Galaxy S23 Ultra First Look After Layoffs, Meta Focuses on 'Efficiency' Everything Samsung Revealed at Unpacked 'Angel Wings' for Satellites 'Shot on a Galaxy S23' GABA and Great Sleep Netflix's Password-Sharing Crackdown 12 Best Cardio Workouts
Want CNET to notify you of price drops and the latest stories?
No, thank you

Experts say Stuxnet worm could be state-sponsored (podcast)

Symantec and TrendMicro researchers agree that the worm, which some say was designed to attack a nuclear power plant in Iran, was so sophisticated that it was likely "state sponsored."

Could worms like Stuxnet threaten nuclear plants? Paul J. Everett via Flickr Creative Commons

The Stuxnet computer worm that may have been designed to attack a nuclear facility in Iran could have been state sponsored, according to two security experts with whom I spoke.

"We can tell by the code that it's very, very complex to the degree that this type of code had to be done, for example, by a state and not, for example, some hacker sitting in his parents basement," said Symantec security researcher Eric Chien. Chien added, however, that "there's nothing in the code that points to the particular author" or "what their motivation is." (Scroll down to listen to entire Chien interview.)

TrendMicro security researcher Paul Ferguson agrees that Stuxnet was likely state-sponsored. "The amount of technical expertise that went into this doesn't appear to have been by some random lone individual person because they would have had to have access to these systems to develop this."

Not necessarily aimed at Iran nuke
Ferguson could not confirm that the target was an Iranian nuclear plant. "That is purely speculation at this point, there have been lots of theories as to what the target was." He said it could also have been aimed at oil and gas facilities or other installations that use Siemens control systems, which were specifically attacked, he said. (Scroll down to listen to entire Ferguson interview.)

Serious threat
Both Chien and Ferguson said this type of code is a major security concern. "For the broader population, this is definitely a new generation of attack. We're not talking any more about someone stealing someone's credit card numbers, what we're talking about is someone being able to, for example, cause a pipeline to blow up or cause a nuclear centrifuge to go out of control or cause power stations to go down. So we're not taking about virtual or 'cyber' sort of implications here, what we're talking about are real life implications."

Ferguson said "it is a big deal because the utility companies, and manufacturing communities and the power companies and gas and oil companies for years have been using closed propriety systems to manage their infrastructure and over the course of the past few years they've been making business decisions to use off-the-shelf software like Windows." He added that now we're seeing the same threat as with other networks as facilitates are connected to the Internet or allow access to thumb drives. This type of threat, according to Ferguson, is "absolutely new and that's why a lot of people in the intelligence community, in the Department of Homeland Security and different governments around the world are really kind of spooked by this development. It shows the targeted nature and sophistication of the criminal/espionage aspect to this."

Podcast interviews with Chien and Ferguson

Click links below to listen to separate podcast interviews with Symantec's Eric Chien and TrendMicro's Paul Ferguson.

Symantec's Eric Chien


TrendMicro's Paul Ferguson


Subscribe now: iTunes (audio) | RSS (audio)