Blog Catalog

Monday, September 27, 2010

The latest, best "educated guess" on the Stuxnet malware

As I said, the latest, best "educated guess" is out this morning on the Stuxnet malware program that seems to have been created to attack Iran's nuclear infrastructure: Computer attacks linked to wealthy group or nation WASHINGTON – A powerful computer code attacking industrial facilities around the world, but mainly in Iran, probably was created by experts working for a country or a well-funded private group, according to an analysis by a leading computer security company. The malicious code, called Stuxnet, was designed to go after several "high-value targets," said Liam O Murchu, manager of security response operations at Symantec Corp. But both O Murchu and U.S. government experts say there's no proof it was developed to target nuclear plants in Iran, despite recent speculation from some researchers. Creating the malicious code required a team of as many as five to 10 highly educated and well-funded hackers. Government experts and outside analysts say they haven't been able to determine who developed it or why. More: U.S. officials said last month that the Stuxnet was the first malicious computer code specifically created to take over systems that control the inner workings of industrial plants. The Energy Department has warned that a successful attack against critical control systems "may result in catastrophic physical or property damage and loss." Symantec's analysis of the code, O Murchu said, shows that nearly 60 percent of the computers infected with Stuxnet are in Iran. An additional 18 percent are in Indonesia. Less than 2 percent are in the U.S. "This would not be easy for a normal group to put together," said O Murchu. He said "it was either a well-funded private entity" or it "was a government agency or state sponsored project" created by people familiar with industrial control systems. A number of governments with sophisticated computer skills would have the ability to create such a code. They include China, Russia, Israel, Britain, Germany and the United States. But O Murchu said no clues have been found within the code to point to a country of origin. What would be fascinating to know throughout all this is what's going on behind the scenes, in the intelligence agencies of countries around the world--here in the US, in Europe, in Russia, China, everywhere. Additionally, it would be fascinating to know if all the "Western" or "free" countries are cooperating on this or if each is attacking the situation for knowledge about Stuxnet purely individually and secretly, away from the other countries. Naturally, they would, possibly, be able to learn more, quicker if cooperating but since this has so much to do with both internal national security for each country and because this Stuxnet problem has been described as a "missile" fired into the networks of computers worldwide, as it turns out. Finally, it will also be fascinating to find out, one day soon, hopefully, just what this malware has done, if anything, to computers and programs in Iran, specifically as it relates to their new nuclear reactor and/or other infrastructure. It would be great to know if it's done it's job already or not and, if it has, how effective and maybe devastating the program has been on the reactor. And for the Siemens company, it raises the question of if you get off Microsoft's software, I should think, if it's an option, since that lead to the weakness that could be exploited. I guarantee you, a whole lot of people worldwide have been spending a great deal of hours, around the clock, working on this and paying attention to what happened or what possibly happened. It will be a great story to keep an eye out for more details--real international computer espionage. Maybe the next movie out of Hollywood, if they can keep up with the story. Link to original post: http://news.yahoo.com/s/ap/20100927/ap_on_hi_te/us_computer_attacks;_ylt=AoEm_H4JUDDdS24Iv5GEm58k5I94;_ylu=X3oDMTNvaGMwbnA2BGFzc2V0Ay9zL2FwLzIwMTAwOTI3L2FwX29uX2hpX3RlL3VzX2NvbXB1dGVyX2F0dGFja3MEY2NvZGUDbXBfZWNfOF8xMARjcG9zAzEwBHBvcwMxMARzZWMDeW5fdG9wX3N0b3JpZXMEc2xrA2NvbXB1dGVyYXR0YQ--

No comments: