US a target for cyber attacks in Stuxnet fallout

By on
US a target for cyber attacks in Stuxnet fallout

Anti-virus industry 'spectacularly failed'.

Political analysts have forecast potential consequences for the United States after it was confirmed to have been involved in the creation of the Stuxnet malware that attacked Iranian uranium enrichment facilities.

The New York Times piece released last week revealed direct involvement by US President Barack Obama in ordering the creation and spread of the malware to the Iranian facilities, which largely succeeded before the virus was discovered outside of the country.

But the United States, seen as one of the most vulnerable countries to “cyber-attacks” due to its heavy reliance on computers, could become highly prone to similar attacks in future as retaliation to its actions.

SANS Institute director of research Alan Paller said news of the US' involvement meant businesses and infrastructure operators would be required to bolster their own defences against such attacks.

"We are now going to be the target of massive attacks," Paller told Computerworld US.

"For a long time everything has been under the radar ... the US has acted like it was an innocent victim. But behaviour will change when there's no longer an argument."

Ohers called it the "end of plausible deniability" for the US regarding its involvement in the attacks.

Though first created during the Bush administration under the code name 'Olympic Games', the Obama government continued using new variants of Stuxnet to sabotage the Iranian uranium refinement site, Natanz. Using a worm to sabotage Iran’s nuclear weapons programme was deemed preferable to Israeli air strikes on the facility.

Stuxnet’s existence became known in June 2010 after a programming error made the worm spread to an engineer’s computer that was connected to a centrifuge, and from there, around the world.

The Stuxnet worm and recently discovered Flame malware represent “a spectacular failure for our company and the antivirus industry in general” according to Mikko Hyppönen, the chief research office of Finnish security firm F-Secure in an article written for Wired.com’s Threat Level blog.

According to Hyppönen, Stuxnet wasn’t detected until well over a year after it was unleashed. F-Secure had samples of Flame dating back to 2010 and 2011 that were collected through its automated reporting systems, but Hyppönen said his company was unaware their existence.

Flame, Stuxnet and Duqu were most likely written by a Western intelligence agency and hidden in plain sight, according to Hyppönen, using standard code libraries that made them look more like a business database system than pieces of malware.

Hyppönen said there were likely to be more variants of politically motivated malware not yet detected.

Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

You must be a registered member of iTnews to post a comment.
| Register

Poll

New Windows 10 users, are you upgrading from...
Windows 8
Windows 7
Windows XP
Another operating system
Windows Vista
How should the costs of Australia's piracy scheme be split?
Rights holders should foot the whole bill
50/50
ISPs should foot the whole bill
Government should chip in a bit
Other
View poll archive

Whitepapers from our sponsors

What will the stadium of the future look like?
What will the stadium of the future look like?
New technology adoption is pushing enterprise networks to breaking point
New technology adoption is pushing enterprise networks to breaking point
Gartner names IBM a 'Leader' for Disaster Recovery as a Service
Gartner names IBM a 'Leader' for Disaster Recovery as a Service
The next era of business continuity: Are you ready for an always-on world?
The next era of business continuity: Are you ready for an always-on world?

Log In

Username:
Password:
|  Forgot your password?