Stuxnet infected Russian nuclear plant

By
Follow google news

Jumped airgap, Kaspersky boss says.

Stuxnet had 'badly infected' the internal network of a Russian nuclear plant after the sophisticated malware caused chaos in Iran's uranium facilities in Natanz.

Stuxnet infected Russian nuclear plant

The malware, widely considered to have been developed by the US Government as a means to disrupt Iran's uranium enrichment plans, had crossed a physically separated 'air-gapped' network in the Russian plant after it was carried across on a USB device.

Eugene Kaspersky, the charismatic boss of the Russian antivirus company bearing his name, said a staffer at the unnamed nuclear plant informed him of the infection.

"[The staffer said] their nuclear plant network which was disconnected from the internet ... was badly infected by Stuxnet," Kaspersky said.

"So unfortunately these people who were responsible for offensive technologies, they recognise cyber weapons as an opportunity."

But USB devices were used to ferry malware cross a far greater air-gap: Russian astronauts had carried a virus on removable media to the International Space Station infecting machines there, Kaspersky said.

In a presentation given at the Canberra Press Club designed to give mainstream journalists a broad overview of the state of information security, the chief executive offered his view of the state of online crime and state-sponsored espionage.

"All the data is stolen," Kaspersky said. "At least twice."

He said sophisticated malware like Gauss, Flame and Red October were rare and would require around $10 million to build.

Such malware had infected Saudi Aramco knocking it offline for two weeks, Kaspersky noted.

Half of all malware was written in Chinese, according to Kaspersky. About a third was written in Spanish or Portuguese, followed by Russian-coded malware that was less prevalent but the most sophisticated in the world, he said.

He said Chinese malware appeared to 'not care' about operational security because researchers regularly found personal photos and social networking accounts on servers used in attack campaigns.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:
securitystuxnet

Sponsored Whitepapers

Fintech compliance made fast and secure
Fintech compliance made fast and secure
How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide
How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide
2025 Security operations insights: Three-quarters of security leaders need something new in SIEM
2025 Security operations insights: Three-quarters of security leaders need something new in SIEM
Sumo Logic named in the 2025 Gartner Critical Capabilities for Security Information and Event Management (SIEM)
Sumo Logic named in the 2025 Gartner Critical Capabilities for Security Information and Event Management (SIEM)
The cloud tipping point
The cloud tipping point

Events

Most Read Articles

Telstra used ConnectID impermissibly for months

Telstra used ConnectID impermissibly for months
University of Sydney "online IT code library" breached

University of Sydney "online IT code library" breached
Services Australia describes fraud, debt-related machine learning use cases

Services Australia describes fraud, debt-related machine learning use cases
Murray Irrigation landholder data accidentally leaked

Murray Irrigation landholder data accidentally leaked
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio

Log In

  |  Forgot your password?