Siemens: Stuxnet worm hit industrial systems

Siemens confirms that 14 plant systems have been infected; some of them could have been reprogrammed

By , IDG News Service |  Security

Stuxnet has infected systems in the U.K., North America and Korea, however the largest number of infections, by far, have been in Iran.

The first samples of the Stuxnet code date back to June of 2009, but security experts believe that it probably did not start infecting systems until earlier this year.

Defense contractors and companies with valuable intellectual property have been hit with targeted attacks for years now -- in January Google said it was the target of a sophisticated data-stealing effort known as operation Aurora. But Stuxnet marks the first time that someone has targeted the factory floor.

And if the worm were to be used to mess up systems at a chemical or power plant, the results could be devastating.

"We've definitely never seen anything like this before," O'Murchu said. "The fact that it can control the way physical machines work is quite disturbing."

It's unlikely that Stuxnet could take over new systems at this point, however. Symantec gained control of the domain used to send commands to infected machines shortly after Stuxnet was discovered, meaning that the hackers behind it no longer have a way to send new commands to infected systems.

Nobody knows who's behind Stuxnet, but recently Kaspersky Lab researcher Roel Schouwenberg said that it was most likely a nation state.

Symantec's O'Murchu agrees that the worm was done by particularly sophisticated attackers. "This is definitely not your typical operation," he said.

Robert McMillan covers computer security and general technology breaking news for The IDG News Service. Follow Robert on Twitter at @bobmcmillan. Robert's e-mail address is robert_mcmillan@idg.com

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question