Stuxnet "cyber superweapon?" in Pakistan also

Malware not meant for stealing data but for sabotage especially of critical industrial networks. Found lurking in Pakistan systems as well. Given the sophistication of the malware, suspicion is that it has been deployed by a country possibly israel. Once you go from hacking cracking groups stealing data to industrial sabotage, I think you cross the line from cyber crime to cyber terrorism.

Cyber weapon Stuxnet hits China

[quote=", post:, topic:"]
Stuxnet's origin and purpose is not fully understood, but experts have raised concerns that the worm appears to be designed to attack systems running critical infrastructure.

This means that in theory attackers could break into computers that control critical systems like nuclear power stations, water supply systems and electrical power grids.

Security researchers have reported finding Stuxnet on Siemens control systems in India, Indonesia, Pakistan and particularly those in nuclear power stations in Iran.

...

Researchers have described Stuxnet as a one-of-a-kind, sophisticated malware backed by a well-funded, highly skilled team, leading to speculation it is backed by a country.

[/quote]

Stuxnet file hints at Israeli link: NY Times

[quote=", post:, topic:"]
Stuxnet specifically attacks Siemens supervisory control and data acquisition, or SCADA, systems commonly used to manage water supplies, oil rigs, power plants and other industrial facilities.

The self-replicating malware has also been found lurking on Siemens systems in India, Indonesia and Pakistan, but the heaviest infiltration appears to be in Iran, according to researchers.

[/quote]

World's first 'cyber superweapon' attacks China

[quote=", post:, topic:"]
Stuxnet is feared by experts around the globe as it can break into computers that control machinery at the heart of industry, allowing an attacker to assume control of critical systems like pumps, motors, alarms and valves. It could, technically, make factory boilers explode, destroy gas pipelines or even cause a nuclear plant to malfunction.

The virus targets control systems made by German industrial giant Siemens commonly used to manage water supplies, oil rigs, power plants and other industrial facilities.

[/quote]

Stuxnet brings more new tricks to cyberwar

[quote=", post:, topic:"]
Interestingly, in mid 2009 in an interview with Israeli news website Ynetnews, Scott Borg, head of the US Cyber Consequences Unit, described exactly this attack scenario in connection with Mossad. Borg stated that someone could infiltrate malware into a uranium enrichment facility to destroy systems, "A contaminated USB stick would be enough."
[/quote]

A Way to Attack Nuclear Plants

[quote=", post:, topic:"]

Stuxnet infects Windows systems in its search for industrial control systems, often generically (but incorrectly) known as SCADA systems. Industrial control systems consist of Programmable Logic Controllers (PLCs), which can be thought of as mini-computers that can be programmed from a Windows system. These PLCs contain special code that controls the automation of industrial processes—for instance, to control machinery in a plant or a factory. Programmers use software (e.g., on a Windows PC) to create code and then upload their code to the PLCs.

[/quote]

http://www.symantec.com/connect/blogs/stuxnet-introduces-first-known-rootkit-scada-devices

terrible genius minds!

If you want to know in detail as to how this virus works, its inner working and every bit of detail then read this dossier by Symantec. It's in PDF format.

http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_stuxnet_dossier.pdf

It is a very very interesting read although most of the parts will just go over your head. Comprehensive analysis!

Aren't these system enclosed (as Nadra's system are) ?

Yes these are not connected to internet. So the infection spreads by putting infected USB drive into the computer. Just one computer is enough and the rest will be taken care off by Stuxnet itself.

TL;DR

Stuxnet represents the first of many milestones in malicious code history – it is the first to exploit four 0-day

vulnerabilities, compromise two digital certificates, and inject code into industrial control systems and hide the

code from the operator. Whether Stuxnet will usher in a new generation of malicious code attacks towards real-

world infrastructure—overshadowing the vast majority of current attacks affecting more virtual or individual

assets—or if it is a once- in-a-decade occurrence remains to be seen.

Stuxnet is of such great complexity—requiring significant resources to develop—that few attackers will be

capable of producing a similar threat, to such an extent that we would not expect masses of threats of similar in

sophistication to suddenly appear. However, Stuxnet has highlighted direct-attack attempts on critical infra-

structure are possible and not just theory or movie plotlines.

The real-world implications of Stuxnet are beyond any threat we have seen in the past. Despite the exciting

challenge in reverse engineering Stuxnet and understanding its purpose, Stuxnet is the type of threat we hope to

never see again.

I guess the next iteration of this sort of malware will take control of systems instead of destroying them. Imagine a foreign state having control of Pakistan's industrial infrastructure. They could render us helpless without firing a single bullet.

^imagine it in other way!

Its Impacts will be terribly fascinating!

Stuxnet-like virus hides in Microsoft Word files

[quote=", post:, topic:"]
Microsoft said Thursday it is working to fix a Windows software vulnerability that lets a Stuxnet-like Duqu virus sneak into computers by hiding in Word document files.

Duqu infections have been reported in a dozen countries including Iran, France, Britain and India, according to US computer security firm Symantec.

[/quote]