The latest worm attack Stuxnet has generated much discussion and speculation concerning the purpose, intent, origins, and - most importantly - the identity of the attacker and the target.
Kaspersky Lab has no evidence to identify the attackers or their target, but experts can confirm that this company is a very sophisticated attack and unique in the IT industry, prepared by a team of cyber criminals with extensive knowledge of SCADA technology. Kaspersky Lab believes that this type of attack can not be achieved without the support of state officials.
"I think we have reached a turning point because we face a new world, a new approach to cyber crime," said Eugene Kaspersky, CEO and co-founder of Kaspersky Lab. "Cyber criminals in the past were only now realize with fear as we approach an era of cyber terrorism, sophisticated weapons and cyber warfare," he completes.
In a speech at the event Kaspersky Security Symposium in front of journalists in Munich, Germany, E. Kaspersky Stuxnet compared with the opening of Pandora's Box.
"This malicious program was not designed to steal money, send spam or steal personal data, but to sabotage the production enterprise to destroy the industrial system. Note that this is the beginning of a new era. The '90s were marked by cyber vandalism, the 2000s decade meant cyber crime, and now we approach the cyber terrorism and wars, "Kaspersky added.
Kaspersky Lab researchers independently discovered that Stuxnet worm exploits vulnerabilities four zero-day "in Microsoft Windows. Two of these security breaches were reported directly to Microsoft, Kaspersky Lab experts collaborating extensively with the U.S. software maker to create and release security patches for your operating system.
Besides the exploitation of four vulnerabilities Stuxnet used two valid digital certificates, stolen from Realtek and JMicron, who helped cybercriminals to hide this malware in the system for a long time.
The worm tries to access and reprogram the industrial control systems, aiming systems SCADA (Supervisory Control and Data Acquisition) Siemens products, namely Simatic WinCC. They are used to monitor and manage infrastructure and production. Similar systems are widely used on oil rigs, power, communication range of platforms in airports, on ships and even the military.
Advanced knowledge of industrial control systems, sophisticated attack on several levels, the use of vulnerability "zero-day" and theft of digital certificates valid and have led experts to declare that Stuxnet Kaspersky Lab was created by a team of highly professional experience, who possess vast resources and financial support.
target attack and geographical location in which he appeared (initially Iran) suggests that it was not initiated by any group of cyber criminals. Additionally, Kaspersky Lab experts who analyzed the worm's claim that the main purpose was spying Stuxnet infected systems, but to initiate an act of sabotage. All these indications show that Stuxnet worm development was supported by officials of a State which has powerful and valuable information.
Kaspersky Lab believes that cyber weapons Stuxnet is a prototype, which will lead to the creation of new tools very dangerous attack. This time, the world is facing a cyber arms race.
0 comments
Post a Comment