AMD's MHz run faster than anyone else's - e-kenmac
|
|
|
Stuxnet worm is a nation state weapon
INSECURITY EXPERTS at the Russian firm Kaspersky have warned that the Stuxnet worm is a serious threat designed to take down the critical infrastructure of industrial nations.
The firm said that the worm, which has gained as many column inches as we suspect it has code, is a sophisticated malware attack designed with one purpose in mind - industrial mayhem.
So capable is it, they added, that it could only be the work of a "well-funded, highly skilled attack team with intimate knowledge of SCADA technology". SCADA, or supervisory control and data acquisition, is the generic term for computer software systems that control industrial plants such as large, highly automated factories, national electical grids and even nuclear power plants.
Eugene Kaspersky, co-founder and CEO of the firm, said that Stuxnet heralded in a new and more alarming type of cyber attack, one that was designed to take down very large targets and their national infrastructure.
"I think that this is the turning point, this is the time when we got to a really new world, because in the past there were just cybercriminals, now I am afraid it is the time of cyberterrorism, cyberweapons and cyberwars," he said.
"This malicious program was not designed to steal money, send spam or grab personal data. This piece of malware was designed to sabotage plants, to damage industrial systems. I am afraid this is the beginning of a new world. I am afraid now it is a new era of cyberwars and cyberterrorism."
The worm, it appears, goes after four zero-day vulnerabilities, three of which the firm has reported directly to Microsoft. As well as exploiting these, the creators used two valid certificates, from Realtek and JMicron according to Kaspersky, which helped them beat detection.
Once unleashed, Stuxnet will go after SCADA systems, which are used in industrial control systems, often for monitoring, and take them down. Kaspersky said that such systems would be found in oil pipelines, power plants, large communications systems, airports, ships and military installations.
As if none of this was enough to earn Kaspersky a 'the end is nigh' sandwich board, the company added that Stuxnet could only have been developed by some extremely skilled professionals with vast resources and cash at their disposal, with the aim of sabotaging systems.
The firm signed off by saying, "Stuxnet is a working - and fearsome - prototype of a cyber-weapon, that will lead to the creation of a new arms race in the world. This time it will be a cyber-arms race."
After reading that, we were cowering in our basement. µ
Share this:
Share
I just wonder what is the real damage this very sophisticated virus has produced. Cause so far, I have only seen tons of press articles describing how sophisticated it is. But that does not count for real damage though...
If the system is designed for to target systems, then if you switch to Linux it will still target Linux. This was a custom crafted money pit. It doesn't matter what systems you have. What might only solve this is if each and every system is unique. A lot like phones, or embedded systems. If people want to listen to mp3 or watch movies, then get another machine. Then each virus will have to be made for each target. See thats one problem that IOS, winmo and Android are creating. They are making viruses possible for smart phones too.
These machines WERE OFFLINE! Now they are permanently offline :P
Stuxnet is the first virus that is a cyber weapon. I just hope it's directed at idiots like iran who think they can keep their radioactive enrichment program for "ENERGY" use only. (Which is laughable)
When they found that iran was testing a neutron initiator, someone probably put this worm into action.
Is this scary? yea. kinda. Has someone abused it yet? IMHO? Nope.
Chance that the US spooks wrote this thing: 100%
Chance they will claim it's china or iran: 100%
Chance they are dirty lameasses: 110%
Chance that they won't get huge rewards and possibly medals for their efforts: 0%
@Joe - That's the point! The virus was found in many offline systems in Iran, the only source for this virus was a DoK that was connected to a USB port on one of this offline system computers.
Why don't they take these systems off line? Is it really that inconvenient that you should be at work, with supervisors looking over your shoulders, before you take a nuclear plant down? Anything really important should not be connected to the internet.
From other reports, it's quite specifically aimed at Iran's nuclear plant. Could be US source, though, as US and Israel are definitely trumping up a war on Iran to continue conquest of, or at least the perpetual war in, the Middle East.
Since microsoft will never fix its vulnerable software it is time to go to a nix operating system for business and if you desire use windows for entertainment. That may not fix the problem completely but it will get most of it fixed.
No more data pushes through the WWW - from now on all data should be pushed back and forth over a dedicated fiber that requires an ever-mutating key code - it will have to be completely people-proofed by only allowing certain people to have access to certain portions of the system/software/ hardware (similar to compartmented information and project techniques in DoD) - one-way data can be flat-filed and over-nighted - data manipulation servers need to be completely disconnected from any web service as a stand-alone device for number crunching - all SCADA equipment is never connected to the web - SCADA data can be logged but the controls will have to be local unless you build fiber to the site - access will be extremely limited to a handful of technicians who need to be well-paid and completely anonymous to the world (even their vehicles will have a bogus trade name).
Find the ones responsible and hang them upside down in a very deep and dark well for a few days - they will most certainly be willing to talk after that experience.