stuxnet

Malware has been discovered on computer systems in Europe that has identical code to the Stuxnet worm and could be the precursor to the next big computer attack on critical infrastructure systems, Symantec said today.

Unlike Stuxnet, which targeted specific Siemens SCADA (supervisory control and data acquisition) software and appeared to have been written to sabotage Iran's nuclear program, the new malware installs a backdoor and is designed to gather information, like design documents, that could be used in future attacks, Symantec said.

The malware, written to run on Windows systems, is dubbed Duqu because it creates file names … Read more

LAS VEGAS--The hacker conference DefCon kicked off this morning with the rare public sighting of a now-archaic piece of technology: the 5 1/4-inch floppy disk. Mikko Hypponen, the chief technical officer for the Finnish security company F-Secure, waved the disk above his head to start off his history of PC viruses, and said, "This is Brain."

Hypponen was talking about a guest of honor housed on the disk: the original computer virus. Hypponen found the disk last year in a lockbox in F-Secure's headquarters in Helsinki, and he dove in, cracked the virus code, and found … Read more

LAS VEGAS--Not only are SCADA systems used to run power plants and other critical infrastructure lacking many security precautions to keep hackers out, operators sometimes practically advertise their wares on Google search, according to a demo today during a Black Hat conference workshop.

Acknowledging that he wouldn't click on any link results to avoid breaking the law by accessing a network without authorization, researcher Tom Parker typed in some search terms associated with a Programmable Logic Controller (PLC), an embedded computer used for automating functions of electromechanical processes. Among the results was one referencing a "RTU pump status&… Read more

Reports from the United States and United Kingdom military this week indicate those organizations are more comfortable voicing an idea I find blindingly obvious: cyberwar is war.

First came news yesterday in the Guardian that the U.K. is developing offensive weapons that could be used in attacks on computing systems as "an integral part of the country's armory."

Then, today, the Wall Street Journal reported the U.S. will consider responding with traditional military might to an attack on its computing infrastructure. "If you shut down our power grid, maybe we will put a missile … Read more

SAN FRANCISCO--A year ago, Ralph Langner was plugging away in relative obscurity, doing security consulting work for the industrial control system industry in his Hamburg headquarters. Then along came Stuxnet, the first malware targeting not consumer financial data like so many viruses these days but the very systems he knows so well--software used to control processes in manufacturing and utility plants.

The sophistication behind Stuxnet, which appeared last July, was fairly clear from the get-go. It spreads via unpatched holes in Windows and USB devices, drops a rootkit to hide the compromise from administrators, and uses fraudulent digital certificates to … Read more

Iran is investigating new malware dubbed "Stars" that government officials say is being targeted at the country as part of ongoing cyberattacks.

"The particular characteristics of the Stars virus have been discovered," Gholamreza Jalali, commander of the Iranian civil defense organization, told the Mehr news agency according to Reuters.

"The virus is congruous and harmonious with the (computer) system and in the initial phase it does minor damage and might be mistaken for some executive files of government organizations," he said, declining to specify what equipment the virus targets.

Jalali said efforts to contain … Read more

On today's show, a whole collection of Apple rumors: iPhone 5 with a keyboard? That's just crazy talk. Almost as crazy as letting Apple take a 30% cut of your magazine or newspaper subscription costs by "taking advantage" of their new subscription store. Plus, Facebook is officially the entire Internet, as it gets both dedicated phone buttons and a Facebook SIM card. Plus, the U.S. finally commits to the Internet, Netflix finally arrives on Boxee, and we finally get a Plants vs. Zombies board game. I know you were waiting. --Molly

Stuxnet may have hit different organizations, but its main target was still the Natanz nuclear enrichment plant in Iran, an expert who has analyzed the code said today.

Ralph Langner, who has been analyzing the code used in the complicated Stuxnet worm that used a Windows hole to target industrial control systems used in gas pipelines and power plants last year and possibly earlier, said the initial distribution of Stuxnet was limited to a few key installations.

"My bet is that one of the infected sites is Kalaye Electric," he wrote in an e-mail to CNET. "Again, … Read more

The Stuxnet worm isn't going away anytime soon, Julian Assange says "No" to WikiLeaks Cyber Attacks, and Michael Bay is re-writing the space landing...with Transformers.