New and important evidence found in the sophisticated “Stuxnet” malware targeting industrial control systems provides strong hints that the code was designed to sabotage nuclear plants, and that it employs a subtle sabotage strategy that involves briefly speeding up and slowing down physical machinery at a plant over a span of weeks.
“It indicates that [Stuxnet's creators] wanted to get on the system and not be discovered and stay there for a long time and change the process subtly, but not break it,” says Liam O Murchu, researcher with Symantec Security Response, which published the new information in an updated paper (.pdf) on Friday.
The Stuxnet worm was discovered in June in Iran, and has infected more than 100,000 computer systems worldwide. At first blush it appeared to be a standard, if unusually sophisticated, Windows virus designed to steal data, but experts quickly determined it contained targeted code designed to attack Siemens Simatic WinCC SCADA systems. SCADA systems, short for “supervisory control and data acquisition,” are control systems that manage pipelines, nuclear plants, and various utility and manufacturing equipment. Read more.
“It indicates that [Stuxnet's creators] wanted to get on the system and not be discovered and stay there for a long time and change the process subtly, but not break it,” says Liam O Murchu, researcher with Symantec Security Response, which published the new information in an updated paper (.pdf) on Friday.
The Stuxnet worm was discovered in June in Iran, and has infected more than 100,000 computer systems worldwide. At first blush it appeared to be a standard, if unusually sophisticated, Windows virus designed to steal data, but experts quickly determined it contained targeted code designed to attack Siemens Simatic WinCC SCADA systems. SCADA systems, short for “supervisory control and data acquisition,” are control systems that manage pipelines, nuclear plants, and various utility and manufacturing equipment. Read more.