 |
| Going nuclear: The Stuxnet computer worm may have designed to infiltrate an Iranian nuclear facility in Natanz, 180 miles south of Tehran. Credit: Getty Images |
But Stuxnet has since spread to hundreds more industrial systems within Iran and around the world. Experts say this highlights a worrisome weak spot in critical infrastructure that could become a new focus for saboteurs and malicious hackers.
Stuxnet infects computers by using previously unseen flaws in Microsoft's Windows operating system. It has most likely spread via hand-carried USB flash drives. From an infected Windows computer, it targets a specialized type of computer known as a programmable logic controller, or PLC. These computers are widely used in critical infrastructure, including manufacturing, water processing, power generation, and transportation. PLCs connect to, and control, devices used to perform many tasks, from opening a door, to increasing the flow of fuel inside a power plant.
Stuxnet is the first example of attackers targeting the specialized computers that control industrial operations, security experts say. "It goes down into the embedded device, inserts itself, and starts doing command-and-control," says Walter Sikora, vice president of security solutions for Industrial Defender, a security consultancy that focuses on critical infrastructure. "This is an area that was unprecedented in terms of a virus or a worm or any other kind of malware."A Way to Attack Nuclear Plants Industrial computer systems are typically far less secure than they should be, experts say. By Robert Lemos
More at link
http://www.technologyreview.com/computing/26384/?nlid=3565&a=f
No comments:
Post a Comment