No Sign of Stuxnet in Critical U.S. Systems - So Far

Wednesday, December 08, 2010



The Department of Homeland Security's assistant secretary for cybersecurity and communications issued statements this week that critical U.S. systems vulnerable to the Stuxnet virus so far have showed no signs of infestation.

So far.

Leading theories indicate that the malware was probably produced to stifle Iran's nuclear warhead ambitions, but the virus has  been detected in eleven countries including the United States, China, India, Australia, the UK, and Germany.

Greg Schaffer said that Stuxnet "focused on specific software implementations and those software implementations did exist in some US infrastructure so there was the potential for some US infrastructure to be impacted at some level... I cannot rule out the potential vulnerability of any system that is connected to the network today..."

Schaffer also notes, "it is widely recognized that the cyber ecosystem that we have today favors the offense and not the defense."

Stuxnet is known to be able to disrupt Supervisory Control And Data Acquisition (SCADA) networks running Siemens WinCC systems.

Security expert Vijay Mukhi warns that "...only a small part of the Stuxnet code would have to be re-written by rogue groups to disrupt SCADA systems made by companies other than Siemens. It can be easily done, because all SCADA systems run on Windows. After the arrival of Stuxnet, shutting down the entire power infrastructure of a city is no longer science fiction."

"In fact, Stuxnet's source code is already available freely. Any rogue group with a modest budget can modify it and use it to shut down the power infrastructure of a city," Mukhi says.

Possibly Related Articles:
SCADA malware Windows Stuxnet Headlines Infrastructure Siemens
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.