Newsletters
The Enterprise Security Supersite NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
Home Network Security Viruses & Malware Cybercrime Security Solutions More Topics...
Viruses & Malware
Tame your scariest paperwork. Find Out How
Average Rating:
Rate this article:  
Stuxnet Discovered To Contain Two Stealth Weapons
Stuxnet Discovered To Contain Two Stealth Weapons

By Jennifer LeClaire
November 21, 2013 1:52PM

Bookmark and Share
“I would use the rough analogy that instead of cutting someone's brakes, you're making the accelerator stick,” he said. “This kind of action is a paradigm shift from most of the exploits that we see which typically try to break something. Anyone with a thorough understanding of the target can potentially use it against itself.”
 

Related Topics

Malware
Security
Virus
Worm


The Stuxnet virus that damaged Iran’s Natanz nuclear facility was worse than we thought. In fact, Ralph Langner, a cyber security expert, described it as “far more dangerous than the cyberweapon that is now lodged in the public’s imagination.”

Claimed by some to be a joint project between the U.S. and Israel, Stuxnet garnered worldwide attention when it destroyed about a fifth of Iran’s nuclear centrifuges. But according to Langner the story behind the story is that Stuxnet is not really one weapon, but there exist two versions of the virus.

“The vast majority of the attention has been paid to Stuxnet's smaller and simpler attack routine -- the one that changes the speeds of the rotors in a centrifuge, which is used to enrich uranium,” Langner wrote in Foreign Policy magazine. “But the [older version of Stuxnet] is about an order of magnitude more complex and stealthy.”

An Opening Salvo

It is now known that in 2007, an older version of Stuxnet, dubbed Stuxnet Mark I, targeted the gas valves in the Iranian nuclear reactor. By contrast, the second version of Stuxnet, which was reported in 2010, targeted the reactors' cores.

According to Langner, the first and largely forgotten version of the virus qualifies as nightmare for those who understand industrial control system security. And strangely, he said, this more sophisticated attack came first while the more familiar routine followed only years later -- and was discovered in comparatively short order.

We caught up with John Shier, a senior security advisor at Sophos, to get his reaction to the report. He told us Langner talks about Stuxnet as being the opening salvo in cyberwar -- and he couldn't agree more. While technology has been used in the past as part of larger and more traditional military campaigns, he said, Stuxnet is the most successful, purpose-built cyber weapon that we know of. And it also won't be the last.

“Whatever the reason for its eventual spread -- Langner posits this is due in part to contractors working at different customers and 'manually' spreading the malware versus exhibiting worm-like behaviour -- Stuxnet had some very serious unintended consequences, namely: Duqu and Flame,” Shier said. “Once the Stuxnet code was 'in the wild', portions of it became further weaponized and used to spawn new malware families targeting non-political assets. We don't need this kind of help from our own side.”

A Scary Proposition

Shier noted another interesting point from the report -- Stuxnet didn't necessarily exploit vulnerabilities so much as features. As he sees it, this is a scary proposition insofar as the weapon didn't rely entirely on novel discoveries but turned the system on itself.

“I would use the rough analogy that instead of cutting someone's brakes, you're making the accelerator stick,” he said. “This kind of action is a paradigm shift from most of the exploits that we see which typically try to break something. Anyone with a thorough understanding of the target can potentially use it against itself.”

Overall, Shier said, the report provides interesting insight into one of the most publicized cyber weapons to date. He said he thinks the conclusion that Stuxnet has given de facto 'permission' and motivation for other nation states to attempt their own version isn't entirely unfounded.

“I also think that it provided many nation states with a handy blueprint on how to do it well,” Shier said. “Whatever the long term impact, Stuxnet will always be remembered as a turning point in what was to be an eventual progression of the militarization of technology.”
 

Tell Us What You Think
Comment:

Name:

Rohit Chatterjee:

Posted: 2013-11-24 @ 7:57pm PT
It makes the system turn on itself? By accelerating existing operations? Sounds like a cancer.



Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.


 Viruses & Malware
1.   Big DDoS Attacks Hit Record in 2014
2.   Google Hacker Team to Hunt Bugs
3.   Russian Hacker's Charges Revealed
4.   Hackers Target Western Energy Firms
5.   Android SMS Worm on the Loose


advertisement
Android SMS Worm on the Loose
Malware lets bad actors cash in.
Average Rating:
Big DDoS Attacks Hit Record in 2014
Attackers often use NTP reflection.
Average Rating:
Hackers Target Western Energy Firms
Appears to be state-sponsored group.
Average Rating:
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
Wall Street Journal Hacked Again
Hacked again. That’s the story at the Wall Street Journal this week as the newspaper reports that the computer systems housing some of its news graphics were breached. Customers not affected -- yet.
 
Dropbox for Business Beefs Up Security
Dropbox is upping its game for business users. The cloud-based storage and sharing company has rolled out new security, search and other features to boost its appeal for businesses.
 
Hackers Breached 1,000 StubHub Accounts
Cyber thieves got into more than 1,000 StubHub customers' accounts and fraudulently bought tickets for events through the online ticket reseller, company and law enforcement officials say.
 

Enterprise Hardware Spotlight
Microsoft Makes Design Central to Its Future
Over the last four years, Microsoft has doubled the number of designers it employs, putting a priority on fashioning devices that work around people's lives -- and that are attractive and cool.
 
Contrary to Report, Lenovo's Staying in Small Windows Tablets
Device maker Lenovo has clarified a report that indicated it is getting out of the small Windows tablet business -- as in the ThinkPad 8 and the 8-inch Miix 2. But the firm said it is not exiting that market.
 
Seagate Unveils Networked Drives for Small Businesses
Seagate is out with five new networked attached storage products aimed at small businesses. The drives are for companies with up to 50 workers, and range in capacity from two to 20 terabytes.
 

Navigation
Enterprise Security Today
Home/Top News | Network Security | Viruses & Malware | Cybercrime | Security Solutions | Mobile Security | Disaster Recovery | Windows Security
Data Security | EST Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.