Kaspersky team reveals Stuxnet family of weapons

December 29, 2011 by Nancy Owano weblog

(PhysOrg.com) -- The Stuxnet cyber weapon that was designed to cripple control systems in Iran’s nuclear plant was just one of five weapons engineered in the same lab, and three have not been released yet. That is the word from Moscow based Kaspersky Lab. What’s more, according to Kaspersky’s director of global research, Costin Raiu, these Lego-like weapons work as modules, in that they are designed to fit together with each having different functions. They were developed on a single platform whose roots trace back at least to 2007; the creators have used the same software development environment ever since.

Raiu told Reuters about the findings on Wednesday based on the evidence that his team has gathered. He cited Stuxnet--the Iran-targeted weapon-- and a related Duqu--the data-scoffing Trojan targeting design documents that showed up this year in Europe-- as two of what might be a lethal assembly—three of the weapons have yet to be released.

Besides Kaspersky, other anti-virus leaders such as Symantec and Trend Micro incorporated technology into their products to protect systems against Stuxnet and Duqu; Raiu says that these viruses may be more sophisticated than previously known.

Kaspersky named the platform "Tilded" because many of the files in Duqu and have names beginning with the tilde symbol "~" and the letter "d." What Kaspersky recently discovered is that shared components search for at least three other unique registry keys, It is possible that at least three other pieces of malware have been built that use the same platform. It would be relatively easy for the developers of those highly sophisticated viruses to create other weapons.

Developers can build new cyber weapons by simply adding and removing modules, he told Reuters, "It's like a Lego set. You can assemble the components into anything: a robot or a house or a tank.”

The Kaspersky team cited 2007 because installed code by Duqu was compiled from a device running Windows on August 31, 2007. Kaspersky sources did not name a country responsible for the cyber weapons. When contacted by the press about Kaspersky’s findings, the Pentagon declined comment.

Kaspersky Lab is a vendor of security software. In 1999, Kaspersky Labs, says the company, was the first to introduce integrated antivirus software for workstations, file servers and application servers running on Linux/FreeBSD operating systems.

More information:
via Reuters

© 2011 PhysOrg.com

view popular send feedback to editors
4.5 /5 (15 votes)  

Filter


Move the slider to adjust rank threshold, so that you can hide some of the comments.


Display comments: newest first

Telekinetic
Dec 29, 2011

Rank: 4.6 / 5 (5)
Israel's high-tech capability was most likely responsible for Iran's centrifuge enrichment program going haywire. It was pretty amazing how it fooled those monitoring the centrifuges into believing everything was running smoothly as the machines were spinning themselves to bits at too high a speed.
pres68y
Dec 30, 2011

Rank: 1.7 / 5 (7)
"Stuxnet" type software certainly also worked good at Fukushima!
(teach those Japs not to offer uranium enrichment to Iran)
Burnerjack
Dec 30, 2011

Rank: 4.7 / 5 (3)
@ pres68y,
A software virus that can generate a tsunami? Now THAT is impressive!
GSwift7
Dec 30, 2011

Rank: 5 / 5 (2)
I once got a tour of a water treatment plant in Louisville KY. They showed me the control room. It was a room the size of a large living room with the walls completely covered with old fashioned analogue guages and light boards. In the center of the room was a table with a single PC that replaced all the old guages. The room had no staff. My guide explained that the computer sends a text alert to staff if it detects a problem, otherwise it runs itself for the most part. Kinda cool. The old guages were all still active, but not monitored. In an emergency they could still fall back on the legacy systems, but it would be nearly impossible to run the facility at peak performance with the old equipment, so it would be crippled at the very least, if the computer system were to go down. Attacks like Stuxnet must terify people who manage critical infrastructure. There's no way to install safeguards and contingency plans against every possible threat, rather have plans to allow rapid repairs.
nkalanaga
Dec 30, 2011

Rank: 5 / 5 (3)
There is a very simple safeguard against digital attacks: don't attach the system to the Internet or phone lines! If there's no way to send data or instructions to it from the outside world, the only way to attack it is with a physical presence. At that point a bomb or axe would do just as well.

Sending texts can still be secure, if they are sent through a one-way connection, so the system doesn't listen for incoming responses. If there is any way of contacting the system from the outside world it is not secure.
GSwift7
Jan 03, 2012

Rank: not rated yet
Well, in the case of the Water facility, it is connected to a vast network of monitoring sensors and electronic valves and pumps throughout the city. It routs water to the places it is needed and monitors water quality as well. It can detect a leak by noticing an unexpected loss of flow, for example. It would be impossible to isolate the control system from the outside. Electric grids, telephone, television, etc. are all vulnerable in this way. Off-site backup and storage is another area of vulnerability for most infrastructure today. Any system that handles financial transactions, for example, must have a continuous off-site backup facility, and that must allow two-way communication. There's an underground facility just outside of Kansas City Mo, in old limestone mines, that is used for this purpose. They have military style armed guards with assault rifles at the gate. Much of Holywood's original films are stored there as well. Cool huh?
Rank 4.5 /5 (15 votes)
more news
Related Stories
created Nov 13, 2011 comments 0

Iran says Duqu malware under 'control'

created Oct 19, 2011 comments 0

Symantec warns of new Stuxnet-like virus

created Oct 20, 2011 comments 0

Stuxnet-like virus points to new round of cyber war

created Nov 04, 2011 comments 0

Microsoft offering defenses against Duqu virus

Tags

cyber weapon, iran, stuxnet
Relevant PhysicsForums posts

More news stories

Browser wars flare in mobile space

The browser wars are heating up again, but this time the fight is for dominance of the mobile Internet.

Technology / Software

created 12 hours ago | popularity 5 / 5 (2) | comments 3

Probability of contamination from severe nuclear reactor accidents is higher than expected: study

Catastrophic nuclear accidents such as the core meltdowns in Chernobyl and Fukushima are more likely to happen than previously assumed. Based on the operating hours of all civil nuclear reactors and the number ...

Technology / Energy & Green Tech

created May 22, 2012 | popularity 3.6 / 5 (22) | comments 56 | with audio podcast

HyperSolar shows dirty water no barrier to power world

(Phys.org) -- The Santa Barbara, California, company, HyperSolar, is set to transparently share the ups and downs of its research experiences toward the company’s ultimate vision, successfully producing ...

Technology / Energy & Green Tech

created May 24, 2012 | popularity 4.8 / 5 (16) | comments 17 | with audio podcast report

SpotterRF debuts Radar Backpack Kit (w/ Video)

(Phys.org) -- SpotterRF has announced a special radar backpack kit designed to enhance situational awareness for soldiers on the ground. The company says its special radar is designed for warfighters as part ...

Technology / Hi Tech & Innovation

created May 26, 2012 | popularity 5 / 5 (5) | comments 13 | with audio podcast report

Tesla to launch electric sedan in US on June 22

Tesla Motors said Tuesday it would begin deliveries of "the world's first premium electric sedan" on June 22, slightly ahead of schedule.

Technology / Energy & Green Tech

created May 22, 2012 | popularity 4.5 / 5 (12) | comments 18


Nvidia trumpets Tegra 3 phone design wins for 2012

(Phys.org) -- Nvidia’s competitive war paint has a name, Tegra 3. On the heels of Nvidia announcements about lowering costs of its Tegra 3 processors and Nvidia-enabled tablets running Android Ice Cream ...

'Unzipped' carbon nanotubes could help energize fuel cells, batteries

Multi-walled carbon nanotubes riddled with defects and impurities on the outside could replace some of the expensive platinum catalysts used in fuel cells and metal-air batteries, according to scientists at ...

T cells 'hunt' parasites like animal predators seek prey, study shows

By pairing an intimate knowledge of immune-system function with a deep understanding of statistical physics, a cross-disciplinary team at the University of Pennsylvania has arrived at a surprising finding: T cells use a movement ...

Computer model used to pinpoint prime materials for efficient carbon capture

When power plants begin capturing their carbon emissions to reduce greenhouse gases – and to most in the electric power industry, it's a question of when, not if – it will be an expensive undertaking.

Change in developmental timing was crucial in the evolutionary shift from dinosaurs to birds: study

At first glance, it's hard to see how a common house sparrow and a Tyrannosaurus Rex might have anything in common. After all, one is a bird that weighs less than an ounce, and the other is a dinosaur that ...

Land and sea species differ in climate change response: study

(Phys.org) -- Marine and terrestrial species will likely differ in their responses to climate warming, new research by Simon Fraser University and Australia’s University of Tasmania has found.