Nuclear warheads could be next Stuxnet target: Check Point
- 09 September, 2011 12:36
Due to the complexity and sophistication of the code contained within the Stuxnet worm, the possibility of it being used to take control of a nuclear warhead is high, according to a security expert.
At Check Point’s Sydney conference this week, Check Point Israel security evangelist, Tomer Teller, said he analysed the code of the Stuxnet worm, which was used to take control of a nuclear facility in Iran in June, 2009.
“This is a huge file, it’s 1 megabyte [MB] of code and I respect the skill required to engineer that code as it is very complex,” he said.
Teller confirmed the code in Stuxnet could be modified to launch new SCADA attacks. “Nuclear warheads are controlled by computers so if someone managed to slip a worm inside a facility that will reach the warhead component, they could launch it and than aim it back at the country’s facility,” he said.
“Stuxnet is the first cyber weapon that could cause major disruption."
While Teller is uncertain which country was behind the Iranian nuclear facility attack, he said a USB stick was the most likely method used to carry the worm inside the facility.
However, Teller also mentioned a rogue employee may have helped compromise the facility's internal security defences first to help the rapid spread of Stuxnet.
He explained that in order to insert certificates embedded with Stuxnet into a Windows 64-bit system, it had to be trusted by Microsoft.
“In order to get something trusted by Microsoft, you need to get those exploits signed,” Teller said.
“What we think happened is that an insider broke into JMicron, a chip manufacturing company based in Taiwan, as there is a computer at that office which is dedicated to signing these Microsoft drivers.”
According to Teller, Stuxnet is a blueprint for future SCADA attacks, and he is aware that people have downloaded and modified the worm.
"Stuxnet may have been deployed already but we don't know about it because some companies won't disclose breaches," he said.
Got a security tip-off? Contact Hamish Barwick at hamish_barwick at idg.com.au
Follow Hamish Barwick on Twitter: @HamishBarwick
Follow Computerworld Australia on Twitter: @ComputerworldAU
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
Five trends affecting legal CIOs
CIO Roundtable: The changing face of security
Bitcoin malware count soars as cryptocurrency value climbs
Bouncing Back From CIO Unemployment
Union slams latest fibre-to-premise trial in Tasmania
Pathways Leadership Development Program Overview 2014
Best Practices in Data Protection Monitoring
This whitepaper discusses best practice in data protection monitoring, with a focus on recoverability and visibility as significant drivers for success. Whether backing up a private cloud or several smaller environments, learn how a unified view is necessary for proactively reporting protection, compliance to auditors, and understanding overall data protection health, performance, and reliability.
APAC Digital Performance
With some of the highest levels of social media penetration, mobile device ownership, and Internet connectivity in the world, Asian markets are ripe for more innovative and adept interactive engagement. In this study, we look at how marketers in the region express high hopes for digital, but hare held back with limited budgets and a region-wide lack of talent and training. Click for more