Stuxnet kicks off new arms race
Is a computer virus used to attack Siemens industrial power systems the work of state-sponsored hackers?
The Stuxnet computer virus has not delayed the Iranian Bushehr nuclear power plant from starting up, though some Windows based PCs at the site were infected, Iranian government officials said yesterday, just as Microsoft CEO Steve Ballmer called for concerted international action to stop new malware hurting economic development.
The Stuxnet computer virus targets only Siemens made Simatic PLC supervisory IT systems, which are used to control oil pipelines, electric utilities, nuclear facilities and other large industrial sites.
Both the Iranian government and some security software companies have suggested that the worm may have been deliberately conceived by an unknown government in a bid to create a new cyber-weapon.
“Stuxnet is a working and fearsome prototype of a cyber-weapon that will lead to the creation of a new arms race in the world,” Russian security firm Kaspersky Labs said in a statement.
Security software vendor Symantec estimates that 60 per cent of all computer systems worldwide infected by Stuxnet are based in Iran, though computers in Germany, Indonesia, India and the US have also been targeted.
Stuxnet is unusually sophisticated, but is spread using USB memory sticks plugged into target PCs. It remains undetected until it identifies the presence of the Siemens software, then inserts a programming routine into the application’s code that gives the hacker control of the system without the operator knowing.
“It is like nothing we have seen before, and is the first computer virus able to wreak havoc in the physical world .. and to target industrial control systems,” said a Symantec spokesperson.