hacker sitting in the basement of his parents' house." On his website, www.langner.com/en/index.htm, Langner said investigations would eventually "point" to the attackers. "The attackers must know this. My conclusion is, they don't care. They don't fear going to jail."

WHERE HAS IT SPREAD?

* A study of the spread of Stuxnet by U.S. technology company Symnatec showed that the main affected countries as of August 6 were -- Iran, with 62,867 infected computers, Indonesia with 13,336, India 6,552, United States 2,913, Australia 2,436, Britain 1,038, Malaysia 1,013 and Pakistan with 993.




(source:reuters.com)

No comments:

Post a Comment