NEWS

Stuxnet worm – malware or cyber-terrorism?
24 September 2010 , Written by Dhruv Tanwar
Bookmark and Share


The media is still trying to ascertain the true implications of the highly sophisticated Stuxnet worm, discussing and speculating at length about the intent, purpose, origins and -- most importantly – the identity of the attacker and target. According to latest reports, the intended target was Iran's nuclear facility, as the country had the highest infection rate.

Cyber_crimeKaspersky Lab has now said that though it has not seen enough evidence to identify the attackers or the intended target, it can confirm that this is a “one-of-a-kind, sophisticated malware attack backed by a well-funded, highly skilled attack team with intimate knowledge of SCADA technology.” In short, it believes that this type of attack could only be conducted with nation-state support and backing.

"I think that this is the turning point, this is the time when we got to a really new world, because in the past there were just cyber-criminals, now I am afraid it is the time of cyber-terrorism, cyber-weapons and cyber-wars," said Eugene Kaspersky, co-founder and chief executive officer of Kaspersky Lab. Speaking at the Kaspersky Security Symposium with international journalists in Munich, Germany, Kaspersky described Stuxnet as the opening of "Pandora's Box."

"This malicious program was not designed to steal money, send spam, grab personal data, no, this piece of malware was designed to sabotage plants, to damage industrial systems," he said.

"I am afraid this is the beginning of a new world. 90-ies were a decade of cyber-vandals, 2000's were a decade of cybercriminals, I am afraid now it is a new era of cyber-wars and cyber-terrorism," Kaspersky added.

Since its emergence in July 2010, it was believed to be an industrial espionage tool designed to gain access to the Siemens WinCC operating system that collects data and monitors production in industrial environs. Experts at Kaspersky Lab researched Stuxnet’s capabilities at length, discovering other critical vulnerabilities in Windows when processing LNK and PIF files, in addition to the original vulnerability, three of them being previously unknown and existing in the current versions of Windows.

Researchers at Kaspersky Lab independently discovered that the worm exploited four separate zero-day vulnerabilities. Three of these new vulnerabilities were reported directly to Microsoft and coordinated closely with the vendor during the creation and release of software fixes. In addition to exploiting four zero-day vulnerabilities, Stuxnet also used two valid certificates (from Realtek and JMicron) which helped to keep the malware under the radar for quite a long period of time.

The worm's ultimate aim was to access Simatic WinCC SCADA, used as industrial control systems that monitor and control industrial, infrastructure, or facility-based processes. Similar systems are widely used in oil pipelines, power plants, large communication systems, airports, ships, and even military installations globally, Kaspersky said.

The anti-virus company siad the inside knowledge of SCADA technology, the sophistication of the multi-layered attack, the use of multiple zero-day vulnerabilities and legitimate certificates “bring us to an understanding that Stuxnet was created by a team of extremely skilled professionals who possessed vast resources and financial support.” It said the target of the attack and the geography of its outbreak (primarily Iran) suggests that this was not a regular cyber-criminal group.

Kaspersky's security experts who analyzed the worm code conclude that Stuxnet's primary goal was not to spy on infected systems, but to conduct sabotage. “All the facts listed above indicate that Stuxnet development was likely to be backed by a nation state, which had strong intelligence data at its disposal,” Kaspersky said. It believes that Stuxnet is a working – and fearsome – prototype of a cyber-weapon, that will lead to the creation of a new arms race in the world – the cyber-arms race.
 

LISTS AND RESEARCH

  • list Global Software Top 100 - Edition 2011
    • The Global Software Top 100 is a list of the world's largest software companies, ranked by annual software revenues. The list is based upon revenue information of 10,000+ IT companies worldwide.
  • Software industry trends (2011)
    • This research article (accompanying the Global Software Top 100) describes changes in the software industry playing field. It analyses trends and key players and forecasts future developments.
  • Top hardware companies
    • A list of the world's largest hardware companies.
  • What happens in the hardware industry?
    • Trends and analysis of the hardware industry and its key players.
  • Top IT services companies
    • A list of the world's largest IT services companies, ranked by annual services revenues. This link will take you to www.servicestop100.org.
  • IT services companies: healthy growth
    • What is happening in the IT services industry? Read this research publication to find out about trends and key players in the IT services industry.
  • Top gaming companies (2010)
    • Entertainment is good business, and gaming software companies are growing faster than the rest of the software industry. This research article discusses trends and key players in the gaming business.
  • Top ERP companies
    • A research publication about the world's leading players in enterprise software.
  • Top security software companies
    • A research publication discussing the world's leading publishers of security software: antivirus-, spamfiltering-, intrusion detection- and firewall software.
  • The fastest growing software companies
    • This research publication reveals the fastest growing software companies in the world.
  • CRM companies: a short list
    • A short list of the leading software companies selling Customer Relationship Management software; aimed at IT managers looking to purchase CRM software.
  • Top software companies in the US (2010)
    • A list of the largest software companies in the United States, ranked by annual software revenues. 2010 Edition, posted 15 December 2010.
  • U.S. software industry trends (2010)
    • A research publication discussing the trends and the key players in the software industry in the United States. Posted 15 December 2010.
  • Top companies in the world (not just software)
    • A general list of the largest companies in the world, ranked by revenues. Not just software companies; in fact, there are no software companies in it...
  • Top IT companies
    • A list of the largest IT companies in the world, ranked by annual revenues. Includes hardware, software and services.
More lists and research >

POPULAR NEWS

Go to news overview >

RECENT NEWS

Go to news overview >