IEEE Computer Society Newsfeed

Subscribe RSS

« Back

Security Researcher: First Stuxnet Version Was More Dangerous

A newly released analysis of the Stuxnet worm—which has been called the first cyberweapon—contends it has a forgotten sibling. Like the more famous Stuxnet version, the older, more complex malware was also built to disrupt the functioning of Iran’s uranium enrichment facility, said control-system security expert Ralph Langner, head of independent cyberdefense consultancy the Langner Group. It was designed to infect a controller to increase the operating pressure in the facility’s gas centrifuges to damaging levels that would ultimately erode the centrifuges. Langner said the malware “is about an order of magnitude more complex and stealthy [than the subsequent Stuxnet version]. It qualifies as a nightmare for those who understand industrial control system security. And strangely, this more sophisticated attack came first. The simpler, more familiar [version] followed years later.” He contends there was a “change in stakeholders” as Stuxnet was being developed. All indications point to the US National Security Agency as Stuxnet’s creator, Langner said. (SlashDot)(Help Net Security)(Foreign Policy)(“To Kill a Centrifuge: A Technical Analysis of What Stuxnet’s Creators Tried to Achieve,” Ralph Langner, The Langner Group, November 2013.”)

Trackback URL: