Newspapers are full of speculations and details about this unique piece of software code, that obviously is a work by a government.Stuxnet used 4-zero-day exploits to infect computer networks running with Microsoft Windows. It was compatible to Windows 2000, Windows XP, Windows Vista and Windows 7.
The Register writes:
(..) the Stuxnet worm was programmed to probe the hosts it infected for extremely specific settings. Unless it identified the hardware fingerprint it was looking for in industrial software systems made by Siemens, it remained largely dormant.
Experts say the quality of code is very sophisticated, there are nearly no side effects. It is estimated that the costs of the development of a virus of that quality goes into the millions of dollars. It also shows a very detailed knowledge of the attacked facilities.
There are some indications that Iran’s nuclear facilities in Natanz were the target of that virus.
The downside is we suspect this is the beginning of large scale cyber attacks. I don’t think that western Nulear Facilities are safe from such attacks. Let’s all hope the best. This virus is simply a nightmare.
Links
- Forbes: Theories Mount That Stuxnet Worm Sabotaged Iranian Nuke Facilities
- FAZ.net: Der Digitale Erstschlag ist erfolgt (german only) by Frank Rieger / Chaos Computer Club
- Frank Rieger: Stuxnet – targeting the iranian enrichment centrifuges in Natanz?
- The Register: SCADA worm a ‘nation state search-and-destroy weapon’
- IT World: Was Stuxnet built to attack Iran’s nuclear program?
- Telepolis: Ist Stuxnet ein Staatstrojaner (german only)
- Langner.com: Stuxnet Logbook (detailed technical analysis)
Update
A short overview on the articles published show, that almost all of them cite german security specialists Frank Rieger (member of Chaos Computer Club) or Ralph Langner (Founder of Langner.com).