March 5, 2012
Ex-CIA, NSA Head Calls Stuxnet A ‘Good Idea’
A retired general and former head of both the Central Intelligence Agency (CIA) and the National Security Agency (NSA) has called the use of the Stuxnet computer virus to sabotage Iran's nuclear weapons program a "good idea" but also warned that it has "legitimated" such activity "as acceptable."
The comments were made by Retired Gen. Mike Hayden, who headed up the NSA from 1999 through 2005 and the CIA from 2006 through 2009, during an interview with CBS News program 60 Minutes that aired Sunday night.
Hayden also told Croft that he did not know who was responsible for the cyberattack, despite widespread speculation that the U.S. could have played a role in the development of Stuxnet, PCMag's Damon Poeter reported on Friday.
"This was a good idea, all right? But I also admit this was a big idea too," Hayden, who was no longer with the CIA at the time of the attacks, told interviewer Steve Croft, according to AFP reports on Saturday. "The rest of the world is looking at this and saying, 'Clearly, someone has legitimated this kind of activity as acceptable.' “¦ There are those out there who can take a look at this... and maybe even attempt to turn it to their own purposes."
According to Charles Cooper of CNET, Stunext, which was first detected in July 2010, is thought to be the first computer virus that specifically targets the controls at power plants or other industrial facilities. Cooper reports that the malware program has been blamed for disabling over 1,000 centrifuges at Iran's Natanz-based nuclear fuel-enrichment center a few years back.
While the identity of the Stuxnet developers remains a mystery, Poeter reports that a pair of Kaspersky Lab security experts claim that both it and the related Duqu computer worm both originated from a common software platform that was created by a "dedicated team of malware developers" in late 2007.
"In terms of architecture, the platform used to create Duqu and Stuxnet is the same," researchers Alexander Gostev and Igor Soumenkov wrote in a December 2011, according to the PCMag report.
"This is a driver file which loads a main module designed as an encrypted library. At the same time, there is a separate configuration file for the whole malicious complex and an encrypted block in the system registry that defines the location of the module being loaded and name of the process for injection," they added.
On the Net: