stuxnet

Reports from the United States and United Kingdom military this week indicate those organizations are more comfortable voicing an idea I find blindingly obvious: cyberwar is war.

First came news yesterday in the Guardian that the U.K. is developing offensive weapons that could be used in attacks on computing systems as "an integral part of the country's armory."

Then, today, the Wall Street Journal reported the U.S. will consider responding with traditional military might to an attack on its computing infrastructure. "If you shut down our power grid, maybe we will put a missile … Read more

SAN FRANCISCO--A year ago, Ralph Langner was plugging away in relative obscurity, doing security consulting work for the industrial control system industry in his Hamburg headquarters. Then along came Stuxnet, the first malware targeting not consumer financial data like so many viruses these days but the very systems he knows so well--software used to control processes in manufacturing and utility plants.

The sophistication behind Stuxnet, which appeared last July, was fairly clear from the get-go. It spreads via unpatched holes in Windows and USB devices, drops a rootkit to hide the compromise from administrators, and uses fraudulent digital certificates to … Read more

Iran is investigating new malware dubbed "Stars" that government officials say is being targeted at the country as part of ongoing cyberattacks.

"The particular characteristics of the Stars virus have been discovered," Gholamreza Jalali, commander of the Iranian civil defense organization, told the Mehr news agency according to Reuters.

"The virus is congruous and harmonious with the (computer) system and in the initial phase it does minor damage and might be mistaken for some executive files of government organizations," he said, declining to specify what equipment the virus targets.

Jalali said efforts to contain … Read more

On today's show, a whole collection of Apple rumors: iPhone 5 with a keyboard? That's just crazy talk. Almost as crazy as letting Apple take a 30% cut of your magazine or newspaper subscription costs by "taking advantage" of their new subscription store. Plus, Facebook is officially the entire Internet, as it gets both dedicated phone buttons and a Facebook SIM card. Plus, the U.S. finally commits to the Internet, Netflix finally arrives on Boxee, and we finally get a Plants vs. Zombies board game. I know you were waiting. --Molly

Stuxnet may have hit different organizations, but its main target was still the Natanz nuclear enrichment plant in Iran, an expert who has analyzed the code said today.

Ralph Langner, who has been analyzing the code used in the complicated Stuxnet worm that used a Windows hole to target industrial control systems used in gas pipelines and power plants last year and possibly earlier, said the initial distribution of Stuxnet was limited to a few key installations.

"My bet is that one of the infected sites is Kalaye Electric," he wrote in an e-mail to CNET. "Again, … Read more

The Stuxnet worm isn't going away anytime soon, Julian Assange says "No" to WikiLeaks Cyber Attacks, and Michael Bay is re-writing the space landing...with Transformers.

Microsoft said today that next week's Patch Tuesday will bring 17 updates plugging 40 holes and featuring two rated "critical," including one in Internet Explorer that was targeted in attacks last month.

The critical IE vulnerability was written for IE 6 and 7 but IE 8 is also vulnerable, Microsoft said when it issued a warning about it in November.

Also fixed on Tuesday will be the final of four holes in Windows that the Stuxnet malware used.

"This is a local Elevation of Privilege vulnerability and we've seen no evidence of its use in … Read more

On today's show, Gowalla teams up with Disney to offer virtual pins, instead of the real ones everyone actually wants. And we discover Molly's never been to Disneyland, so maybe Gowalla should sponsor a road trip! Also, Google eyes Groupon, Cox becomes the first cable company to get into the mobile phone game, and carriers threaten to stop subsidizing iPhones if Apple tries to free the phone from carrier confines. --Molly

The Stuxnet worm is a "wake-up call" because of its complexity and its aim at critical infrastructure systems, a Symantec director told a U.S. congressional committee today.

The malware is a milestone in many ways, Dean Turner, director of Symantec Security Response's Global Intelligence Network, said in testimony before the U.S. Senate Committee on Homeland Security and Governmental Affairs.

It is the first known threat to: spy on and reprogram industrial control systems and grant hackers control of critical infrastructures; use four zero-day vulnerabilities; compromise two digital certificates; inject code into industrial control systems and … Read more