Stuxnet: The most serious threat yet?

The Stuxnet worm has been causing alarm bells to ring in the security industry but what is it and how serious a threat does it pose?

An alarming characteristic of Stuxnet is its ability to inject its own code in what are known as programmable logic controllers (PLCs).

"These PLCs are used to control various items in industrial projectors, such as controlling a motor speed, or it could change the power going to an industrial outlet, or raise or lower the pressure of gas, for example," Symantec security expert Patrick Fitzgerald told IT PRO.

"Depending on the installation infected with this, the consequences have the potential to be very serious."

Indeed, the implications of this are seriously concerning. What if hackers are able to gain control of a government system or a nuclear power plant?

As yet, it unsure what the attackers are planning to do with Stuxnet, Fitzgerald said. So it could be a case of wait and see.

Another concern is that even though the serious Stuxnet exploits have been countered by security efforts, the damage may have already been done.

"It seems to be under control now given its weak command and control mechanism, but it is possible that it achieved its purpose already," Wolfgang Kandek, chief technology officer at Qualys, told IT PRO.

The most sophisticated malware ever

The general consensus is that Stuxnet is the most sophisticated piece of malware that has ever been created.

"Stuxnet is an impressive example of the competence of the malware authors," Kandek said.

"The latest variant contained four zero-day vulnerabilities and we believe that this is an indication of the level of focus that the attackers put into the malware,"

Liam O Murchu, manager of operations with Symantec's security response team, said in a blog that a threat using four zero-day vulnerabilities is "extraordinary" and shows incredible thought and planning on behalf of the Stuxnet creators.

"It is the first threat we have encountered that contains this many surprises in a single package. Before we detected this new vulnerability, it would have been worth a fortune to hackers," noted Alexander Gostev, chief security expert at Kaspersky Lab.

"It has to be said, the malware writers have demonstrated quite remarkable programming skills."

In perhaps another industry first, Stuxnet has managed to gain widespread admiration and at the same time inspire pervasive concern.

Political motivations

Stuxnet may also be a state-sponsored effort something that has been suggested by security professionals themselves.

In an analysis of the countries Stuxnet had been attacking back in July, Microsoft found the most targeted country was Iran, with Indonesia in second. The number of infection attempts in those countries was far ahead of other nations, raising questions as to why Stuxnet was being directed at them more than others.

Having spoken to a number of researchers, the feeling is that given the skill and time it would have taken to create Stuxnet, it also would have needed significant financial backing.

With these facts in mind it is possible, perhaps even likely, that Stuxnet is a state-sponsored worm, as some researchers have said.

Of course, there is no clear evidence of political motivation at the current time.

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Recommended

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

15 Oct 2021
Kaspersky exposes MysterySnail zero-day exploit in Windows
zero-day exploit

Kaspersky exposes MysterySnail zero-day exploit in Windows

13 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
How to virtualise Windows 7 inside Windows 10
Microsoft Windows

How to virtualise Windows 7 inside Windows 10

9 Sep 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
HPE wins networking contract with Birmingham 2022 Commonwealth Games
Network & Internet

HPE wins networking contract with Birmingham 2022 Commonwealth Games

15 Oct 2021