Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Stuxnet Worm Heralds Beginning of Cyber-Warfare

Kaspersky Lab UK : 27 September, 2010  (Technical Article)
Kaspersky Lab speculates on the origin of the Stuxnet work and predicts that this malware has far more sinister implications than identity theft or other more common malware functions
The recent Stuxnet worm attack is sparking lots of discussion and speculation about the intent, purpose, origins and - most importantly - the identity of the attacker and target.

Kaspersky Lab has not seen enough evidence to identify the attackers or the intended target but we can confirm that this is a one-of-a-kind, sophisticated malware attack backed by a well-funded, highly skilled attack team with intimate knowledge of SCADA technology.

We believe this type of attack could only be conducted with nation-state support and backing.

"I think that this is the turning point, this is the time when we got to a really new world, because in the past there were just cybercriminals, now I am afraid it is the time of cyberterrorism, cyberweapons and cyberwars," said Eugene Kaspersky, co-founder and chief executive officer of Kaspersky Lab.

Speaking at the Kaspersky Security Symposium with international journalists in Munich, Germany, Kaspersky described Stuxnet as the opening of 'Pandora's Box'.

"This malicious program was not designed to steal money, send spam or grab personal data. This piece of malware was designed to sabotage plants, to damage industrial systems," he said.

"I am afraid this is the beginning of a new world. Twenty years ago we were faced with cybervandals, ten years ago we were faced with cybercriminals, I am afraid now it is a new era of cyberwars and cyberterrorism," Kaspersky added.

Researchers at Kaspersky Lab independently discovered that the worm exploited four separate zero-day vulnerabilities. Our analysts reported three of these new vulnerabilities directly to Microsoft and coordinated closely with the vendor during the creation and release of software fixes.

In addition to exploiting four zero-day vulnerabilities, Stuxnet also used two valid certificates (from Realtek and JMicron), which helped to keep the malware under the radar for quite a long period of time.

The worm's ultimate aim was to access Simatic WinCC SCADA, used as industrial control systems that monitor and control industrial, infrastructure, or facility-based processes. Similar systems are widely used in oil pipelines, power plants, large communication systems, airports, ships, and even military installations globally.

The inside knowledge of SCADA technology, the sophistication of the multi-layered attack and the use of multiple zero-day vulnerabilities and legitimate certificates brings Kaspersky Lab to understand that Stuxnet was created by a team of extremely skilled professionals who possessed vast resources and financial support.

The target of the attack and the geography of its outbreak (primarily Iran) suggest that this was not a regular cyber-criminal group. Moreover, Kaspersky Lab security experts who analysed the worm code insist that Stuxnet's primary goal was not to spy on infected systems, but to conduct sabotage. All the facts listed above indicate that Stuxnet development was likely to be backed by a nation state, which had strong intelligence data at its disposal.

Kaspersky Lab believes that Stuxnet is a working - and fearsome - prototype of a cyber-weapon, that will lead to the creation of a new arms race in the world. This time it will be a cyber-arms race.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo