Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Stuxnet Code Availability Poses Threat To Country Level Infrastructure

Norman Security : 26 November, 2010  (Technical Article)
Norman Data Defense warns of significant cyber-terrorism threat to UK infrastructure due to the increased availability of the Stuxnet Worm code on the black market
The news that the Stuxnet virus has been made available on the Black Market is 'tantamount to someone pointing a loaded sniper rifle at the UK infrastructure' says David Robinson, an industrial automation security specialist from Norman Data Defense.

'It was just a matter of time before the Stuxnet code was made available for anyone, with even the most basic knowledge of coding, to alter and potentially wreak havoc on the UK infrastructure. This is serious stuff and UK Oil & Gas, Railways, Electricity and Water services should now be on Red Alert'. Added Robinson.

At present it is estimated that Stuxnet has infected around 100,000 computers, another worm, Conficker, infected over 7million at its peak.

'With 2012 approaching and today's announcement that the Government is investing £8bn in national railway infrastructure, now is the time to push IT security up to top priority. It's Code Red for UK national infrastructure'.

The news has been flooded with the recent security breach of a major automation company reportedly caused by the Stuxnet virus being carried on a USB memory stick. 'This new type of virus is highly sophisticated with many aspects that make it highly targeted and now that the code is in the hands of any malware writer it could mutate very quickly' added Robinson, who hosted a webinar on the subject on 28th October. The webinar attracted some big names from UK industry and infrastructure. Robinson has fifteen years experience working with companies such as Mistubishi, Rockwell and Intelluition working on SCADA and plant intelligence software.

But it's not just memory sticks that can spread this type of malware. 'These days anyone with a laptop or a device that connects remotely to a wireless network inside a company's firewall, is putting that company at risk. It will just be a matter of time before Stuxnet or its successors are evolved to wreak havoc on control systems and any other system that the user connects to if their laptop or portable device is infected.'

Norman Data Defense recently carried out research among ordinary workers and found that over half of people surveyed are more cautious with security issues when using their own PC/laptop than they are with their work one. And over three quarters of people would expect a pop up to appear on their screen to alert them to a breach of security which of course is not always going to happen.

Microsoft has issued patches to help users on Windows systems to protect themselves against Stuxnet, but, warns Robinson: 'My fear is that, with patch management protocols rarely in place in a control system environment, these warnings will go unheeded.'
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo