Monday, October 4, 2010

U.S. power plants at risk of attack by computer worm like Stuxnet

Computer Worm Stuxnet Copies Could Shut Down U.S. Power Plants

The Stuxnet computer worm, whose origin is still unknown, could serve as a blueprint for malware that would sabotage infrastructure critical to running U.S. power plants and electric grids, according to experts, the Washington Post reported. Michael J. Assante, former chief security officer at NERC, was quoted as saying: "A copycat may decide to emulate it, maybe to cause a pressure valve to open or close at the wrong time. You could cause damage, and the damage could be catastrophic." Joe Weiss, an industrial control system security specialist and managing partner at Applied Control Solutions, was quoted as saying: "What this is, is essentially a cyber weapon."
Symantec analyzed the worm and guessed that its target could have been Iran's nuclear enrichment facilities. Wrote the Post: "The United States has a covert program to sabotage the systems that undergird Iran's nuclear facilities. Some experts have also suggested that other countries, including Israel, could be behind Stuxnet." Joel F. Brenner, an ex-national counterintelligence executive and former senior counsel at the National Security Agency, said he thought the U.S. probably did not create the worm. He warned against assuming it was created by any nation state.
The worm exploited four Microsoft "zero-day" vulnerabilities and targeted a specific kind of Siemens software, according to the Post. NERC issued recommendations to power companies about how they could protect their facilities, but said companies were not required to follow them


Enhanced by Zemanta

No comments:

Post a Comment