Stuxnet – a new age in cyber warfare says Eugene Kaspersky

According to Eugene Kaspersky, the veteran CEO of the Russian-headquartered IT security vendor, Stuxnet is backed by a well-funded, highly skilled attack team with intimate knowledge of SCADA technology.

And, he says, his research team believe this type of attack could only be conducted with nation-state support and backing.

"I think that this is the turning point, this is the time when we got to a really new world, because in the past there were just cybercriminals, now I am afraid it is the time of cyberterrorism, cyberweapons and cyberwars", he said.

Speaking at the Kaspersky security symposium in Munich late last week, the founder of Kaspersky Labs said that Stuxnet represents the opening of a Pandora's Box.

"This malicious program was not designed to steal money, send spam or grab personal data. This piece of malware was designed to sabotage plants, to damage industrial systems", he explained.

"I am afraid this is the beginning of a new world. Twenty years ago we were faced with cybervandals, ten years ago we were faced with cybercriminals, I am afraid now it is a new era of cyberwars and cyberterrorism."

Researchers at Kaspersky Lab say they have independently discovered that the worm exploited four separate zero-day vulnerabilities.

"Our analysts reported three of these new vulnerabilities directly to Microsoft and co-ordinated closely with the vendor during the creation and release of software fixes", the Kaspersky Lab founder told his audience.

In addition to exploiting four zero-day vulnerabilities, Kaspersky claims that Stuxnet also used two valid certificates (from Realtek and JMicron), which has helped to keep the malware under the radar for quite a long period of time.

The worm's ultimate aim, he said, was to access Simatic WinCC SCADA, used as industrial control systems that monitor and control industrial, infrastructure, or facility-based processes.

Eugene Kaspersky's comments were backed up by David Jacoby, his senior security researcher, who told his audience that no operating system is now safe from hackers, even if "some believe certain systems are better equipped to fend off attacks than others".

Reporting on the symposium for ITPro, writer Tom Brewster quoted Jacoby as saying that the reality is that all systems have their flaws which hackers will attempt to exploit and – despite some people's belief Linux and Mac users are safer – all are vulnerable."

"It doesn't really matter what you use", he said, noting that there is no such thing as a secure operating system.

As a result of this, Jacoby argued that firms need to have the total package to protect their systems, from the right technology and anti-virus to local hardening and stronger resource segmentation to prevent spreading infections.

What’s hot on Infosecurity Magazine?