‘The most sophisticated malware in the last 5 years’ – and it’s aimed at power plants

by | Sep 24, 2010


Today’s FT has a piece about a bit of malware called Stuxnet, which “has infected an unknown number of power plants, pipelines and factories” (or more specifically, the SCADA – Supervisory Control and Data Acquisition – systems that control them). According to the FT, Stuxnet

…spreads through previously unknown holes in Microsoft’s Windows operating system and then looks for a type of software made by Siemens and used to control industrial components, including valves and brakes. 

Stuxnet can hide itself, wait for certain conditions and give new orders to the components that reverse what they would normally do, the experts said. The commands are so specific that they appear aimed at an industrial sector, but officials do not know which one or what the affected equipment would do.

While cyber attacks on computer networks have slowed or stopped communication in countries such as Estonia and Georgia, Stuxnet is the first aimed at physical destruction and it heralds a new era in cyberwar.

For the tech details, see this briefing from Microsoft’s Malware Protection Center back in July, and also this comprehensive overview from Wired – which notes that Symantec is calling the worm “the most complex piece of malware we’ve seen in the last five years or more … it’s the first known time that malware is not targeting credit card [data], is not trying to steal personal user data, but is attacking real-world processing systems. That’s why it’s unique and is not over-hyped.”

So is this down to hackers, terrorists or organised crime targeting the soft underbelly of OECD economies? Not necessarily. Some analysts are speculating that the target may be Iran’s nuclear program, given that the majority of infections have taken place there. That’s not confirmed by any means – but what analysts do know, according to Wired, is that

the worm is designed to attack a very particular configuration of the Simatic SCADA software, indicating the malware writers had a specific facility or facilities in mind for their attack and had extensive knowledge of the system they were targeting

Analysts have been expecting this type of attack for a long timeJohn Robb highlighted SCADA vulnerabilities in an excellent blog post on infrastructure attacks all the way back in 2004 – but it’s been slow to materialise.

The headache for governments is that defending critical national infrastructure successfully against this kind of attack depends on how good utility companies’ security is – which is why governments have been spending a lot more time and energy on stuff like this.

Author

  • Alex Evans

    Alex Evans is founder of Larger Us, which explores how we can use psychology to reduce political tribalism and polarisation, a senior fellow at New York University, and author of The Myth Gap: What Happens When Evidence and Arguments Aren’t Enough? (Penguin, 2017). He is a former Campaign Director of the 50 million member global citizen’s movement Avaaz, special adviser to two UK Cabinet Ministers, climate expert in the UN Secretary-General’s office, and was Research Director for the Business Commission on Sustainable Development. Alex lives with his wife and two children in Yorkshire.

    View all posts

More from Global Dashboard

Let’s make climate a culture war!

Let’s make climate a culture war!

If the politics of climate change end up polarised, is that so bad?  No – it’s disastrous. Or so I’ve long thought. Look at the US – where climate is even more polarised than abortion. Result: decades of flip flopping. Ambition under Clinton; reversal...