Client Login
Username:
Password:
 Quick Contact
Name:
Phone:
Email:
Stuxnet malware endangers multiple industries
Category : General 26 Nov 2010 01:57 AM | Industry News
Computer security firm Symantec said last week that Stuxnet may have been specifically designed to disrupt the motors that power gas centrifuges used to enrich uranium.
Cyber security experts from the SANS Institute have observed that the current round of high profile cyber attacks, such Stuxnet and Aurora, are not just isolated incidents.
Experts said the Stuxnet code is designed to push the frequencies of a uranium converter to above 1400Hz, then drop it to about 2Hz, and raise it back up to sit on 1000 Hz. This effectively prevents or at least depletes uranium production.
Dr. Cole says that, in addition to the obvious damage these attacks can have, company executives are often concerned for their reputations.
In response, he adds, companies tend to keep quiet about breaches, and this reticence to come forward makes the scale of the problem difficult to judge.
Stephen Sims, an information security researcher, and one of only a handful of individuals who hold the GIAC Security Expert (GSE) Certification, says that he has spoken with many people on the fringes of the security scene.
Sims also points to companies, some quite reputable, that will pay for exploits ranging from a few thousand to over a hundred thousand dollars for zero days with remote code execution capability.
"This happens and it is not make believe", he said. "Major operating system patches and updates are like triggers for people looking for exploits and the financial reward means an almost unlimited supply of new threats will continue to emerge."
Dr. Cole highlights a lack of mandated global requirements for maintaining good security practices.
To maintain IT security, there is no mandated requirement. It's an odd situation that needs to change", he added.