Stuxnet worm causes worldwide alarm
by Joseph Menn and Mary Watkins, Financial Times Online
No one knows the ultimate goal of the Stuxnet computer worm, which has infected an unknown number of industrial controls worldwide and can stealthily give false instructions to machinery and false readings to operators. It could destroy gas pipelines, cause a nuclear plant to malfunction, or cause factory boilers to explode. Perhaps it already has.
It is also unclear whether it can be effectively rooted out. Many companies may not even know that they have it.
What is clear, though, is that warnings by private experts and some former government officials – that the electricity grid and other critical industries were highly vulnerable to malicious hacking – were on target, and that a new era of computerized assaults has begun. …
Stuxnet is the first known worm to target and tamper with industrial controls, in this case through a common industrial programme sold by Siemens, the electronics and engineering group. The worm has been most active in Iran, suggesting it as the location for the target, but Indonesia, India and Pakistan have also reported infections, according to Symantec, a technology security provider.
Security researchers who have been working for more than a year to decrypt and disentangle the program have become increasingly alarmed. A combination of factors is prompting this concern: the new category of target, multiple levels of sophistication that they say points to a national government as the sponsor, and the difficulty in combating the threat due to poor communication between computer experts and industry officials.
The researchers have recently been able to decipher what rogue commands are being given to the control software, but they cannot tell what impact those commands have without knowing what equipment is on the receiving end. ….
If nuclear energy or the electricity grid is involved, the worm would therefore have added resonance, as the US and other countries have invested in the so-called “smart grid”, which would connect more industrial operations to the internet. A core problem is that the specialised controls for electricity, transportation, and other critical functions are typically less protected than corporate computer networks, and are often connected to standard machines.
Stuxnet didn’t even rely on the master computers – those that run the targeted Siemens control systems – being hooked up to the internet. It spread initially via handheld drives that are inserted into computer USB ports. It then exploited a number of previously unknown holes in Windows, the operations software, by running itself automatically on PCs without any action from the user. Full article
Leave a Reply
You must be logged in to post a comment.