Researchers warn that Stuxnet, the highly sophisticated designer-virus that infects critical control systems, may have spread beyond Iran and Russia, and has likely infected a number of power plants in other areas of the world.
Stuxnet, which emerged in 2010 and targeted Siemens Programmable Logic Controllers (PLCs), is thought to have caused severe damage to centrifuges used at Iranian uranium enrichment facilities and set back the the country’s nuclear weapons program by several years.
“It’s highly likely that other plants globally are infected and will continue to be infected as it’s in the wild and we will see on a weekly basis businesses trying to figure out how to secure the risk of infected USB flash drives,” said FireEye’s Jason Steer.
The malware infects a computer by way of removable storage devices like USB flash drives and CD roms and by exploiting vulnerabilities in Windows systems, then spreads within the network when that unit communicates with other connected systems.
“It didn’t spread via the internet. It spread outside of its target due to a bug and so it started traveling via USB. Given the community targeted, I would not be surprised if other countries had nuclear plants with infected PCs,” said F-Secure’s Sean Sullivan.
Stuxnet targets elements of Supervisory Control and Data Acquisition (SCADA) systems used to govern critical infrastructure like power plants and in industrial production environments, and these systems tend to be extremely vulnerable.
“Many of these control systems are not connected to the internet, because they are so old and delicate that they cannot withstand any serious probing and examination, and frankly are not designed to connect to the internet as they are so insecure,” Steer explained. “Getting a vulnerability to a network not connected is not so difficult anymore if it’s important enough.”
Read More Here…