Friday, September 24, 2010

Expert: Stuxnet was built to sabotage Iran nuclear plant

Expert: Stuxnet was built to sabotage Iran nuclear plant
http://news.cnet.com/8301-27080_3-20017201-245.html#ixzz10SWuqWEq
An industrial control security researcher in Germany who has analyzed the Stuxnet computer worm is speculating that it may have been created to sabotage a nuclear plant in Iran.
The worm, which targeted computers running Siemens software used in industrial control systems, appeared in July and was later found to have code that could be used to control plant operations remotely. Stuxnet spreads by exploiting three holes in Windows, one of which has been patched.
The high number of infections in Iran and the fact that the opening of the Bushehr nuclear plant there has been delayed led Ralph Langner to theorize that the plant was a target. Langner gave a talk on the subject at the Applied Control Solutions' Industrial Control Cyber Security conference today and published details of his code analysis on his Web site last week.
As one of his data points, Langner refers to a UPI screenshot of a computer screen at the Bushehr plant running the targeted Siemens software.
"With the forensics we now have, it is evident and provable that Stuxnet is a directed sabotage attack involving heavy insider knowledge," he wrote. "The attack combines an awful lot of skills--just think about the multiple zero-day vulnerabilities, the stolen certificates, etc. This was assembled by a highly qualified team of experts, involving some with specific control system expertise. This is not some hacker sitting in the basement of his parents' house. To me, it seems that the resources needed to stage this attack point to a nation state."
Langner does not say he has evidence to support his speculation as to the target, nor does he say exactly what the code is designed to do on the target's system.
The presentation shocked attendees of the cybersecurity conference, Joe Weiss, the organizer of the event, told CNET. As a result, "there are a whole slew of recommendations coming out of this to address control system cybersecurity that had not been addressed before," he said.

Read more: http://news.cnet.com/8301-27080_3-20017201-245.html#ixzz10SXLsuqt
Enhanced by Zemanta

No comments:

Post a Comment