Cyber weapon Stuxnet hits China

The attacks have infected more than six million individual accounts and nearly 1000 corporate accounts around the country, the official Xinhua news agency reported.

But the China Information Technology Security Evaluation Centre downplayed the malware threat, saying Stuxnet had not caused any severe damage.

A representative said computer users should be aware of Stuxnet, but there was no need to worry, according to the China Post.

Stuxnet's origin and purpose is not fully understood, but experts have raised concerns that the worm appears to be designed to attack systems running critical infrastructure.

This means that in theory attackers could break into computers that control critical systems like nuclear power stations, water supply systems and electrical power grids.

Security researchers have reported finding Stuxnet on Siemens control systems in India, Indonesia, Pakistan and particularly those in nuclear power stations in Iran.

The malware exploits four now patched zero-day vulnerabilities in software from Microsoft and used two valid security certificates to avoid detection.

Security experts say the Stuxnet worm, which appeared more than a year ago, is one of the most sophisticated pieces of malware seen to date.

Researchers have described Stuxnet as a one-of-a-kind, sophisticated malware backed by a well-funded, highly skilled team, leading to speculation it is backed by a country.

According to Mikko Hypponen, chief research officer of security software specialist F-Secure, Israel is the most likely source of Stuxnet, although he lists Egypt, Saudi Arabia and the US as possible creators.

This story was first published by Computer Weekly

What’s hot on Infosecurity Magazine?