Thursday, September 23, 2010

Stuxnet: Cyber Super Weapon



The terrifying new malware that heralds the dawning of the age of cyberweapons was found in June. It had already infected 45,000 computer systems around the world but mainly in Iran, India, Pakistan, and Indonesia. Iran's computer systems took the bulk of the infections. Computer security experts have painstakingly dissected and analyzed the exotic and highly dangerous piece of malware. Apparently it was designed to attack a specific computer system at a specific time, much like the viruses and trojans in the old days. It's target appears to be some unknown industrial complex such as a factory or power plant. In a way Stuxnet is like a cyber saboteur. It can exploit the vulnerability of the industrial software and destroy the physical location itself.

It's the first of its kind, a completely different breed of malware that most people encounter on a daily basis. One of the special features is its ability to attack only a specific target and leave non-targets alone. Its method of attack is through a usb drive, possibly that was designed especially for this purpose. It immediately infects the computer system when the usb drive is inserted to the usb port without the user doing anything. Because most of the infections happened in Iran, experts suspect that the politically-hot Bushehr nuclear plant is the target. It might have already been infected, but they're not certain. Creating malware of such sophistication would require vast amounts of resources and access to uncommon knowledge regarding the weaknesses of industrial software. This suggest the government of some unknown country was responsible. Suspects include the US, Israel, and Russian contractors who built the power plant. US and Israel already admits that they have such terrifying weapons. Experts believe that it might already be too late for Stuxnet's target.

Source

No comments:

Post a Comment