Sunday, October 03, 2010

Caroline Glick - On the Stuxnet Malware

The lessons of Stuxnet

There's a new cyber-weapon on the block. And it's a doozy. Stuxnet, a malicious software, or malware, program was apparently first discovered in June.

Although it has appeared in India, Pakistan and Indonesia, Iran's industrial complexes - including its nuclear installations - are its main victims.

Stuxnet operates as a computer worm. It is inserted into a computer system through a USB port rather than over the Internet, and is therefore capable of infiltrating networks that are not connected to the Internet.

Hamid Alipour, deputy head of Iran's Information Technology Company, told reporters Monday that the malware operated undetected in the country's computer systems for about a year.

After it enters a network, this super-intelligent program figures out what it has penetrated and then decides whether or not to attack. The sorts of computer systems it enters are those that control critical infrastructures like power plants, refineries and other industrial targets.

Ralph Langner, a German computer security researcher who was among the first people to study Stuxnet, told various media outlets that after Stuxnet recognizes its specific target, it does something no other malware program has ever done. It takes control of the facility's SCADA (supervisory control and data acquisition system) and through it, is able to destroy the facility.
Read the rest here.

UPDATE: April 12, 2012

Stuxnet delivered to Iranian nuclear plant on thumb drive

An Iranian double agent working for Israel used a standard thumb drive carrying a deadly payload to infect Iran’s Natanz nuclear facility with the highly destructive Stuxnet computer worm.

That was the conclusion of a report issued today by ISSSource, which wrote that Stuxnet quickly propagated throughout Natanz–knocking that facility offline and at least temporarily crippling Iran’s nuclear program–once a user did nothing more than clicking on a Windows icon.

ISSSource’s report was based on sources inside the U.S. intelligence community.

1 comment:

  1. How deep was this damage? Or I guess I'm asking what it will take to get the facility back online? I hope we have guarded against the same?