Stuxnet Forms of Terrorism in Cyber World

Stuxnet worm attacks recently caused much speculation and discussion about the intent and purpose, origin, and most importantly the identity of the attacker and the target. So far no one has enough evidence to identify the attacker or target. However, a number of Internet security expert suggests Stuxnet is the only sophisticated malware attack that is supported by a large cost, highly skilled team of attackers, and a good knowledge of SCADA technology.

“I think this is a decisive moment, when we enter a world that is really new, because in the past there was only cyber criminals. I am worried now turn to cyber terrorism, cyber weapons and cyber warfare,” said Eugene Kaspersky, Co-founder and Chief Executive Officer of Kaspersky Lab in its press release. Kaspersky believes this type of attack can only be done with the support and endorsement of a country.

While talking in Kaspersky Security Symposium with the journalists in Munich, Germany, some time ago, Kaspersky likens Stuxnet like opening Pandora’s Box. “This malicious program is not designed to steal money, send spam, or retrieve personal data, do not, this type of malware is designed to sabotage the buildings, to damage the industrial system,” said Eugene Kaspersky.

“I’m afraid this is the beginning of a new world. In the 90’s was the decade of cyber-vandals, in the 2000s was the decade of cyber criminals. I am worried now is the era of cyber warfare and cyber terrorism,” said Kaspersky.

Researchers at Kaspersky Lab independently discovered that the worm exploits four separate zero-day vulnerabilities. Kaspersky analysts reported three of the new vulnerabilities directly to Microsoft and working with the vendor during the manufacture and launch of software fixes. In addition to exploiting the four zero-day vulnerabilities, Stuxnet also take advantage of two valid certificates (from Realtek and JMicron), which helps keep the malware remain under the radar for a long enough period of time.

Read more…