Slashdot Mirror

← Back to Stories (view on slashdot.org)

Precursor To the Next Stuxnet?

Posted by Unknown on from the us-government-denies-involvement dept.

An anonymous reader writes "On Oct. 14, 2011 Symantec was alerted to a malware sample from some recovered computers that demonstrated code similar to Stuxnet. This code however appears to serve a different purpose, apparently laying the groundwork for a future Stuxnet type of attack." Quoting Symantec: "The threat was written by the same authors (or those that have access to the Stuxnet source code) and appears to have been created since the last Stuxnet file was recovered. Duqu's purpose is to gather intelligence data and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party. The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility."

5 of 49 comments (clear)

  1. After all the publicity Stuxnet created... by wrldwzrd89 · · Score: 2

    ... a development like this seemed inevitable, it was only a question of when it would happen again - the mere existence of Stuxnet proved that a malware attack on an industrial control system is not only plausible, but effective if done right. Furthermore, I'm sure the attackers realize that they can cause a lot of damage without ever having to visit a site physically. This fact makes such attacks more difficult than usual to defend against, and not helping matters is that not all industrial control vendors are even aware of security problems with their devices; let alone the time it takes to get a patch tested, validated, and deployed.

    1. Re:After all the publicity Stuxnet created... by mlts · · Score: 2

      Not to mention that Stuxnet showed that one could do a major attack against a country without a single shot being fired.

      Additionally, I'm sure the IRG has a bunch of coders looking to exact revenge... and there are a lot of IT departments run by lazy PHBs who believe in the slogan, "I can just call Geek Squad if we get hacked... otherwise it is too expensive to bother with security."

      So, seeing something Stuxnet based is not a surprise... I just wonder what will be attacked first, some power company whose idea of security is turning off SSID broadcast (but leaving the wireless segment open so the old game console can get on without configuration), or perhaps some manufacturing company who has Joe Sixpack in receiving browsing pr0n between trucks causing malware entry will be the target. It really is only a matter of time when someone will knock something down.

  2. Duqu? by Ihmhi · · Score: 2

    Duqu? Like the count?

    Programmers are Star Wars nerds, Film at 11.

    Next year, we'll have a worm called 4n4k1n which melts hard drives as if they were dropped into molten lava. Damn, evil geniuses used to give their doomsday weapons classy names like "Ice-9" or "Moonraker" or "Britney Spears".

    --
    Random Thoughts From A Diseased Mind (Not For Dummies)
  3. Hey, if at first you succeed... by Fluffeh · · Score: 2

    Then you are clearly onto something good!

    Seriously, if anyone thought that either a, whoever built Stuxnet or b, all those who said "Wow, that worked well..." wouldn't be stumbling over one another to release ver 2.0 either had their head buried in the sand, or there are pink unicorns farting rainbows in their existence.

    I would go further again and say that if anyone thinks that the mega-corporations might not be looking at possible similar little ideas to say knock out a competitors new product range of TVs or to cause problems in that new line of cars with wifi spots is also sadly mistaken. It's not to say that I have a tinfoil hat on or the like, but this is "serious business" when it comes to potentially millions and millions of dollars. Just look at all the fuss and bad press that Toyota got when they had their "funny accelerator pedal" problem a while ago. I can't even remember what the eventual cause was, I do recall reading a number of amusing possible scenarios like particles from space, people getting confused with the pedals and a bunch more - but what if the next time it was simply a virus engineered by a rival manufacturer?

    --
    Moved to http://soylentnews.org/. You are invited to join us too!
  4. Re:Original Authors? by chrb · · Score: 3, Informative

    "Stuxnet source code is not out there. Only the original authors have it. So, this new backdoor was created by the same party that created Stuxnet." - F-Secure.