IT Security: Malware Targets

I recently blogged about GCHQ's warning of the threat posed to our emergency services, the Stuxnet worm is a point in case that illustrates this perceived threat.

Research last week shows how the worm was designed to target the industrial equipment used in power plants and other large scale utility installations; additional analysis suggests that it was specifically aimed at the centrifuges that are used to enrich uranium.

Security firm Secruicon specialise in picking out the digital fingerprints hackers leave behind in malware - when they looked at Stuxnet and broke it down it's intended path became clear. One part targets industrial control systems, another manages the worm's method of infection and lastly there is the piece that allows it's creators to communicate with and control it.

One specific block of the worm was focused on the Programmable Logic Controllers used in industrial plants to automate motors and pumps.

The research suggests that a team of between 6 and 10 people were behind Stuxnet and someone within this group would have had information about how to access industrial plants in, for example, Iran - if that was indeed the actual target.

Where the worm failed was that IT security firms were able to take over the communication and control block of the malware. Orla Cox, Security Operations Manager at Symantec said,

"Someone has serious egg on their face because they are never going to be able to use this investment ever again".

IT Security & Communications Manager

Follow me on Twitter

ARM

Share / Bookmark Subscribe to this post's comments using RSS