Speaking to graduating students at the University of California at Berkeley, Napolitano was quoted by IDG News Service as saying: “The key thing we learned from Stuxnet was the need for rapid response across the private sector. There, we need to increase the rapidity of response, because in that area – as in several other recent attacks – we've seen very, very sophisticated, very, very novel ways of attacking. When you're getting at control systems, now you're really talking [about] taking things over, so this is an area of deep concern for us."
Napolitano stressed the shared responsibility that government and private industry have in combating cyber threats. “This shared responsibility approach is particularly important when it comes to safeguarding cyberspace, and the many elements of our lives that depend on cyber networks…if the security of our cyber networks is compromised, modern life – our economies, our health care systems, and our transportation networks – effectively grinds to a complete halt”, she said in prepared remarks.
While DHS and the private sector are struggling to improve responses to cyber threats such as Stuxnet, Iran admitted that its nuclear facilities have come under attack by another worm called Stars, according to a report by the Mehr News Agency.
“Certain characteristics about the Stars worm have been identified, including that it is compatible with the (targeted) system and that the damage is very slight in the initial stage, and it is likely to be mistaken for executable files of the government”, said Reza Jalali, director of Iran’s Passive Defense Organization. Jalali provided no additional details about the attack.
According to security experts consulted by InformationWeek, Jalali's description of the worm makes it sound as if the attack employs malicious Word, Excel, or PDF files, similar to a recent series of targeted attacks that have exploited a vulnerability in Flash.