An alarming characteristic of Stuxnet is its ability to inject its own code in what are known as programmable logic controllers (PLCs).
"These PLCs are used to control various items in industrial projectors, such as controlling a motor speed, or it could change the power going to an industrial outlet, or raise or lower the pressure of gas, for example," Symantec security expert Patrick Fitzgerald told IT PRO.
"Depending on the installation infected with this, the consequences have the potential to be very serious."
Indeed, the implications of this are seriously concerning. What if hackers are able to gain control of a government system or a nuclear power plant?
As yet, it unsure what the attackers are planning to do with Stuxnet, Fitzgerald said. So it could be a case of wait and see.
Another concern is that even though the serious Stuxnet exploits have been countered by security efforts, the damage may have already been done.
"It seems to be under control now given its weak command and control mechanism, but it is possible that it achieved its purpose already," Wolfgang Kandek, chief technology officer at Qualys, told IT PRO.
The most sophisticated malware ever
The general consensus is that Stuxnet is the most sophisticated piece of malware that has ever been created.
"Stuxnet is an impressive example of the competence of the malware authors," Kandek said.
"The latest variant contained four zero-day vulnerabilities and we believe that this is an indication of the level of focus that the attackers put into the malware,"
Liam O Murchu, manager of operations with Symantec's security response team, said in a blog that a threat using four zero-day vulnerabilities is "extraordinary" and shows incredible thought and planning on behalf of the Stuxnet creators.
"It is the first threat we have encountered that contains this many surprises in a single package. Before we detected this new vulnerability, it would have been worth a fortune to hackers," noted Alexander Gostev, chief security expert at Kaspersky Lab.
"It has to be said, the malware writers have demonstrated quite remarkable programming skills."
In perhaps another industry first, Stuxnet has managed to gain widespread admiration and at the same time inspire pervasive concern.
Political motivations
Stuxnet may also be a state-sponsored effort something that has been suggested by security professionals themselves.
In an analysis of the countries Stuxnet had been attacking back in July, Microsoft found the most targeted country was Iran, with Indonesia in second. The number of infection attempts in those countries was far ahead of other nations, raising questions as to why Stuxnet was being directed at them more than others.
Having spoken to a number of researchers, the feeling is that given the skill and time it would have taken to create Stuxnet, it also would have needed significant financial backing.
With these facts in mind it is possible, perhaps even likely, that Stuxnet is a state-sponsored worm, as some researchers have said.
Of course, there is no clear evidence of political motivation at the current time.
-
The threat prevention buyer's guideWhitepaper Find the best advanced and file-based threat protection solution for you
-
Supply chain as kill chainWhitepaper Security in the era Zero Trust
-
Microsoft under fire for “negligent” security practices in scathing critique by industry execNews Microsoft took more than 90 days to issue a partial fix for a critical Azure vulnerability, researchers found
-
Apple patches zero day linked to spyware campaignNews Kaspersky researchers were the first to report a zero day used in a sophisticated attack chain
-
MOVEit cyber attack: Cl0p sparks speculation that it’s lost control of hackNews The hackers return with their second major data-extortion attack of 2023, but may have bitten off more than they can chew
-
Microsoft says it knows who was behind cyber attacks on MOVEit TransferDozens of organizations may have already lost data to hackers exploiting the critical flaw
-
Trend Micro security predictions for 2023Whitepaper Prioritise cyber security strategies on capabilities rather than costs
-
Windows, macOS, and Tesla exploits debuted at Pwn2Own hacking contestNews Researchers took home more than $375,000 in winnings on the first day of the competition
