logo
logo
logo
logo
James Hammond 2018-11-06
img

Iran claims it has foiled several cyber attacks staged by Israel which included a new version of the infamous Stuxnet malware.

Stuxnet is thought to have been developed in a joint effort between Israeli and US intelligence agencies.

“Recently, we discovered a new generation of Stuxnet which consisted of several parts … and was trying to enter our systems,” the ISNA news agency reported Gholamreza Jalali, head of Iran’s civil defense agency, as saying last week.

A New York Times report from 2012 revealed how Stuxnet ended up in the wild after it accidentally escaped from a targeted Iranian nuclear facility called Natanz.

The program was first authorised by President Bush and was only supposed to work within the Natanz facility, which was air-gapped from outside networks.

However, it’s thought Stuxnet escaped after computers and memory cards were carried between the public internet and the private Natanz network.

collect
0
Steven Cusick 2016-07-05
img

Alex Gibney, the famed documentarian behind the the jaw-dropping film Going Clear that investigated the Church of Scientology, has a new movie that explores Stuxnet, a piece of Malware created by the United States and Israel to take down Iranian nuclear facilities.

The director just sent Gizmodo his latest trailer.

Stuxnet is considered to be one of the first pieces of malware created by one nation to attack another nation.

After Stuxnet was deployed, it eventually infected an Iranian nuclear centrifuge and slowly destroyed it.

The facility operators had no clue.

collect
0
Alex Blair 2019-07-10
img

Power, infrastructure, factory gear can be hijacked without any password check at all

Industrial control software vulnerabilities, which would be perfect for next-gen Stuxnet-style worms to exploit, are as prevalent as ever, apparently.

A report out this week from Tenable outlined a series of CVE-listed security holes in the products of four of the largest industrial control system (ICS) makers, including Siemens, whose controllers at Iranian nuclear enrichment plants were the primary target of Stuxnet.

Developed chiefly by America and Israel, Stuxnet worked by infecting Windows PCs and searching networks for computers connected to particular Siemens industrial controllers – those seemingly configured to regulate the rotor speed of gas centrifuges used by Iran – and then reprogrammed the controllers [PDF] to stealthily wreck the sensitive high-speed enrichment equipment.

Specifically, Stuxnet exploited three holes in Microsoft Windows and one in Siemens's Windows-based SIMATIC software to commandeer gear in Iran's nuclear program.

It is therefore feared future strains of Stuxnet-like nasties, developed by any competent hacking operation, could potentially seize upon similar flaws still present in systems controlling important machinery and cause rather unpleasant damage.

collect
0
Bruce Garland 2019-05-16
img

Iran has claimed it has developed a firewall that will protect its critical infrastructure from cyber-attacks, including the infamous Stuxnet malware.

It comes after Iran claimed it was attacked by Israel last November, when its telecommunications facilities were allegedly targeted.

Stuxnet is thought to have been created by both Israel and the United States, after it was discovered in 2010 when it was used to attack a uranium enrichment facility at Iran’s Natanz nuclear site.

This was thought to be the first time that malware had been used to attack industrial machinery.

But in 2013 Symantec researchers said they had uncovered a version of Stuxnet that may have first been pushed out as early as 2005.

Iran has responded to these attacks, after Reuters quoted the Iranian communications minister as saying on Thursday, that the country had readied its own cyber defences.

collect
0
hardeep kaur 2019-08-20

Stuxnet is a PC worm that objectives the sorts of mechanical control frameworks (ICS) that are regularly utilized in foundation supporting offices (for example power plants, water treatment offices, gas lines, and so forth).The worm is frequently said to have been first found in 2009 or 2010 however was really found to have assaulted Iran's atomic program as right on time as 2007.

Back then, Stuxnet was found mostly in Iran, Indonesia, and India, representing over 85% all things considered.From that point forward, the worm has influenced a huge number of PCs in numerous nations, even totally demolishing a few machines and clearing out an enormous segment of Iran's atomic rotators.What Does Stuxnet Do?Stuxnet is intended to change Programmable Logic Controllers (PLCs) utilized in those offices.

In an ICS situation, the PLCs robotize modern sort undertakings, for example, controlling stream rate to keep up weight and temperature controls.It's worked to just spread to three PCs, yet each of those can spread to three others, which is the manner by which it proliferates.Another of its qualities is to spread to gadgets on a nearby system that isn't associated with the web Activation Roku Code Link For instance, it may move to one PC through USB however then spread to some other private machines behind the switch that are not set up to reach outside systems, successfully making intranet gadgets contaminate one another.At first, Stuxnet's gadget drivers were carefully marked since they were stolen from authentic testaments that connected to JMicron and Realtek gadgets, which enabled it to effectively introduce itself with no suspicious prompts to the client.

From that point forward, in any case, VeriSign has denied the declarations.In the event that the infection arrives on a PC that doesn't have the right Siemens programming introduced, it will stay futile.

This is one noteworthy contrast between this infection and others, in that it was worked for an amazingly explicit reason and does not "need" to do anything odious on different machines.How Does Stuxnet Reach PLCs?For security reasons, a large number of the equipment gadgets utilized in modern control frameworks are not web associated (and regularly not by any means associated with any nearby systems).

To counter this, the Stuxnet worm fuses a few complex methods for engendering with the objective of in the end coming to and tainting STEP 7 task records used to program the PLC gadgets.For introductory engendering purposes, the worm targets PCs running the Windows working frameworks and as a rule does this through a glimmer drive.

collect
0
Alan Krieg 2016-06-03
img

Josh Homan, Sean McBride, and Rob Caldwell named the malware "Irongate" and say it is probably a proof-of-concept that is likely not used in wild.

Industrial control system malware are complex beasts in large part because exploitation requires knowledge of often weird, archaic, and proprietary systems.

It is this that makes Irongate interesting.

The malware is also unique in that it employs man-in-the-middle attacks to capture normal traffic on human machine interfaces to replay it in a bid to mask anomalies during attacks.

That replay trick is reminiscent of work by IOActive researcher Alexander Bolshev who told The Register how frequency and amplitude modifications in waves generated by control programmable logic controllers could allow attacks to be masked.

"Even though process operators face no increased risk from the currently identified members of the Irongate malware family, it provides valuable insight into adversary mindset."

collect
0
Joel Schroeder 2016-06-12
img

One well-respected security expert thinks humanity will see its

first death as a result of a hack within 10 years - and it may

even have already happened.

Stuxnet could

already have killed people," Mikko Hypponen, chief research

officer for F-Secure told Business Insider, referring to the

sophisticated computer worm that targeted Iranian nuclear

facilities that most people believe was developed by the American

and Israeli intelligence services.

The security executive doesn't think whether or not someone

has died is what's important.

It could kill people, and they did it anyway.

Like Stuxnet, nation-state-sponsored hackers are suspected,

with

investigators pointing pointing fingers at a Russia-based

team.

Stuxnet and the Ukranian power grid

show there are hackers out there with the capability out there

today to cause fatalities, even if just as collateral damage.

collect
0
Scott Mayle 2018-05-16
img

Everyone’s new favourite dictator, Kim Jong-un, is capturing headlines.

The headline for next month’s summit is “denuclearisation”.

Read more: When Donald met Kim: US and North Korean leaders to meet in June

When he came to power at the end of 2011, Kim was already aware that protecting his dictatorship from foreign attack meant developing nuclear weapons.

He had also seen how the US had sabotaged Iran’s uranium centrifuges for bomb-making by deploying the Stuxnet computer worm.

Stuxnet, believed to be developed by the US and Israel, was a fiendishly clever piece of malware.

collect
0
Howard Marsh 2016-06-03
img

Photo: Thomas Peter / Reuters

stuxnet's heir is called Irongate, and it mimics the famous kyberase.

the security company FireEye released a report on special malware, which it named Irongateksi, i.e. iron gate.

Industrial control systems targeted malware mimics iran's nuclear program harm which has Stuxnet-a malware, which will most likely make the united states and Israel.

Like Stuxnet, including the Irongate replace the system files and is obviously written to strike a carefully selected Siemens management system configuration.

we Acknowledge that Irongate might be a test, the functionality of the authentication proof of concept or a research project on industrial control systems hit, FireEye said.

ICS stands for industrial control system.

collect
0
Bryan White 2016-07-08
img

Alex Gibney never stops working.

Last year, the Oscar-winning filmmaker gave us documentaries about Scientology, Steve Jobs and Frank Sinatra.

This year, he s offering up Zero Days, a look at Stuxnet, the computer malware that was intended as a joint American-Israeli cyber weapon.

The virus effects spanned far more than its intended target, Iran s nuclear program.

The Huffington Post and its parent company, AOL, have an exclusive clip from Zero Days that spells out the horror unleashed as a result of Stuxnet.

Gibney s movie opens in theaters and arrives on VOD platforms this weekend.

collect
0
Michael Wilson 2017-04-20
img

Users that run unpatched software, beware.

Hackers have been relying on an old software bug tied to the Stuxnet worm to carry out their attacks.

Microsoft may have initially patched the flaw in 2010, but it's nevertheless become the most widespread software exploit, according to security firm Kaspersky Lab.

On Thursday, Kaspersky posted research examining the use of exploits, or malicious programs designed to take advantage of certain software flaws.

A vulnerability known as CVE-2010-2568 and used by the Stuxnet computer worm can be weaponized to remotely execute code over a Windows computer without the user's knowledge.

In 2015, and in 2016, it was used to target about a quarter of Kaspersky users who had encountered an exploit, the security firm said.

collect
0
Wesley Reese 2016-07-07
img

MoreFILE - In this Wednesday, Feb. 17, 2016, file photo, Alex Gibney, director of the FIlm "Zero Days" answers questions during an interview with The Associated Press at the 2016 Berlinale Film Festival in Berlin.

NEW YORK AP -- Oscar-winning documentary filmmaker Alex Gibney believes the first atomic bomb of the cyberwarfare age has already been dropped.

Iran considers Stuxnet part of a concerted effort by Israel and the U.S. to undermine its nuclear program through covert operations, though neither government has acknowledged any involvement.

"Zero Days" is an examination of Stuxnet: how outside security researchers got wind of it, where it came from, and what it portends for global security in the future.

The movie opens Friday in theaters, online and through video on demand .

Questions and answers have been edited for clarity and length.

collect
0
Porter Johnson 2016-10-18
img

Cartwright pleaded guilty to making false statements during a federal investigation

To continue providing news and award winning journalism, we rely on advertising revenue.

To continue reading, please turn off your ad blocker or whitelist us.

A retired US military four-star general has pleaded guilty to making false statements to the FBI during an investigation into the leak of top secret information about a government-sanctioned cyberattack on an Iranian nuclear facility.

According to the Department of Justice DoJ , Cartwright – between January and June 2012 – disclosed classified information about the now-infamous Stuxnet computer worm to two reporters, New York Times' David Sanger and then-Newsweek journalist Daniel Klaidman, without authorisation.

While the names of the published articles and books using the leaked information were left unnamed, Sanger previously wrote a book called Confront and Conceal about Stuxnet – a sophisticated exploit developed by US and Israeli intelligence to disrupt centrifuges the Iranians were using to enrich uranium.

collect
0
Eddie Cox 2016-06-03
img

Iron Gate was discovered by security researcher from FireEye at the end of last year.

Iron Gate performs a kind man in the middle attack.

It records five seconds of "normal mode", and then loops them - it can be compared with the robbers who send the same femsekundersloop a surveillance camera.

Siemens Security says to FireEye that it does not use any vulnerabilities in their systems, and that the attack would not work against the control systems they sell without being modified.

It is possible that in the case of a research project, or for anyone who wanted to try to build a Stuxnet-copy.

In two years' time, it may very well have become a fully functional malware in the vein of Stuxnet - and the question is whether the industry is ready for it.

collect
0
Mary Condie 2016-08-16
img

An anonymous hackergrupp claims to have stolen the hacking tools that belong to the us intelligence service NSA.

the League is behind the theft to call themselves the Shadow Brokers is a name they seem to be downloaded from the video game series Mass Effect, and laid over the weekend a now deleted post on Tumblr: "We are offering the best files to the highest bidder.

the auctioning of the files better than Stuxnet".

the act of Infringement must have occurred in Equation Group, a hackergrupp which is said to belong to the NSA, and is famous for its advanced tools.

They are believed to have been developed precisely the Stuxnet worm, according to security firm Kaspersky.

In connection with the auction added Shadow Brokers out a number of files on Github as proof of the feat.

collect
0
Frances Hill 2017-11-01
img

No longer just a spy game

Malware that is signed with compromised certificates creates a means for hackers to bypass system protection mechanisms based on code signing.

The tactic extends far beyond high profile cyber-spying ops, such as the Stuxnet attack against Iranian nuclear processing facilities or the recent CCleaner-tainted downloads infection.

Security researchers at the University of Maryland found 72 compromised certificates after analysing field data collected by Symantec on 11 million hosts worldwide.

"Most of these cases were not previously known, and two thirds of the malware samples signed with these 72 certificates are still valid, the signature check does not produce any errors," Tudor Dumitras, one of the researchers, told El Reg.

"Certificate compromise appears to have been common in the wild before Stuxnet, and not restricted to advanced threats developed by nation-states.

collect
0
James Hammond 2018-11-06
img

Iran claims it has foiled several cyber attacks staged by Israel which included a new version of the infamous Stuxnet malware.

Stuxnet is thought to have been developed in a joint effort between Israeli and US intelligence agencies.

“Recently, we discovered a new generation of Stuxnet which consisted of several parts … and was trying to enter our systems,” the ISNA news agency reported Gholamreza Jalali, head of Iran’s civil defense agency, as saying last week.

A New York Times report from 2012 revealed how Stuxnet ended up in the wild after it accidentally escaped from a targeted Iranian nuclear facility called Natanz.

The program was first authorised by President Bush and was only supposed to work within the Natanz facility, which was air-gapped from outside networks.

However, it’s thought Stuxnet escaped after computers and memory cards were carried between the public internet and the private Natanz network.

Alex Blair 2019-07-10
img

Power, infrastructure, factory gear can be hijacked without any password check at all

Industrial control software vulnerabilities, which would be perfect for next-gen Stuxnet-style worms to exploit, are as prevalent as ever, apparently.

A report out this week from Tenable outlined a series of CVE-listed security holes in the products of four of the largest industrial control system (ICS) makers, including Siemens, whose controllers at Iranian nuclear enrichment plants were the primary target of Stuxnet.

Developed chiefly by America and Israel, Stuxnet worked by infecting Windows PCs and searching networks for computers connected to particular Siemens industrial controllers – those seemingly configured to regulate the rotor speed of gas centrifuges used by Iran – and then reprogrammed the controllers [PDF] to stealthily wreck the sensitive high-speed enrichment equipment.

Specifically, Stuxnet exploited three holes in Microsoft Windows and one in Siemens's Windows-based SIMATIC software to commandeer gear in Iran's nuclear program.

It is therefore feared future strains of Stuxnet-like nasties, developed by any competent hacking operation, could potentially seize upon similar flaws still present in systems controlling important machinery and cause rather unpleasant damage.

hardeep kaur 2019-08-20

Stuxnet is a PC worm that objectives the sorts of mechanical control frameworks (ICS) that are regularly utilized in foundation supporting offices (for example power plants, water treatment offices, gas lines, and so forth).The worm is frequently said to have been first found in 2009 or 2010 however was really found to have assaulted Iran's atomic program as right on time as 2007.

Back then, Stuxnet was found mostly in Iran, Indonesia, and India, representing over 85% all things considered.From that point forward, the worm has influenced a huge number of PCs in numerous nations, even totally demolishing a few machines and clearing out an enormous segment of Iran's atomic rotators.What Does Stuxnet Do?Stuxnet is intended to change Programmable Logic Controllers (PLCs) utilized in those offices.

In an ICS situation, the PLCs robotize modern sort undertakings, for example, controlling stream rate to keep up weight and temperature controls.It's worked to just spread to three PCs, yet each of those can spread to three others, which is the manner by which it proliferates.Another of its qualities is to spread to gadgets on a nearby system that isn't associated with the web Activation Roku Code Link For instance, it may move to one PC through USB however then spread to some other private machines behind the switch that are not set up to reach outside systems, successfully making intranet gadgets contaminate one another.At first, Stuxnet's gadget drivers were carefully marked since they were stolen from authentic testaments that connected to JMicron and Realtek gadgets, which enabled it to effectively introduce itself with no suspicious prompts to the client.

From that point forward, in any case, VeriSign has denied the declarations.In the event that the infection arrives on a PC that doesn't have the right Siemens programming introduced, it will stay futile.

This is one noteworthy contrast between this infection and others, in that it was worked for an amazingly explicit reason and does not "need" to do anything odious on different machines.How Does Stuxnet Reach PLCs?For security reasons, a large number of the equipment gadgets utilized in modern control frameworks are not web associated (and regularly not by any means associated with any nearby systems).

To counter this, the Stuxnet worm fuses a few complex methods for engendering with the objective of in the end coming to and tainting STEP 7 task records used to program the PLC gadgets.For introductory engendering purposes, the worm targets PCs running the Windows working frameworks and as a rule does this through a glimmer drive.

Joel Schroeder 2016-06-12
img

One well-respected security expert thinks humanity will see its

first death as a result of a hack within 10 years - and it may

even have already happened.

Stuxnet could

already have killed people," Mikko Hypponen, chief research

officer for F-Secure told Business Insider, referring to the

sophisticated computer worm that targeted Iranian nuclear

facilities that most people believe was developed by the American

and Israeli intelligence services.

The security executive doesn't think whether or not someone

has died is what's important.

It could kill people, and they did it anyway.

Like Stuxnet, nation-state-sponsored hackers are suspected,

with

investigators pointing pointing fingers at a Russia-based

team.

Stuxnet and the Ukranian power grid

show there are hackers out there with the capability out there

today to cause fatalities, even if just as collateral damage.

Howard Marsh 2016-06-03
img

Photo: Thomas Peter / Reuters

stuxnet's heir is called Irongate, and it mimics the famous kyberase.

the security company FireEye released a report on special malware, which it named Irongateksi, i.e. iron gate.

Industrial control systems targeted malware mimics iran's nuclear program harm which has Stuxnet-a malware, which will most likely make the united states and Israel.

Like Stuxnet, including the Irongate replace the system files and is obviously written to strike a carefully selected Siemens management system configuration.

we Acknowledge that Irongate might be a test, the functionality of the authentication proof of concept or a research project on industrial control systems hit, FireEye said.

ICS stands for industrial control system.

Michael Wilson 2017-04-20
img

Users that run unpatched software, beware.

Hackers have been relying on an old software bug tied to the Stuxnet worm to carry out their attacks.

Microsoft may have initially patched the flaw in 2010, but it's nevertheless become the most widespread software exploit, according to security firm Kaspersky Lab.

On Thursday, Kaspersky posted research examining the use of exploits, or malicious programs designed to take advantage of certain software flaws.

A vulnerability known as CVE-2010-2568 and used by the Stuxnet computer worm can be weaponized to remotely execute code over a Windows computer without the user's knowledge.

In 2015, and in 2016, it was used to target about a quarter of Kaspersky users who had encountered an exploit, the security firm said.

Porter Johnson 2016-10-18
img

Cartwright pleaded guilty to making false statements during a federal investigation

To continue providing news and award winning journalism, we rely on advertising revenue.

To continue reading, please turn off your ad blocker or whitelist us.

A retired US military four-star general has pleaded guilty to making false statements to the FBI during an investigation into the leak of top secret information about a government-sanctioned cyberattack on an Iranian nuclear facility.

According to the Department of Justice DoJ , Cartwright – between January and June 2012 – disclosed classified information about the now-infamous Stuxnet computer worm to two reporters, New York Times' David Sanger and then-Newsweek journalist Daniel Klaidman, without authorisation.

While the names of the published articles and books using the leaked information were left unnamed, Sanger previously wrote a book called Confront and Conceal about Stuxnet – a sophisticated exploit developed by US and Israeli intelligence to disrupt centrifuges the Iranians were using to enrich uranium.

Mary Condie 2016-08-16
img

An anonymous hackergrupp claims to have stolen the hacking tools that belong to the us intelligence service NSA.

the League is behind the theft to call themselves the Shadow Brokers is a name they seem to be downloaded from the video game series Mass Effect, and laid over the weekend a now deleted post on Tumblr: "We are offering the best files to the highest bidder.

the auctioning of the files better than Stuxnet".

the act of Infringement must have occurred in Equation Group, a hackergrupp which is said to belong to the NSA, and is famous for its advanced tools.

They are believed to have been developed precisely the Stuxnet worm, according to security firm Kaspersky.

In connection with the auction added Shadow Brokers out a number of files on Github as proof of the feat.

Steven Cusick 2016-07-05
img

Alex Gibney, the famed documentarian behind the the jaw-dropping film Going Clear that investigated the Church of Scientology, has a new movie that explores Stuxnet, a piece of Malware created by the United States and Israel to take down Iranian nuclear facilities.

The director just sent Gizmodo his latest trailer.

Stuxnet is considered to be one of the first pieces of malware created by one nation to attack another nation.

After Stuxnet was deployed, it eventually infected an Iranian nuclear centrifuge and slowly destroyed it.

The facility operators had no clue.

Bruce Garland 2019-05-16
img

Iran has claimed it has developed a firewall that will protect its critical infrastructure from cyber-attacks, including the infamous Stuxnet malware.

It comes after Iran claimed it was attacked by Israel last November, when its telecommunications facilities were allegedly targeted.

Stuxnet is thought to have been created by both Israel and the United States, after it was discovered in 2010 when it was used to attack a uranium enrichment facility at Iran’s Natanz nuclear site.

This was thought to be the first time that malware had been used to attack industrial machinery.

But in 2013 Symantec researchers said they had uncovered a version of Stuxnet that may have first been pushed out as early as 2005.

Iran has responded to these attacks, after Reuters quoted the Iranian communications minister as saying on Thursday, that the country had readied its own cyber defences.

Alan Krieg 2016-06-03
img

Josh Homan, Sean McBride, and Rob Caldwell named the malware "Irongate" and say it is probably a proof-of-concept that is likely not used in wild.

Industrial control system malware are complex beasts in large part because exploitation requires knowledge of often weird, archaic, and proprietary systems.

It is this that makes Irongate interesting.

The malware is also unique in that it employs man-in-the-middle attacks to capture normal traffic on human machine interfaces to replay it in a bid to mask anomalies during attacks.

That replay trick is reminiscent of work by IOActive researcher Alexander Bolshev who told The Register how frequency and amplitude modifications in waves generated by control programmable logic controllers could allow attacks to be masked.

"Even though process operators face no increased risk from the currently identified members of the Irongate malware family, it provides valuable insight into adversary mindset."

Scott Mayle 2018-05-16
img

Everyone’s new favourite dictator, Kim Jong-un, is capturing headlines.

The headline for next month’s summit is “denuclearisation”.

Read more: When Donald met Kim: US and North Korean leaders to meet in June

When he came to power at the end of 2011, Kim was already aware that protecting his dictatorship from foreign attack meant developing nuclear weapons.

He had also seen how the US had sabotaged Iran’s uranium centrifuges for bomb-making by deploying the Stuxnet computer worm.

Stuxnet, believed to be developed by the US and Israel, was a fiendishly clever piece of malware.

Bryan White 2016-07-08
img

Alex Gibney never stops working.

Last year, the Oscar-winning filmmaker gave us documentaries about Scientology, Steve Jobs and Frank Sinatra.

This year, he s offering up Zero Days, a look at Stuxnet, the computer malware that was intended as a joint American-Israeli cyber weapon.

The virus effects spanned far more than its intended target, Iran s nuclear program.

The Huffington Post and its parent company, AOL, have an exclusive clip from Zero Days that spells out the horror unleashed as a result of Stuxnet.

Gibney s movie opens in theaters and arrives on VOD platforms this weekend.

Wesley Reese 2016-07-07
img

MoreFILE - In this Wednesday, Feb. 17, 2016, file photo, Alex Gibney, director of the FIlm "Zero Days" answers questions during an interview with The Associated Press at the 2016 Berlinale Film Festival in Berlin.

NEW YORK AP -- Oscar-winning documentary filmmaker Alex Gibney believes the first atomic bomb of the cyberwarfare age has already been dropped.

Iran considers Stuxnet part of a concerted effort by Israel and the U.S. to undermine its nuclear program through covert operations, though neither government has acknowledged any involvement.

"Zero Days" is an examination of Stuxnet: how outside security researchers got wind of it, where it came from, and what it portends for global security in the future.

The movie opens Friday in theaters, online and through video on demand .

Questions and answers have been edited for clarity and length.

Eddie Cox 2016-06-03
img

Iron Gate was discovered by security researcher from FireEye at the end of last year.

Iron Gate performs a kind man in the middle attack.

It records five seconds of "normal mode", and then loops them - it can be compared with the robbers who send the same femsekundersloop a surveillance camera.

Siemens Security says to FireEye that it does not use any vulnerabilities in their systems, and that the attack would not work against the control systems they sell without being modified.

It is possible that in the case of a research project, or for anyone who wanted to try to build a Stuxnet-copy.

In two years' time, it may very well have become a fully functional malware in the vein of Stuxnet - and the question is whether the industry is ready for it.

Frances Hill 2017-11-01
img

No longer just a spy game

Malware that is signed with compromised certificates creates a means for hackers to bypass system protection mechanisms based on code signing.

The tactic extends far beyond high profile cyber-spying ops, such as the Stuxnet attack against Iranian nuclear processing facilities or the recent CCleaner-tainted downloads infection.

Security researchers at the University of Maryland found 72 compromised certificates after analysing field data collected by Symantec on 11 million hosts worldwide.

"Most of these cases were not previously known, and two thirds of the malware samples signed with these 72 certificates are still valid, the signature check does not produce any errors," Tudor Dumitras, one of the researchers, told El Reg.

"Certificate compromise appears to have been common in the wild before Stuxnet, and not restricted to advanced threats developed by nation-states.