Mar 22 2012

The Stuxnet worm: beginnings of the new warfare

Binary Code 2Stuxnet is almost certainly part of a new generation of state-created cyber-weapons. It is too sophisticated to be the work of hackers, too specific to a one type of industrial equipment to have been crafted by profit-seeking criminals. And it updates itself periodically.

Wired has a great article about how it was discovered and tracked by computer security investigators, and how it resembled other, supposed cyber-attacks:

To illustrate the destructive capability of Stuxnet, the researchers referenced an oft-cited 1982 CIA digital attack on the Siberian pipeline that resulted in an explosion a fifth the size of the atomic bomb detonated over Hiroshima.

Bruce Schneier has a good analysis of the purposes of Stuxnet:

Stuxnet doesn’t act like a criminal worm. It doesn’t spread indiscriminately. It doesn’t steal credit card information or account login credentials. It doesn’t herd infected computers into a botnet. It uses multiple zero-day vulnerabilities. A criminal group would be smarter to create different worm variants and use one in each. Stuxnet performs sabotage.