Newsletters
The Enterprise Security Supersite NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
This ad will display for the next 20 seconds. Click for more information, or
Home Network Security Viruses & Malware Cybercrime Security Solutions More Topics...
APC Free White Paper
Optimize your network investment &
Enter to win a Samsung Galaxy Note

www.apc.com
Viruses & Malware
Next Generation Data Center Is Here!
Average Rating:
Rate this article:  
Stuxnet Discovered To Contain Two Stealth Weapons
Stuxnet Discovered To Contain Two Stealth Weapons

By Jennifer LeClaire
November 21, 2013 1:52PM

Bookmark and Share
“I would use the rough analogy that instead of cutting someone's brakes, you're making the accelerator stick,” he said. “This kind of action is a paradigm shift from most of the exploits that we see which typically try to break something. Anyone with a thorough understanding of the target can potentially use it against itself.”
 

Related Topics

Malware
Security
Virus
Worm


The Stuxnet virus that damaged Iran’s Natanz nuclear facility was worse than we thought. In fact, Ralph Langner, a cyber security expert, described it as “far more dangerous than the cyberweapon that is now lodged in the public’s imagination.”

Claimed by some to be a joint project between the U.S. and Israel, Stuxnet garnered worldwide attention when it destroyed about a fifth of Iran’s nuclear centrifuges. But according to Langner the story behind the story is that Stuxnet is not really one weapon, but there exist two versions of the virus.

“The vast majority of the attention has been paid to Stuxnet's smaller and simpler attack routine -- the one that changes the speeds of the rotors in a centrifuge, which is used to enrich uranium,” Langner wrote in Foreign Policy magazine. “But the [older version of Stuxnet] is about an order of magnitude more complex and stealthy.”

An Opening Salvo

It is now known that in 2007, an older version of Stuxnet, dubbed Stuxnet Mark I, targeted the gas valves in the Iranian nuclear reactor. By contrast, the second version of Stuxnet, which was reported in 2010, targeted the reactors' cores.

According to Langner, the first and largely forgotten version of the virus qualifies as nightmare for those who understand industrial control system security. And strangely, he said, this more sophisticated attack came first while the more familiar routine followed only years later -- and was discovered in comparatively short order.

We caught up with John Shier, a senior security advisor at Sophos, to get his reaction to the report. He told us Langner talks about Stuxnet as being the opening salvo in cyberwar -- and he couldn't agree more. While technology has been used in the past as part of larger and more traditional military campaigns, he said, Stuxnet is the most successful, purpose-built cyber weapon that we know of. And it also won't be the last.

“Whatever the reason for its eventual spread -- Langner posits this is due in part to contractors working at different customers and 'manually' spreading the malware versus exhibiting worm-like behaviour -- Stuxnet had some very serious unintended consequences, namely: Duqu and Flame,” Shier said. “Once the Stuxnet code was 'in the wild', portions of it became further weaponized and used to spawn new malware families targeting non-political assets. We don't need this kind of help from our own side.”

A Scary Proposition

Shier noted another interesting point from the report -- Stuxnet didn't necessarily exploit vulnerabilities so much as features. As he sees it, this is a scary proposition insofar as the weapon didn't rely entirely on novel discoveries but turned the system on itself.

“I would use the rough analogy that instead of cutting someone's brakes, you're making the accelerator stick,” he said. “This kind of action is a paradigm shift from most of the exploits that we see which typically try to break something. Anyone with a thorough understanding of the target can potentially use it against itself.”

Overall, Shier said, the report provides interesting insight into one of the most publicized cyber weapons to date. He said he thinks the conclusion that Stuxnet has given de facto 'permission' and motivation for other nation states to attempt their own version isn't entirely unfounded.

“I also think that it provided many nation states with a handy blueprint on how to do it well,” Shier said. “Whatever the long term impact, Stuxnet will always be remembered as a turning point in what was to be an eventual progression of the militarization of technology.”
 

Tell Us What You Think
Comment:

Name:

Rohit Chatterjee:

Posted: 2013-11-24 @ 7:57pm PT
It makes the system turn on itself? By accelerating existing operations? Sounds like a cancer.



Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.


 Viruses & Malware
1.   Android 'Fake ID' Puts Millions at Risk
2.   Big DDoS Attacks Hit Record in 2014
3.   Google Hacker Team to Hunt Bugs
4.   Russian Hacker's Charges Revealed
5.   Hackers Target Western Energy Firms


advertisement
Android 'Fake ID' Puts Millions at Risk
Users: stick to apps from Google Play.
Average Rating:
Big DDoS Attacks Hit Record in 2014
Attackers often use NTP reflection.
Average Rating:
Hackers Target Western Energy Firms
Appears to be state-sponsored group.
Average Rating:
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
Tor Internet Privacy Service Warns Users It Was Breached
You may never have heard of the Tor Project, but the Internet privacy service is making headlines. Tor’s devs say users might be victims of an attack launched against the project earlier this year.
 
Canadian Government Charges China With Cyberattack
The government of Canada is not happy with China. Canadian officials have accused "a highly sophisticated Chinese state-sponsored actor" of launching a cyberattack on its National Research Council.
 
Researchers Working To Fix Tor Security Exploit
Developers for the Tor privacy browser are scrambling to fix a bug revealed Monday that researchers say could allow hackers, or government surveillance agencies, to track users online.
 

Enterprise Hardware Spotlight
Apple Updates MacBook Pros, Cuts Prices Up to $100
The popular MacBook Pro laptop line just got an update and a price cut of as much as $100. The MacBook Pro with Retina display now includes faster processors and double the memory.
 
Dell, BlackBerry Not Sweating Apple-IBM Alliance
IBM's recent move to partner with Apple to sell iPhones and iPads loaded with corporate applications has excited investors in both companies, but two rivals say they are unperturbed for now.
 
Watson Gets His First Customer Service Gig
Since appearing on Jeopardy, IBM's Watson supercomputer has been making a living using his super-intelligent knowledge base for business verticals. Now, Watson's been hired for his first customer service job.
 

Mobile Technology Spotlight
Virgin Mobile Offers Custom Smartphone Plans
As the wireless carrier wars continue heating up, Virgin Mobile just threw the customization coal onto the fire. The firm has debuted a no-annual-contract plan with rates based on individual use.
 
Collaboration Provider Asana Revamps Mobile App
Asana, a collaboration software provider started by a Facebook founder, is now out with a rebuilt native iOS mobile app. It replaces one that even the company admits was not up to par.
 
Facebook: You Will Use Messenger, and You Will Like It
Starting this week, Facebook users with Android and iOS phones will be forced to use the separate Messenger app to send Facebook messages. Pending messages will still be visible in the main app.
 

Navigation
Enterprise Security Today
Home/Top News | Network Security | Viruses & Malware | Cybercrime | Security Solutions | Mobile Security | Disaster Recovery | Windows Security
Data Security | EST Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.