A powerful new computer worm apparently is capable of causing power plants or pipelines to blow up. It's a cyber superweapon called Stuxnet. Experts suspect it was designed to disable nuclear facilities in Iran but Stuxnet could have consequences its creators did not anticipate.When cybersecurity experts get together, they usually talk about such things as the latest techniques in credit card fraud. But the big session at the Virus Bulletin conference in Vancouver, Canada, Thursday, was one called Stuxnet: An in depth Look. It was arranged by the Symantec company, whose researchers have been analyzing the computer worm for several weeks.
Eric Chien technical director at Symantec's Security Response Unit, says he and his colleagues have been stunned by what they've found.
"I've been dealing with malicious code threats for 15 to 20 years now, I've seen every large sort of outbreak, and we've never seen anything like this," Chien says. "It's fundamentally changed our job, to be honest."
Because studying a computer worm designed to sabotage a power plant or gas refinery is a far cry from thinking about some virus engineered by a lone hacker.
"It changes the urgency at which we have to analyze these threats and understand them and make sure that people who are affected know they are affected and how to get themselves cleaned up," Chien says.
The Symantec researchers say the Stuxnet worm was designed by a well-funded, well-organized group, perhaps affiliated with a government. They're convinced it was meant to target facilities in Iran. The worm was apparently designed to penetrate and take over the computerized control system used in nuclear plants there.
But it's becoming clear that the repercussions may go far beyond Iran.
www.npr.org
Two solutions:
Take these vulnerable computers off the Internet.
- or -
Rip them out the wall and replace them with Linux machines.
