Skip to: Content
Skip to: Site Navigation
Skip to: Search


Stuxnet cyberweapon looks to be one on a production line, researchers say

Evidence is rising that Stuxnet, a cyberweapon that attacked Iran's nuclear facilities in 2009, is part of a supersophisticated manufacturing process for malicious software, two antivirus companies tell the Monitor.

(Page 3 of 3)



"There were a number of projects involving programs based on the “Tilded” platform throughout the period 2007-2011," Kaspersky's report concludes. "Stuxnet and Duqu are two of them – there could have been others, which for now remain unknown. The platform continues to develop, which can only mean one thing – we’re likely to see more modifications in the future."

Skip to next paragraph

Some experts agree that Duqu and Stuxnet share code, but strongly disagree on what that implies. It could mean that different entities, working toward their own ends, used the same "kit." Despite the common code, "many other dimensions of the separate attacks indicate no common authorship or attribution," writes Don Jackson, a senior security researcher with the Dell SecureWorks Counter Threat Unit research team, in an e-mail. Still others say the Kaspersky findings are telling.

"It makes tremendous sense," says Ed Skoudis, cofounder of Inguardians, a cybersecurity firm based in Washington, D.C. "Look at the effort needed to produce Stuxnet. You wouldn't want to do it in a way that was one-off. You would want to produce a process that could reuse the parts, not shoot your entire cache of weapons in one attack."

He likens it to the US system for building atom bombs after World War II.

"When the US built the atom bomb. it wasn't just the one. We had an infrastructure and platform for building additional weapons," Mr. Skoudis says. "Whoever built Stuxnet got a lot of money and a lot of smart people working on it. It just makes sense that creating these kinds of weapons be repeatable –and that some set of fingerprints are left behind that shows that."

But what neither he nor any expert interviewed for this article believes is that identifying the software platform used to build Stuxnet and Duqu will lead to the identity of whomever built those weapons.

"I don't think it will help much," he says. "But this finding does indicate that we'll see more of these kinds of weapons when a definite military objective that suits whoever created these things appears. We now know there is a production facility for these types of things – and that it is operational and releasing things. I'm sure we'll see more."

RECOMMENDED: Correspondent reflections: The 10 news events that shaped 2011 

Get daily or weekly updates from CSMonitor.com delivered to your inbox. Sign up today.

Permissions

Read Comments

View reader comments | Comment on this story

  • Weekly review of global news and ideas
  • Balanced, insightful and trustworthy
  • Subscribe in print or digital

Special Offer

 

Doing Good

 

What happens when ordinary people decide to pay it forward? Extraordinary change...

Endeavor Global, cofounded by Linda Rottenberg (here at the nonprofit’s headquarters in New York), helps entrepreneurs in emerging markets.

Linda Rottenberg helps people pursue dreams – and create thousands of jobs

She's chief executive of Endeavor Global, a nonprofit group that gives a leg up to budding entrepreneurs.

 
 
Become a fan! Follow us! Google+ YouTube See our feeds!