Was Stuxnet built to attack Iran's nuclear program?
IDG News Service - A highly sophisticated computer worm that has spread through Iran, Indonesia and India was built to destroy operations at one target: possibly Iran's Bushehr nuclear reactor.
That's the emerging consensus of security experts who have examined the Stuxnet worm. In recent weeks, they have broken the cryptographic code behind the software and taken a look at how the worm operates in test environments. Researchers studying the worm all agree that Stuxnet was built by a very sophisticated and capable attacker -- possibly a nation-state -- and it was designed to destroy something big.
Though it was first developed more than a year ago, Stuxnet was discovered in July 2010, when a Belarus-based security company found the worm on computers belonging to an Iranian client. Since then it has been the subject of ongoing study by security researchers, who say they have never seen anything like it before. Now, after months of private speculation, some of the researchers who know Stuxnet best say that it may have been built to sabotage Iran's nukes.
Last week Ralph Langner, a well-respected expert on industrial systems security, published an analysis of the worm, which targets Siemens software systems, and suggested that it may have been used to sabotage Iran's Bushehr nuclear reactor. A Siemens expert, Langner simulated a Siemens industrial network and then analyzed the worm's attack.
Experts had first thought that Stuxnet was written to steal industrial secrets -- factory formulas that could be used to build counterfeit products. But Langner found something quite different. The worm actually looks for very specific Siemens settings -- a kind of fingerprint that tells it that it has been installed on a very specific programmable logic controller (PLC) device -- and then it injects its own code into that system.
Because of the complexity of the attack, the target "must be of extremely high value to the attacker," Langner wrote in his analysis.
Langner is set to present his findings at a closed-door security conference in Maryland this week, which will also feature a technical discussion from Siemens engineers. Langner said he wasn't yet ready to speak to a reporter at length. ("The fact of the matter is this stuff is so bizarre that I have to make up my mind how to explain this to the public," he said via e-mail.) But others who have examined his data say that it shows that whoever wrote Stuxnet clearly had a specific target in mind. "It's looking for specific things in specific places in these PLC devices. And that would really mean that it's designed to look for a specific plant," said Dale Peterson, CEO of Digital Bond, a control system security research firm.
This specific target may well have been Iran's Bushehr reactor, now under construction, Langner said in a blog post. Bushehr reportedly experienced delays last year, several months after Stuxnet is thought to have been created, and, according to screenshots of the plant posted by UPI, it uses the Windows-based Siemens PLC software targeted by Stuxnet.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
If you use ‘password,’ one the worst passwords, as your password, fail to keep antivirus protection updated and don’t bother to deploy security patches to close critical vulnerabilities, then maybe you should consider working for the cybersecurity-clueless federal government; you’d fit right in, according to Senator Tom Coburn's cybersecurity and critical infrastructure report.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Changing the Way Government Works: Four Technology Trends that Drive Down Costs and Increase Productivity
- This paper discusses four technology-based approaches to improving processes and increasing
productivity while driving down department and agency costs.
- The Critical Role of Support in Your Enterprise Mobility Management Strategy
- Most business leaders underestimate the importance of tech support when they choose an EMM solution. Here's what to put on your checklist.
- Separating Work and Personal at the Platform Level: How BlackBerry Balance Works
- BlackBerry® Balance™ separates work from personal on the same mobile device, right at a platform level. Find out how it can work for...
- Protection for Every Enterprise: How BlackBerry Security Works
- Get an IT-level review of BlackBerry® Security, addressing data leakage protection, certified encryption, containerization and much more.
- Future Focus: What's Coming in Enterprise Mobility Management (EMM)
- Find out why Enterprise Mobility Management (EMM) solutions that are truly future-ready must be designed to enable Machine-to-Machine (M2M) capabilities and much more. All Government IT White Papers
- Getting Ready for BlackBerry Enterprise Service 10.2 Find out how BlackBerry® Enterprise Service 10 helps organizations address the full spectrum of EMM challenges, while balancing the needs of both the...
- Containerization Options: How to Choose the Best DLP Solution for Your Organization This webcast outlines a framework for making the right choice when it comes to containerization approaches, along with the pros and cons of...
- Mobile Apps and Devices Slash Customer Cycle Time Consolidated Engineering Laboratories' field employees used to collect data on triplicate forms that were sometimes hard to read and difficult to manage. After...
- Cloud Knowledge Vault Learn how your organization can benefit from the scalability, flexibility, and performance that the cloud offers through the short videos and other resources...
- Testimonial: Cystic Fibrosis Trust Peter Hawkins, the Head of IT for Cystic Fibrosis Trust, discusses the role CommVault's Simpana software platform plays in improving the company's information...
- All Government IT Webcasts