Newsletters
The Enterprise Security Supersite NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
This ad will display for the next 20 seconds. Click for more information, or
Home Network Security Viruses & Malware Cybercrime Security Solutions More Topics...
GET RECOGNIZED.
Let an ISACA® certification
elevate your career.

Register today and save
Viruses & Malware
DDoS Protection Powered By Verisign
Average Rating:
Rate this article:  
Stuxnet Discovered To Contain Two Stealth Weapons

Stuxnet Discovered To Contain Two Stealth Weapons
By Jennifer LeClaire

Share
Share on Facebook Share on Twitter Share on Linkedin Share on Google Plus

“I would use the rough analogy that instead of cutting someone's brakes, you're making the accelerator stick,” he said. “This kind of action is a paradigm shift from most of the exploits that we see which typically try to break something. Anyone with a thorough understanding of the target can potentially use it against itself.”
 

Related Topics

Malware
Security
Virus
Worm


The Stuxnet virus that damaged Iran’s Natanz nuclear facility was worse than we thought. In fact, Ralph Langner, a cyber security expert, described it as “far more dangerous than the cyberweapon that is now lodged in the public’s imagination.”

Claimed by some to be a joint project between the U.S. and Israel, Stuxnet garnered worldwide attention when it destroyed about a fifth of Iran’s nuclear centrifuges. But according to Langner the story behind the story is that Stuxnet is not really one weapon, but there exist two versions of the virus.

“The vast majority of the attention has been paid to Stuxnet's smaller and simpler attack routine -- the one that changes the speeds of the rotors in a centrifuge, which is used to enrich uranium,” Langner wrote in Foreign Policy magazine. “But the [older version of Stuxnet] is about an order of magnitude more complex and stealthy.”

An Opening Salvo

It is now known that in 2007, an older version of Stuxnet, dubbed Stuxnet Mark I, targeted the gas valves in the Iranian nuclear reactor. By contrast, the second version of Stuxnet, which was reported in 2010, targeted the reactors' cores.

According to Langner, the first and largely forgotten version of the virus qualifies as nightmare for those who understand industrial control system security. And strangely, he said, this more sophisticated attack came first while the more familiar routine followed only years later -- and was discovered in comparatively short order.

We caught up with John Shier, a senior security advisor at Sophos, to get his reaction to the report. He told us Langner talks about Stuxnet as being the opening salvo in cyberwar -- and he couldn't agree more. While technology has been used in the past as part of larger and more traditional military campaigns, he said, Stuxnet is the most successful, purpose-built cyber weapon that we know of. And it also won't be the last.

“Whatever the reason for its eventual spread -- Langner posits this is due in part to contractors working at different customers and 'manually' spreading the malware versus exhibiting worm-like behaviour -- Stuxnet had some very serious unintended consequences, namely: Duqu and Flame,” Shier said. “Once the Stuxnet code was 'in the wild', portions of it became further weaponized and used to spawn new malware families targeting non-political assets. We don't need this kind of help from our own side.”

A Scary Proposition

Shier noted another interesting point from the report -- Stuxnet didn't necessarily exploit vulnerabilities so much as features. As he sees it, this is a scary proposition insofar as the weapon didn't rely entirely on novel discoveries but turned the system on itself.

“I would use the rough analogy that instead of cutting someone's brakes, you're making the accelerator stick,” he said. “This kind of action is a paradigm shift from most of the exploits that we see which typically try to break something. Anyone with a thorough understanding of the target can potentially use it against itself.”

Overall, Shier said, the report provides interesting insight into one of the most publicized cyber weapons to date. He said he thinks the conclusion that Stuxnet has given de facto 'permission' and motivation for other nation states to attempt their own version isn't entirely unfounded.

“I also think that it provided many nation states with a handy blueprint on how to do it well,” Shier said. “Whatever the long term impact, Stuxnet will always be remembered as a turning point in what was to be an eventual progression of the militarization of technology.”
 

Tell Us What You Think
Comment:

Name:

Rohit Chatterjee:

Posted: 2013-11-24 @ 7:57pm PT
It makes the system turn on itself? By accelerating existing operations? Sounds like a cancer.



Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.


 Viruses & Malware
1.   9 Norton Security Products Are Now 1
2.   Data Stolen from U.S. Health Network
3.   Beware Facebook Color Scam
4.   Kaspersky Looks Inside 'Epic' Attack
5.   BadUSB Turns Thumb Drives Evil


advertisement
Android 'Fake ID' Puts Millions at Risk
Users: stick to apps from Google Play.
Average Rating:
9 Norton Security Products Are Now 1
Symantec takes software-as-service tack.
Average Rating:
Data Stolen from U.S. Health Network
Chinese hackers targeted hospital firm.
Average Rating:
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
Chinese Hackers Nab Info on Millions of U.S. Patients
A group of Chinese hackers has stolen the personal information, including names and Social Security numbers, of about 4.5 million patients at hospitals operated by Community Health Systems.
 
Premier FBI Cybersquad in U.S. To Add Agents
After helping prosecutors charge Chinese army officials with stealing trade secrets from major companies and by snaring a Russian-led hacking ring, the premier FBI cyber-squad is getting a boost.
 
Apple Opens iCloud Data Center in China
Treading lightly, Apple acknowledged it has started to store encrypted iCloud personal data of some Chinese users on servers in mainland China, operated by the state-owned China Telecom.
 

Enterprise Hardware Spotlight
Compression, Deduplication Come to Violin Concerto 2200
Violin Memory has announced that data deduplication and compression capabilities are now available on its Concerto 2200 solution. Typically, users will experience deduplication rates between 6:1 and 10:1.
 
Cisco Axes 6,000 Employees in Restructuring Plan
Faced with declining profits, Cisco is laying off up to 6,000 employees in the months ahead -- a whopping 8 percent of its global workforce. That's in addition to the 4,000 jobs Cisco cut last year.
 
Web Slows, Have Internet Routers Reached The Limit?
If you encountered problems connecting to the Internet on August 12, you weren't alone. Networking experts blame the wide-scale slowdown on outdated routing systems that are reaching their limits.
 

Mobile Technology Spotlight
HTC Debuts Windows Phone Version of One M8 Smartphone
HTC is bringing the Windows Phone mobile OS to its flagship One M8 device -- the first time any mainstream flagship smartphone has been offered with a choice of operating systems.
 
Verizon Earns Top Rating in Mobile Network Comparison
A new report says Verizon Wireless was the top-performing U.S. cellphone service provider in the first half of 2014, on a nationwide and state-by-state basis, as well as in metro areas.
 
Sprint Comes Out with Data Guns Blazing
As its new CEO promised, Sprint has rolled out a new aggressively competitive price plan. The shared data plans promise twice the high-speed data and at lower prices than AT&T and Verizon Wireless.
 

Navigation
Enterprise Security Today
Home/Top News | Network Security | Viruses & Malware | Cybercrime | Security Solutions | Mobile Security | Disaster Recovery | Windows Security
Data Security | EST Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.