Stuxnet - A Malware rapidly spreading to cause destruction at physical levelThe cyber worm, called Stuxnet, has been the object of intense study since its detection in June. As more has become known about it, alarm about its capabilities and purpose have grown. Some top cyber security
experts now say Stuxnet's arrival heralds something blindingly new: a cyber weapon created to cross from the digital realm to the physical world – to destroy something. -src
According to Symantec, which has been investigating the virus and plans to publish details of the rogue commands on Wednesday, Iran has had far more infections than any other country.
"It is not speculation that this is the first directed cyber weapon", or one aimed at a specific real-world process, said Joe Weiss, a US expert who has testified to Congress on technological security threats to the electric grid and other physical operations. "The only speculation is what it is being used against, and by whom."
Experts say Stuxnet's knowledge of Microsoft's Windows operating system, the Siemens program and the associated hardware of the target industry make it the work of a well-financed, highly organised team. -src
In particular, Stuxnet hooks the programming software, which means that when someone uses the software to view code blocks on the PLC, the injected blocks are nowhere to be found. This is done by hooking enumeration, read, and write functions so that you can’t accidentally overwrite the hidden blocks as well. -src
The head of the Pentagon's cyber war department, Vice Adm. Bernard McCullough said Thursday, Sept. 22, that Stuxnet had capabilities never seen before. In a briefing to the Armed Forces Committee of US Congress, he testified that it was regarded as the most advanced and sophisticated piece of Malware to date. -src: Yahoo News
Mahmoud Alyaee, secretary-general of Iran's industrial computer servers, including its nuclear facilities control systems, confirmed Saturday, Sept. 25, that 30,000 computers belonging to classified industrial units had been infected and disabled by the malicious Stuxnet virus. -src