Stuxnet is no stranger to folks interested in computer security, more specifically smart grid security. Long story short: this nasty little piece of malware is very targeted, affecting a suite of software called Siemens Simatic WinCC that manages control systems in industrial facilities and critical infrastructure like power plants.
It’s flown under the radar, by and large, but now it’s grabbing headlines beyond IT circles because of the worm’s presence in Iranian nuclear power sites. And it’s a good thing. Why? Because an effective smart grid is a secure one. And if the history of online threats is any guide, you can bet Stuxnet is only the start of a wave of malicious code that worms its way into connected energy systems. That’s why attention to this topic, particularly in these early days of smart energy tech deployments, is critical to designing systems that don’t crumble under the whims of a hacker.
Here’s a sampling of Stuxnet articles in major media outlets:
It is also raising fear of dangerous proliferation. Stuxnet has laid bare significant vulnerabilities in industrial control systems. The program is being examined for clues not only by the world’s computer security companies, but also by intelligence agencies and countless hackers.
Virus hits Iran nuclear programme – Financial Times
…But Iran’s state-run Mehr news agency reported that the IP addresses of 30,000 computer systems infected by the worm had also been detected.
‘Virus targeted Iranian assets’ – BBC News
Initial research by Symantec showed that nearly 60% of all infections were in Iran. That figure still stands, said Mr O’Murchu, although India and Indonesia have also seen relatively high infection rates.
We may never know for sure whether the Stuxnet computer worm was really a state cyber strike on Iran’s nuclear facilities, but hard-to-trace computer attacks look set to be a feature of 21st-century warfare.
Image Credit: coolmikeol – Flickr – CC