Stuxnet infected Russian nuclear plant

By

Jumped airgap, Kaspersky boss says.

Stuxnet had 'badly infected' the internal network of a Russian nuclear plant after the sophisticated malware caused chaos in Iran's uranium facilities in Natanz.

Stuxnet infected Russian nuclear plant

The malware, widely considered to have been developed by the US Government as a means to disrupt Iran's uranium enrichment plans, had crossed a physically separated 'air-gapped' network in the Russian plant after it was carried across on a USB device.

Eugene Kaspersky, the charismatic boss of the Russian antivirus company bearing his name, said a staffer at the unnamed nuclear plant informed him of the infection.

"[The staffer said] their nuclear plant network which was disconnected from the internet ... was badly infected by Stuxnet," Kaspersky said.

"So unfortunately these people who were responsible for offensive technologies, they recognise cyber weapons as an opportunity."

But USB devices were used to ferry malware cross a far greater air-gap: Russian astronauts had carried a virus on removable media to the International Space Station infecting machines there, Kaspersky said.

In a presentation given at the Canberra Press Club designed to give mainstream journalists a broad overview of the state of information security, the chief executive offered his view of the state of online crime and state-sponsored espionage.

"All the data is stolen," Kaspersky said. "At least twice."

He said sophisticated malware like Gauss, Flame and Red October were rare and would require around $10 million to build.

Such malware had infected Saudi Aramco knocking it offline for two weeks, Kaspersky noted.

Half of all malware was written in Chinese, according to Kaspersky. About a third was written in Spanish or Portuguese, followed by Russian-coded malware that was less prevalent but the most sophisticated in the world, he said.

He said Chinese malware appeared to 'not care' about operational security because researchers regularly found personal photos and social networking accounts on servers used in attack campaigns.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:
securitystuxnet

Sponsored Whitepapers

Leverage Technologies: Industry-Tailored ERP Implementation for Growth and Compliance
Leverage Technologies: Industry-Tailored ERP Implementation for Growth and Compliance
Service Over Signatures: The Truth About No Lock-In IT
Service Over Signatures: The Truth About No Lock-In IT
Wasabi Reveals Hidden Costs and Cloud Storage Shifts in ANZ for 2025
Wasabi Reveals Hidden Costs and Cloud Storage Shifts in ANZ for 2025
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Protect APIs. Protect Your Business.
Protect APIs. Protect Your Business.

Events

Most Read Articles

CBA using facial recognition logins to verify disputed payments

CBA using facial recognition logins to verify disputed payments
Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"
SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy
Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?