March 28, 2011, 3:52 PM — In the wake of attacks on U.S. security firms, a different U.S. security firm is warning that the U.S. (probably not other security firms) is at risk from cheap knockoffs of the now-available Stuxnet source code.
Other researchers call Stuxnet clunky, inelegant, difficult to install, easy to detect and probably not that easy to target. Immediately before the successful two-year attack on Iran's nuclear facility was discovered, that probably would have been a great comfort to Iran.
Still, Western of industrial-control SCADA software of the kind Stuxnet attacked contain dozens of flaws that could be exploited by either Stuxnet or one of the variants of it Kaspersky Labs predicts may begin propagating soon. Many of the SCADA flaws, by the way, were discovered through continuing research on Stuxnet.
Stuxnet-like attacks could cross the "air gap" that was the ultimate security system-isolation technique for computers before the days of wireless computing, and change the whole approach government and military authorities use to evaluate risk, according to security experts writing for Government Computer News.
Others discount some of the effect of Stuxnet as exaggeration and wonder if Iran is using the poor-little-me approach to fool the West into thinking it is weaker online than it actually is. (On a similar topic in a previous blog I referred to Hanlon's Razor, which applies in this case through its implication that you should never go too far out of your way to think your enemy is only faking stupidity. )
There's a growing consensus among malware experts that there were some major weaknesses in Stuxnet itself, though.