Blog Catalog

Saturday, September 25, 2010

Update on Stuxnet malware

From The New York Times today: The malware, known as Stuxnet, was discovered in mid July, at least several months after its creation, by VirusBlokAda, a Belarussian computer security company that was alerted by a customer. I thought that interesting--that a Belarussion computer security company was first alerted to it. Then there's a little more educated guess than what I wrote earlier, of just what Stuxnet is designed to do: Exactly what Stuxnet might command industrial equipment to do still isn’t known. But malware experts say it could have been designed to trigger such Hollywood-style bedlam as overloaded turbines, exploding pipelines and nuclear centrifuges spinning so fast that they break. Stuxnet’s remarkable sophistication has surprised many security professionals. Its authors had detailed knowledge of Siemens’ software and where its security weaknesses are. They discovered and used four unknown security flaws in Microsoft’s Windows operating system. And they masked their attack with the aid of sensitive intellectual property stolen from two hardware companies, Realtek and JMicron, which are located in the same office park in Taiwan. “It’s impossible this was created by some teenager in his basement,” Mr. Chien said. “The amount of resources and man hours to put this together,” he said, show “it has to be something that was state originated.” Once again, the ubiquity of Microsoft proves itself a great disadvantage and makes it far more likely one's computer would be attacked. It seems clear more computers will have to get off Microsoft, I should think, with this kind of ultra-sophisticated attack developing. Also, that this malware seems likely to have been created by a government is a fascinating, complicated and rather diabolical detail, too. It will be more fascinating to see how this develops. Link to original post: http://bits.blogs.nytimes.com/2010/09/24/malware-hits-computerized-industrial-equipment/?th&emc=th

2 comments:

Mark said...

I just hope a solution is found to deal with this and other recent worms prowling the web.

Mo Rage said...

Even if there is, Mark, this is only the beginning of large, complicated attacks, apparently by governments, on other governments or their infrastructures.

Seriously, this Stuxnet malware is likely shaking some high-level boots, so to speak, ini governments all 'round the world.

mr