No apparent Stuxnet impact in US: cyber official

Dec 07, 2010
Iranian President Mahmoud Ahmadinejad visiting the Natanz uranium enrichment facilities some 300 kms south of the capital Tehran. Most Stuxnet infections have been discovered in Iran, giving rise to speculation it was intended to sabotage nuclear facilities there.

Computer software targeted by Stuxnet is used in US infrastructure but the virus does not appear to have affected any systems in the United States, a US cybersecurity official said Tuesday.

Greg Schaffer, assistant secretary for cybersecurity and communications in the (DHS), told reporters here that demonstrates the increasingly sophisticated nature of cyber threats today.

"It was a very tiered, very complex, very sophisticated virus," Schaffer told the Defense Writers Group.

"It was looking for specific kinds of and very special implementations within that software," he said.

Stuxnet targets computer control systems made by German industrial giant Siemens and commonly used to manage , oil rigs, and other critical infrastructure.

Most Stuxnet infections have been discovered in Iran, giving rise to speculation it was intended to sabotage nuclear facilities there.

Computer Symantec said last month that Stuxnet may have been specifically designed to disrupt the motors that power gas centrifuges used to enrich uranium.

Schaffer said Stuxnet "focused on specific software implementations and those software implementations did exist in some US infrastructure so there was the potential for some US infrastructure to be impacted at some level."

"There was some risk because those software packages exist within the US ecosystem, but it's not clear that there's any particular process that is in the United States that would have triggered the software," he said.

Schaffer said US experts "made a lot of information available to the community of interest with respect to what the code was really designed to do, which systems it was designed to attack and how it actually worked."

He added cyber threats today are becoming "more sophisticated, more targeted, more capable, harder to detect, harder to mitigate."

"This is no longer a world in which malicious defacements of Web pages are what we are focused on," he said. "We are worried about the migration towards things of value, intrusions that are very targeted and very specific."

"I cannot rule out the potential vulnerability of any system that is connnected to the network today," he said.

"It is widely recognized that the cyber ecosystem that we have today favors the offense and not the defense," he said.

Schaffer declined to discuss the release of secret US diplomatic cables by WikiLeaks. "I really have no comment on the WikiLeaks problem," he said. "DHS has as its focus the protection of our networks."

Explore further: Startups offer banking for smartphone users

add to favorites email to friend print save as pdf

Related Stories

World's first 'cyber superweapon' attacks China

Sep 30, 2010

A computer virus dubbed the world's "first cyber superweapon" by experts and which may have been designed to attack Iran's nuclear facilities has found a new target -- China.

Stuxnet virus could target many industries

Nov 17, 2010

(AP) -- A malicious computer attack that appears to target Iran's nuclear plants can be modified to wreak havoc on industrial control systems around the world, and represents the most dire cyberthreat known to industry, ...

Recommended for you

Startups offer banking for smartphone users

19 hours ago

The latest banks are small enough to fit in the palm of your hand. Startups, such as Moven and Simple, offer banking that's designed specifically for smartphones, enabling users to track their spending on the go. Some things ...

'SwaziLeaks' looks to shake up jet-setting monarchy

Aug 29, 2014

As WikiLeaks founder Julian Assange prepares to end a two-year forced stay at Ecuador's London embassy, he may take comfort in knowing he inspired resistance to secrecy in places as far away as Swaziland.

Ecuador heralds digital currency plans (Update)

Aug 29, 2014

Ecuador is planning to create what it calls the world's first digital currency issued by a central bank, which some analysts believe could be a first step toward abandoning the country's existing currency, ...

WEF unveils 'crowdsourcing' push on how to run the Web

Aug 28, 2014

The World Economic Forum unveiled a project on Thursday aimed at connecting governments, businesses, academia, technicians and civil society worldwide to brainstorm the best ways to govern the Internet.

User comments : 1

Adjust slider to filter visible comments by rank

Display comments: newest first

Husky
not rated yet Dec 07, 2010
so, one could reasonably assume that whoever developed stuxnet did not want to shoot in own or allied foot?