LA Times: Will the cyber worm turn?

Thanks to @CyberAware on twitter I read this article in the LA Times:

http://lat.ms/eorzzL??

This article helps put what might have happens in Iran in context and raises the question of how this malware might be used next. Stuxnet was introduced into the computing environment via infected USB keys. ??That implies that these keys were spread so as to reach specific targets. ??The malware in Stuxnet was coded so as to be able to run the motors in a specialized piece of equipment (gas??centrifuges) at a very high speed while reporting via the manufacturers (Siemens) software that the equipment was not running at high speed. That has to be very specialized code able to discern that this program has been installed on the computer and then interacting with installed programs to send commands during operation and disrupt the ability to report how a remote motor was running.

Just think about this for a minute. ??These are not computers attached to the Internet. ??If you are the machine operator and you see this happen one of the first things you do is pull that computer and try using another. ??So you have to build a backup if you don't have one standing by. ??With that comes the chance that you'll infect the new computer. ??That chance gets higher if the USB key has some valuable program on it. ??Or a program of value to the operator.??

From the article: "There's a big difference between flooding websites with traffic and making machines go haywire, but it's worth remembering that Stuxnet was spread by people doing something simple and common that was riskier than they realized: transferring files from one PC to another through a USB drive. In an increasingly interconnected world, it's hard to tell where the cyber battlefield begins and ends. An effective defense starts with everyone understanding what the risks are and what they can do to minimize them."
Advertisements