Newsletters
The Enterprise Security Supersite NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
This ad will display for the next 20 seconds. Please click for more information, or scroll down to pass the ad, or Close Ad.
Home Network Security Viruses & Malware Hackers Security Solutions More Topics...
Barium Ferrite (BaFe):
Higher Capacity, Superior
Performance, Longer Archival Life

www.thefutureoftape.com
Viruses & Malware
24/7/365 Network Uptime!
Average Rating:
Rate this article:  
Stuxnet Discovered To Contain Two Stealth Weapons
Stuxnet Discovered To Contain Two Stealth Weapons

By Jennifer LeClaire
November 21, 2013 1:52PM

Bookmark and Share
“I would use the rough analogy that instead of cutting someone's brakes, you're making the accelerator stick,” he said. “This kind of action is a paradigm shift from most of the exploits that we see which typically try to break something. Anyone with a thorough understanding of the target can potentially use it against itself.”
 

Related Topics

Malware
Security
Virus
Worm


The Stuxnet virus that damaged Iran’s Natanz nuclear facility was worse than we thought. In fact, Ralph Langner, a cyber security expert, described it as “far more dangerous than the cyberweapon that is now lodged in the public’s imagination.”

Claimed by some to be a joint project between the U.S. and Israel, Stuxnet garnered worldwide attention when it destroyed about a fifth of Iran’s nuclear centrifuges. But according to Langner the story behind the story is that Stuxnet is not really one weapon, but there exist two versions of the virus.

“The vast majority of the attention has been paid to Stuxnet's smaller and simpler attack routine -- the one that changes the speeds of the rotors in a centrifuge, which is used to enrich uranium,” Langner wrote in Foreign Policy magazine. “But the [older version of Stuxnet] is about an order of magnitude more complex and stealthy.”

An Opening Salvo

It is now known that in 2007, an older version of Stuxnet, dubbed Stuxnet Mark I, targeted the gas valves in the Iranian nuclear reactor. By contrast, the second version of Stuxnet, which was reported in 2010, targeted the reactors' cores.

According to Langner, the first and largely forgotten version of the virus qualifies as nightmare for those who understand industrial control system security. And strangely, he said, this more sophisticated attack came first while the more familiar routine followed only years later -- and was discovered in comparatively short order.

We caught up with John Shier, a senior security advisor at Sophos, to get his reaction to the report. He told us Langner talks about Stuxnet as being the opening salvo in cyberwar -- and he couldn't agree more. While technology has been used in the past as part of larger and more traditional military campaigns, he said, Stuxnet is the most successful, purpose-built cyber weapon that we know of. And it also won't be the last.

“Whatever the reason for its eventual spread -- Langner posits this is due in part to contractors working at different customers and 'manually' spreading the malware versus exhibiting worm-like behaviour -- Stuxnet had some very serious unintended consequences, namely: Duqu and Flame,” Shier said. “Once the Stuxnet code was 'in the wild', portions of it became further weaponized and used to spawn new malware families targeting non-political assets. We don't need this kind of help from our own side.”

A Scary Proposition

Shier noted another interesting point from the report -- Stuxnet didn't necessarily exploit vulnerabilities so much as features. As he sees it, this is a scary proposition insofar as the weapon didn't rely entirely on novel discoveries but turned the system on itself.

“I would use the rough analogy that instead of cutting someone's brakes, you're making the accelerator stick,” he said. “This kind of action is a paradigm shift from most of the exploits that we see which typically try to break something. Anyone with a thorough understanding of the target can potentially use it against itself.”

Overall, Shier said, the report provides interesting insight into one of the most publicized cyber weapons to date. He said he thinks the conclusion that Stuxnet has given de facto 'permission' and motivation for other nation states to attempt their own version isn't entirely unfounded.

“I also think that it provided many nation states with a handy blueprint on how to do it well,” Shier said. “Whatever the long term impact, Stuxnet will always be remembered as a turning point in what was to be an eventual progression of the militarization of technology.”
 

Tell Us What You Think
Comment:

Name:

Rohit Chatterjee:

Posted: 2013-11-24 @ 7:57pm PT
It makes the system turn on itself? By accelerating existing operations? Sounds like a cancer.



Your Next Generation Data Center Is Here! Vblock™ Systems: the world's most advanced converged infrastructure are built on the Cisco Unified Computing System with Intel® Xeon® processors. Vblock™ Systems deliver extraordinary time to market, ROI and TCO, and flexibility to meet your continually changing demands with 5X faster deployment, 96% less downtime, and 1/2 the cost. Click here to learn more.


 Viruses & Malware
1.   Lessons from Verizon's Threat Report
2.   Malware Targets Facebook Users
3.   OpenSSL Calls for More Support
4.   How, Why Heartbleed Got Its Name
5.   Android Apps Mine Virtual Currency


advertisement
Lessons from Verizon's Threat Report
Enterprises can learn a thing or two.
Average Rating:
Malware Targets Facebook Users
iBanking app spys on communications.
Average Rating:
Android Apps Mine Virtual Currency
Malware drains mobile phone battery.
Average Rating:
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
What Verizon's Data Breach Report Can Teach Enterprises
It’s probably not a jaw-dropper, but cyberespionage is officially on the rise. And the use of stolen or misused credentials is still the leading way the bad guys gain access to corporate information.
 
Top Cyberthreats Exposed by Verizon Report
Beyond Heartbleed, there are cyberthreats vying to take down enterprise networks, corrupt smartphones, and wreak havoc on businesses. Verizon is exposing these threats in a new report.
 
Where Do Web Sites Stand, Post-Heartbleed?
A security firm says the vast majority of Web sites have patched themselves to protect against the Heartbleed bug, but now there are questions raised on the reliability of open-source programs.
 

Navigation
Enterprise Security Today
Home/Top News | Network Security | Viruses & Malware | Hackers | Security Solutions | Mobile Security | Disaster Recovery | Windows Security
Data Security | EST Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters | XML/RSS Feed

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.