Worm can attack control systems used by power plants and other facilities
(Credit: Bigod via Flickr Creative Commons)
Experts from leading security companies are saying that the Stuxnet worm is so sophisticated that it could have been a state-sponsored project and certainly not the work of a lone hacker.
The worm targets computers running Siemens software that is used to control power plants, gas and oil pipelines and other industrial facilities.
In a podcast interview I conducted for CBS News and CNET, Symantec security researcher Eric Chien said “We can tell by the code that it’s very, very complex to the degree that this type of code had to be done, for example, by a state and not, for example, some hacker sitting in his parents basement.”
The worm spreads via Windows computers and there is speculation that it can get from a computer to a facility management system either through a network or via a thumb drive.
Paul Ferguson, a threat analyst for TrendMicro, told me “The amount of technical expertise that went into this doesn’t appear to have been by some random lone individual person because they would have had to have access to these systems to develop this.”
Some experts have speculated that the worm was designed to sabotage a nuclear plant in Iran, but neither Chien nor Ferguson could confirm that.Ferguson called that “purely speculation at this point,” suggesting it could have aimed at facilities in other countries that use Siemens control systems.
The Christian Science Monitor cites experts saying that Stuxnet “can be classified as a cyber superweapon,” with some suggesting that it may have been designed to shut down Iran’s Bushehr nuclear power plant or another facility in that country.
Click here to read more and listen to interviews with both Chien and Ferguson on my CNET blog.
For more on Internet safety & security, visit my site, SafeKids.com
Larry Magid is a technology journalist and an Internet safety advocate. He serves as on-air technology analyst for CBS News, is co-director of ConnectSafely.org and founder of SafeKids.com and SafeTeens.com. He also writes columns that appear on CNET News, CBSNews.com, Huffington Post and the San Jose Mercury News.
His technology reports can be heard daily on CBS News and CBS affiliates throughout the U.S. and he has a daily tech segment on KCBS radio in San Francisco. He’s a regular contributor to BBC World Service and an occasional guest on National Public Radio’s Talk of the Nation. He is often called upon for commentary by CBS television news, CNN and Fox News and has appeared on the CBS Evening News, ABC World News Tonight, the Today Show and CBS Early Show. He has also been a frequent contributor to the New York Times and was, for 18 years, a syndicated columnist for the Los Angeles Times.
He has written several books including the best-selling Little PC Book and is co-author (with Anne Collier) of MySpace Unraveled.
Larry served on the Obama Administration’s Online Technology Working Group and the Berkman Center’s Internet Safety Technology Task Force.
