Just a quick note.
The Stuxnet is a Worm that is designed to maliciously affect industrial installation based on Siemens SCADA environment.
It simply reprogrammed them into a destructive pattern, these are physical industrial machines after all. It also gathered information on how the systems were being used and reported this “back to base“.
However, the targeting appears to be even more specific than that, reportedly directed specifically at the Iran Nuclear Programme. More accurately, the requirement for specific physical equipment (known to be used by that programme) to be attached to a SCADA system.
Obviously gaining access to these system should not be trivial so the redistribution mechanism of the malware is actually far more generic, requiring nothing more than an unpatched Windows System. It seems to spread easiest on USB drives.
Spread of the virus is worldwide therefore but harmless if the system does not match the programers “target”.
The level of conspiracy theories around the origin of the malware is astonishing. It cannot be denied that this is the most complex virus ever seen, using multiple undetected vulnerabilities, written in multiple languages and so highly targeted.
The majority of speculation revolves around nation-state involvement, even direct involvement by Siemens, it is thought that such a complex program could take over 10,000 man-hours to write and perfect.
Two Podcasts are covering this topic this week so I highly recommend a listen to what they have to say on Security Now! and How Stuff Works.
The Wikipedia page is one of rue best constructed on such am issue and has many references that are worth reading up.
A simple search on Google or Bing will bring up many excellent article. Look for the Security Blogs.
Security Now! 17/02/2011
How Stuff Works 17/02/2011
Wilipedia (Stuxnet) 11/03/2011
– Posted using BlogPress from my iPhone