[ISN] Clues Suggest Stuxnet Virus Was Built for Subtle Nuclear Sabotage

From: InfoSec News <alerts_at_private>
Date: Tue, 16 Nov 2010 00:13:48 -0600 (CST)

By Kim Zetter 
Threat Level
November 15, 2010

New and important evidence found in the sophisticated “Stuxnet” malware 
targeting industrial control systems provides strong hints that the code 
was designed to sabotage nuclear plants, and that it employs a subtle 
sabotage strategy that involves briefly speeding up and slowing down 
physical machinery at a plant over a span of weeks.

“It indicates that [Stuxnet's creators] wanted to get on the system and 
not be discovered and stay there for a long time and change the process 
subtly, but not break it,” says Liam O Murchu, researcher with Symantec 
Security Response, which published the new information in an updated 
paper (.pdf) on Friday.

The Stuxnet worm was discovered in June in Iran, and has infected more 
than 100,000 computer systems worldwide. At first blush it appeared to 
be a standard, if unusually sophisticated, Windows virus designed to 
steal data, but experts quickly determined it contained targeted code 
designed to attack Siemens Simatic WinCC SCADA systems. SCADA systems, 
short for “supervisory control and data acquisition,” are control 
systems that manage pipelines, nuclear plants, and various utility and 
manufacturing equipment.

Researchers determined that Stuxnet was designed to intercept commands 
sent from the SCADA system to control a certain function at a facility, 
but until Symantec’s latest research it was not known what function was 
being targeted for sabotage. Symantec still has not determined what 
specific facility or type of facility Stuxnet targeted, but the new 
information lends weight to speculation that Stuxnet was targeting the 
Bushehr or Natanz nuclear facilities in Iran as a means to sabotage 
Iran’s nascent nuclear program.


Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
Received on Mon Nov 15 2010 - 22:13:48 PST

This archive was generated by hypermail 2.2.0 : Mon Nov 15 2010 - 22:24:59 PST