Stuxnet Lull: Prepare for Next Attack

Wednesday, November 3, 2010 @ 11:11 PM gHale


By Gregory Hale
There was a period this past summer when the news broke about Stuxnet. While alarming, it didn’t necessarily have the industry shuttering in their knickers.
The initial news reports came and went, a lull set in, but in just over a month that came to a screeching halt. Stuxnet was a weapon. One that could potentially take out a plant in fairly quick manner if it went totally undetected. The industry was quaking. After all, if the reports about the worm’s goal of taking out Iranian nuclear plants were true, it could be a full-fledged disaster.
Some would ask, “Why would anyone want to hit our industry?” While others would just matter of factly say, “It was just a matter of time.”

RELATED STUXNET STORIES
Stuxnet Mitigation 1.1
New Video Shows Stuxnet Infecting System
Safe From Stuxnet? Think Again
Stuxnet Aftermath: Cyber Warfare Already Here

The industry is now in another calm period. Security experts are still analyzing the details of this very nasty worm. Now all the news reports that have anything to do with the power industry suffering any kind of shut down refers to Stuxnet.
On one hand you have the Iranian Defense Minister Brig.-Gen. Ahmad Vahidi saying the Stuxnet worm is “internet terrorism,” Iranian news service ISNA reported Wednesday.
Vahidi also said the worm, which infected computers controlling important Iranian infrastructure, did not have any impact on Iran’s nuclear program, the Iranian news agency reported.
On the other hand, a British nuclear power station that suffered an “unplanned outage” this week categorically denied any link to Stuxnet.
One of two reactors at Heysham 1, owned by French energy giant EDF, went offline. Parts of the site use the Siemens S7 systems, prompting speculation the sophisticated worm is to blame for the shutdown. The Stuxnet worm targeted the Siemens system for the attack.
Meanwhile Microsoft Tuesday released a record high number of software patches aimed at countering computer threats including the Stuxnet “worm” attacking industrial networks.
Microsoft ranked the 49 fixes released in importance from “critical” to “moderate” and addressed vulnerabilities in an array of Microsoft programs used in personal computers.
“Users should apply these patches ASAP,” said Trend Micro threat researcher Ivan Macalintal. “It should be a top priority.”
The unprecedented number of fixes promised to make installing the patches a chore for technology workers managing business networks.
A report on Microsoft’s patch Tuesday is usually not very big news, but when Stuxnet is involved it remains on top of everybody’s radar.
Analyzing the details behind the attack is something the experts have to do and reporting on little things related to Stuxnet is interesting, but the real key is for the industry to not sit back and wait for reports from the experts. Every manufacturer out there, big or small, needs to have a plan of attack. They need to have something on paper and then they have to go to their partners and make sure they have a plan ready to go just in case. We can’t fall asleep on this one. We have to stay one step ahead of the next Stuxnet because sure as the rain falls in an afternoon in Florida, there will be a next time.
Talk to me: ghale@isssource.com



Leave a Reply

You must be logged in to post a comment.