Top 5 Stories


DHS chief says industry needs to improve response to cyber threats like Stuxnet

27 April 2011

The private sector needs to develop a rapid response capability for cyber threats, such as the Stuxnet worm, warned Homeland Security Secretary Janet Napolitano.

Speaking to graduating students at the University of California at Berkeley, Napolitano was quoted by IDG News Service as saying: “The key thing we learned from Stuxnet was the need for rapid response across the private sector. There, we need to increase the rapidity of response, because in that area – as in several other recent attacks – we've seen very, very sophisticated, very, very novel ways of attacking. When you're getting at control systems, now you're really talking [about] taking things over, so this is an area of deep concern for us."

Napolitano stressed the shared responsibility that government and private industry have in combating cyber threats. “This shared responsibility approach is particularly important when it comes to safeguarding cyberspace, and the many elements of our lives that depend on cyber networks…if the security of our cyber networks is compromised, modern life – our economies, our health care systems, and our transportation networks – effectively grinds to a complete halt”, she said in prepared remarks.

While DHS and the private sector are struggling to improve responses to cyber threats such as Stuxnet, Iran admitted that its nuclear facilities have come under attack by another worm called Stars, according to a report by the Mehr News Agency.

“Certain characteristics about the Stars worm have been identified, including that it is compatible with the (targeted) system and that the damage is very slight in the initial stage, and it is likely to be mistaken for executable files of the government”, said Reza Jalali, director of Iran’s Passive Defense Organization. Jalali provided no additional details about the attack.

According to security experts consulted by InformationWeek, Jalali's description of the worm makes it sound as if the attack employs malicious Word, Excel, or PDF files, similar to a recent series of targeted attacks that have exploited a vulnerability in Flash.

This article is featured in:
Internet and Network Security  •  Malware and Hardware Security  •  Public Sector


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×