July 29, 2011

Stuxnet Clones Could Be Used To Target US

Officials at the US Department of Homeland Security are warning that cybercriminals could create clones of offshoots of the Stuxnet computer worm and attack American power plants, water treatment facilities, and other key parts of the infrastructure, various media outlets have reported.

The self-replicating malware, which was originally detected last July, was used to disrupt nuclear-enrichment programs in Iran, according to Reuters reports on Thursday. Stuxnet reportedly targeted Siemens-branded industrial control systems, exploiting four previously unidentified vulnerabilities in Microsoft Windows in order to seize control of the operating systems.

"Copies of the Stuxnet code, in various different iterations, have been publicly available for some time now," officials from Homeland Security said in a submission to the House Energy and Commerce Committee, reports Telegraph Technology Correspondent Christopher Williams.

"The Department is concerned that attackers could use the increasingly public information about the code to develop variants targeted at broader installations of programmable equipment in control systems," they continued, adding that officials would "remain vigilant and continue analysis and mitigation efforts of any derivative malware."

Forensic evidence suggests that Stuxnet, which has been referred to by cybercrime experts as one of if not the most complex computer virus ever determined, could have been the product of a joint operation launched by the US and Israel, Williams said.

According to Reuters, Roberta Stempfley, acting assistant secretary with the Office of Cyber Security and Communications, and Sean McGurk, director of the National Cybersecurity and Communications Integration Center, also testified before a House Energy and Commerce subcommittee on Tuesday.

Furthermore, Dan Goodin of the Register reports that Stempfley and McGurk warned the House Subcommittee on Oversight and Investigations that several different nation states, terrorist networks, organized crime groups, and individuals located within American territory are currently capable "of targeting elements of the US information infrastructure to disrupt, or destroy systems upon which we depend."

Williams reports that similar concerns prompted the British government to invest £650 million (approximately $1 billion) in cybersecurity in 2010.


On the Net: