Categories: SecurityWorkspace

Weaponised Malware Poses New Security Threat

The headlines seemed all too familiar – “New malware attack”.  How many times have we seen this before?  Digital security threats have become commonplace in our interconnected and IT-dependent world. Something was different with this news, however.

The attack occurred at an Iranian nuclear facility.  Okay so now I am hooked.  What was going on?  What is the so-called Stuxnet virus?  Where did it come from, who was behind it, how did it work, when will it show up on other systems, and what can be done to defend against this form of attack in the future?

This was no ordinary attack. As researchers later discovered, the attack utilised four different Zero Day exploits on Windows platforms.  In addition to the Zero Day attacks, the payload included a stolen digital certificate that was issued by Verisign.  The virus was self-propagating and spread to numerous machines, and was to locate and operate a valve or control module that was a critical part of the nuclear facility’s infrastructure, with the intent of disabling or damaging the facility. In other words: to act as a weapon.

Malware as a weapon

The traditional, malicious approach to damaging the facility would have been a conventional weapon (i.e. a bomb). The astonishing difference is that this malware, the Stuxnet virus, was attempting to do mechanical damage to the facility without supplying the destructive mechanical force on its own.  The virus was designed specifically to accomplish the work of a weapon and has therefore earned the dubious classification as Weaponised Malware.

The Stuxnet malware is estimated to have taken ten man-years to develop, and has an extremely sophisticated code base. The tools used, the timestamps on the binaries and the number of modules all suggest multiple development teams working in tandem. The origin of the malware is unverified but the security community has concluded that it was probably developed by a nation state or states attempting to disrupt the Iranian nuclear program.

It is a well-established fact that many weapons developed by nation states for military use eventually become available to other non nation-state entities, like terrorists and criminal organisations. Examples include night-vision goggles, GPS systems, airborne drones, fully automatic rifles, Kevlar body armor, and shoulder-launched missiles. These are just a few of the technologies developed for national militaries that are now routinely employed by criminal gangs, terrorists, and rogue nation states.

The pertinent question is: when will the Weaponised Malware and its derivatives be used by these entities to destroy, disable or steal valuable assets and information from other nations, utilities, banks, or telecommunication companies?  The answer is that we do not know when but we are sure that it will happen.  How can threatened organisations assess and address this new security risk?

Page: 1 2

adminuk

Recent Posts

Apple Sales Rise 6 Percent After Early iPhone 16 Demand

Fourth quarter results beat Wall Street expectations, as overall sales rise 6 percent, but EU…

22 hours ago

X’s Community Notes Fails To Stem US Election Misinformation – Report

Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…

23 hours ago

Google Fined More Than World’s GDP By Russia

Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…

24 hours ago

Spotify, Paramount Sign Up To Use Google Cloud ARM Chips

Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…

2 days ago

Meta Warns Of Accelerating AI Infrastructure Costs

Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…

2 days ago

AI Helps Boost Microsoft Cloud Revenues By 33 Percent

Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…

2 days ago