Nuclear warheads could be next Stuxnet target: Check Point
- 09 September, 2011 12:36
Due to the complexity and sophistication of the code contained within the Stuxnet worm, the possibility of it being used to take control of a nuclear warhead is high, according to a security expert.
At Check Point’s Sydney conference this week, Check Point Israel security evangelist, Tomer Teller, said he analysed the code of the Stuxnet worm, which was used to take control of a nuclear facility in Iran in June, 2009.
“This is a huge file, it’s 1 megabyte [MB] of code and I respect the skill required to engineer that code as it is very complex,” he said.
Teller confirmed the code in Stuxnet could be modified to launch new SCADA attacks. “Nuclear warheads are controlled by computers so if someone managed to slip a worm inside a facility that will reach the warhead component, they could launch it and than aim it back at the country’s facility,” he said.
“Stuxnet is the first cyber weapon that could cause major disruption."
While Teller is uncertain which country was behind the Iranian nuclear facility attack, he said a USB stick was the most likely method used to carry the worm inside the facility.
However, Teller also mentioned a rogue employee may have helped compromise the facility's internal security defences first to help the rapid spread of Stuxnet.
He explained that in order to insert certificates embedded with Stuxnet into a Windows 64-bit system, it had to be trusted by Microsoft.
“In order to get something trusted by Microsoft, you need to get those exploits signed,” Teller said.
“What we think happened is that an insider broke into JMicron, a chip manufacturing company based in Taiwan, as there is a computer at that office which is dedicated to signing these Microsoft drivers.”
According to Teller, Stuxnet is a blueprint for future SCADA attacks, and he is aware that people have downloaded and modified the worm.
"Stuxnet may have been deployed already but we don't know about it because some companies won't disclose breaches," he said.
Got a security tip-off? Contact Hamish Barwick at hamish_barwick at idg.com.au
Follow Hamish Barwick on Twitter: @HamishBarwick
Follow Computerworld Australia on Twitter: @ComputerworldAU
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
- New Demands for Real-time Threat Management
- Top Words Used in Spear Phishing Attacks to Successfully Compromise Enterprise Networks and Steal Data
- Guiding the Cloud Application Decision with the IBM Cloud Transformation Advisor
- Getting a Better Grip on Mobile Devices
- Bring ‘em on!‖ – The Consumerisation of Enterprise Mobility
Why change management doesn’t work
Larry Page wants to see your medical records
Dual-Persona Smartphones Not a BYOD Panacea
After two-year hiatus, EFF accepts bitcoin donations again
CIOs struggle to deliver timely mobile business apps: survey
Benefits of Deploying Microsoft Exchange Server 2010 on Dell Compellent with Data Progression
Messaging and collaboration platforms have emerged as mission critical applications, consuming a large portion of IT spending for organisations. The rich features in these applications have significantly changed the messaging requirements and needs of today’s information from anywhere with any device, the result is an ever increasing demand on storage systems both in terms of capacity and bandwidth. Many organisations are rethinking their storage strategies to meet the demanding criteria and to handle the future requirements. Read more.
Bring Your Own Device FAQs
This report covers the frequently asked questions associated with the implications of BYOD devices in the workplace. Any solution in this space needs to be built on simplicity, scalability and security. Click to find out how to address the IT security challenges.
Advanced Targeted Attacks
The new threat landscape has changed. Cybercriminals are aggressively pursuing valuable data assets, such as financial transaction information, product design blueprints, user credentials to sensitive systems, and other intellectual property. Simply put, the cyber offense has outpaced the defensive technologies used by most companies today. Find out more on how to protect against the next generation of cyber-attacks.