Stuxnet Worm Attacks Iranian Nuclear Plant But Who Created It?
The Stuxnet worm has targeted computers located in nuclear plants and is called the world's most sophisticated malware ever. To further emphasize Stuxnet's complex and sophisticated nature, it was revealed to be able to re-infect computers that were once cleaned of this dangerous parasite causing a major uproar and fear of nuclear proliferation.
Stuxnet is a dangerous computer worm that targets vulnerable (un-patched) Windows PCs that oversee industrial-control systems (SCADA - supervisory control and data acquisition) that manage and monitor machinery in power plants, pipelines, military installations and various other industrial factories.
The Stuxnet worm computer parasite has turned up in various locations around the world, including industrial programs on computers operated by workers of Iran's nuclear project. Stuxnet remains to be a mystery to many security researchers in the sense that they speculated it was created by a government hinting at digital warfare. This notion was thought of because of the fact that Stuxnet went after industrial systems demonstrating what a broken government organization would do.
Stuxnet was able slip under the radar and spread quickly targeting thousands of computers around the world. The most surprising factor about Stuxnet spreading so far was it showing up on an Iranian nuclear enrichment plant. Perhaps the scary part about Stuxnet is that it infected computers in a nuclear plant and could potentially have the ability to control those systems.
Some researchers who have been analyzing Stuxnet concluded that it may have spread through USB flash drives. Others who have been following Stuxnet have found another way that the worm spreads, through a malicious DLL that is injected into every Step 7 project on a compromised computer. Step 7 is the Siemens (German industrial engineering conglomerate) software used to configure and program the German company's industrial control system hardware. Basically, when the Stuxnet worm detects Step 7 software, it then attempts to hijack the program giving remote control to outsiders. Through this whole process, Stuxnet is able to spread to uninfected computers, which may have been rid of the infection at one time, through the Internet.
Siemens had about 14 plants, mostly in Germany, that were infected by Stuxnet but information on how the worm was able to infect those plants is still unknown. The uncertainty of Stuxnet may lie with its ability to come with a rootkit, which gives it the ability to hide any commands it downloads from operators of the Siemens systems. This means that the software could contain hidden commands not identifiable by those who seek to remove the parasite from infected computers.
Stuxnet is undeniably complex. As security researchers from various companies further examine and find out more information about this sophisticated worm, it will essentially help others to block the infection instead of removing it and later discovering that their system has become re-infected. As far as Stuxnet setting off a 'global alarm' because of the type of plants (nuclear) that it has affected, it has unquestionably gained the attention of several officials such as the deputy head of Iran's Atomic Energy Organization. After all, Stuxnet has raised the fear of dangerous proliferation. Security and intelligence agencies over the world have a major concern of what this parasite was created to do and who its creators are. Over the next few days or weeks, we should have a better grasp on the purpose of Stuxnet and will know if we should have any reason to worry about potential nuclear proliferation.