Stuxnet: The most serious threat yet?
The Stuxnet worm has been causing alarm bells to ring in the security industry but what is it and how serious a threat does it pose?


An alarming characteristic of Stuxnet is its ability to inject its own code in what are known as programmable logic controllers (PLCs).
"These PLCs are used to control various items in industrial projectors, such as controlling a motor speed, or it could change the power going to an industrial outlet, or raise or lower the pressure of gas, for example," Symantec security expert Patrick Fitzgerald told IT PRO.
"Depending on the installation infected with this, the consequences have the potential to be very serious."
Indeed, the implications of this are seriously concerning. What if hackers are able to gain control of a government system or a nuclear power plant?
As yet, it unsure what the attackers are planning to do with Stuxnet, Fitzgerald said. So it could be a case of wait and see.
Another concern is that even though the serious Stuxnet exploits have been countered by security efforts, the damage may have already been done.
"It seems to be under control now given its weak command and control mechanism, but it is possible that it achieved its purpose already," Wolfgang Kandek, chief technology officer at Qualys, told IT PRO.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
The most sophisticated malware ever
The general consensus is that Stuxnet is the most sophisticated piece of malware that has ever been created.
"Stuxnet is an impressive example of the competence of the malware authors," Kandek said.
"The latest variant contained four zero-day vulnerabilities and we believe that this is an indication of the level of focus that the attackers put into the malware,"
Liam O Murchu, manager of operations with Symantec's security response team, said in a blog that a threat using four zero-day vulnerabilities is "extraordinary" and shows incredible thought and planning on behalf of the Stuxnet creators.
"It is the first threat we have encountered that contains this many surprises in a single package. Before we detected this new vulnerability, it would have been worth a fortune to hackers," noted Alexander Gostev, chief security expert at Kaspersky Lab.
"It has to be said, the malware writers have demonstrated quite remarkable programming skills."
In perhaps another industry first, Stuxnet has managed to gain widespread admiration and at the same time inspire pervasive concern.
Political motivations
Stuxnet may also be a state-sponsored effort something that has been suggested by security professionals themselves.
In an analysis of the countries Stuxnet had been attacking back in July, Microsoft found the most targeted country was Iran, with Indonesia in second. The number of infection attempts in those countries was far ahead of other nations, raising questions as to why Stuxnet was being directed at them more than others.
Having spoken to a number of researchers, the feeling is that given the skill and time it would have taken to create Stuxnet, it also would have needed significant financial backing.
With these facts in mind it is possible, perhaps even likely, that Stuxnet is a state-sponsored worm, as some researchers have said.
Of course, there is no clear evidence of political motivation at the current time.
Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.
He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.
-
The threat prevention buyer's guide
Whitepaper Find the best advanced and file-based threat protection solution for you
By ITPro
-
Supply chain as kill chain
Whitepaper Security in the era Zero Trust
By ITPro
-
Microsoft under fire for “negligent” security practices in scathing critique by industry exec
News Microsoft took more than 90 days to issue a partial fix for a critical Azure vulnerability, researchers found
By Ross Kelly
-
Apple patches zero day linked to spyware campaign
News Kaspersky researchers were the first to report a zero day used in a sophisticated attack chain
By Rory Bathgate
-
MOVEit cyber attack: Cl0p sparks speculation that it’s lost control of hack
News The hackers return with their second major data-extortion attack of 2023, but may have bitten off more than they can chew
By Connor Jones
-
Microsoft says it knows who was behind cyber attacks on MOVEit Transfer
Dozens of organizations may have already lost data to hackers exploiting the critical flaw
By Rory Bathgate
-
Trend Micro security predictions for 2023
Whitepaper Prioritise cyber security strategies on capabilities rather than costs
By ITPro
-
Windows, macOS, and Tesla exploits debuted at Pwn2Own hacking contest
News Researchers took home more than $375,000 in winnings on the first day of the competition
By Ross Kelly