US government warns of potential new Stuxnet attack

By Stuart Sumner
01 Aug 2011 View Comments
Capitol Hill in Washington DC

The US government's Department of Homeland Security (DHS) has warned that the Stuxnet virus which attacked Iran's nuclear programme a year ago, could be set for a return.

It admitted that as a result of disseminating so much detail relating to the malcious code, it might inadvertantly have given attackers sufficient information to build their own variants.

Further reading

In a report published last week, Sean P McGurk and Roberta Stempfley of the DHS' Office of Cyber Security and Communications said: "Looking ahead, the Department is concerned that attackers could use the increasingly public information about [Stuxnet] to develop variants targeted at broader installations of programmable equipment in control systems.

"Copies of the Stuxnet code, in various different iterations, have been publicly available for some time now."

Kurt Baumgartner, a senior researcher at security firm Kaspersky Lab, said that experienced malware authors can be hired by criminals to perform these sorts of attacks on critical infrastructure.

"With the growing public body of knowledge on Stuxnet, the risk increases that these for-hire teams' efforts may be informed by the Stuxnet design."

However, despite being lauded by some for its sophistication, Stuxnet has its critics.

Nate Lawson of security design firm Root Labs said that the worm could have been better at hiding itself.

"Rather than being proud of its stealth and targeting, the authors should be embarrassed at their amateur approach to hiding the payload.

"[Stuxnet] does not use virtual machine-based obfuscation, novel techniques for anti-debugging, or anything else to make it different from the hundreds of malware samples found every day."

Reader comments
blog comments powered by Disqus
Is it time to open Windows?

Computing believes that Microsoft will start offering Windows free of charge by 2017. Is this a good thing for the enterprise?

56 %
17 %
6 %
18 %
3 %