More Sophisticated Spyware Hits Utility Systems - "Stuxnet" Gone Wild : Austin Technology Law Blog

Home > Articles > More Sophisticated Spyware Hits Utility Systems - "Stuxnet" Gone Wild

More Sophisticated Spyware Hits Utility Systems - "Stuxnet" Gone Wild

Posted on July 27, 2010 by Paul Stanfield

Cyber security experts are scrambling to assess the past effects and the potential of a recently detected malware that has targeted utility systems primarily in the Middle East (beginning in Iran) and the United States. Microsoft has named the Trojan intruder “Stuxnet”.

On a very basic level, here is what Stuxnet does:
1. So far, it has targeted a Siemens system (SCADA) used primarily in the operation and control of electric power plants;
2. It has been carried on USB sticks that, when attached to a computer, automatically executes without any further action by a user, even if the AutoRun function is disabled;
3. The Trojan then seeks out and copies certain database information, including power plant designs;
4. Stuxnet exploits a flaw in the shortcut links files in Windows.

Microsoft has issued a work around that essentially turns off the shortcut function and changes the shortcut icons appearance on the screen.

So, if this only targets utility companies, unless you are a utility company or have one as a client, why should you care? Experts surmise that this was created to carry out industrial espionage but the same technique can be used for other targets. It could be used to target other trade secrets, personal financial information, medical records, etc.

We talked to a local security expert and there are reports that Stuxnet or variants are “in the wild” and could be delivered by a manner other than USB sticks via networks and remote web servers.

McAfee alleges that it has a defense against Stuxnet as does Symantec. As we noted in earlier posts (see here and here), these are examples of blacklisting. CoreTrace has demonstrated effectiveness against the intruder by using the whitelisting capabilities of its product Bouncer. See the YouTube video here: http://bit.ly/bFCEdc.

This attack seems to be much more targeted and much more sophisticated that most of the prior threats and may herald a new age of malware menace.

So, it’s a dangerous cyber world out there. Use protection.

Tags: Articles, Cloud Computing, CoreTrace, Data Privacy, Health Care, Intellectual Property, Internet, McAfee, Microsoft, Stuxnet, Symantec, malware, spyware, trojan, viruses

Trackbacks (0) Links to blogs that reference this article Trackback URL
http://www.austintechnologylawblog.com/admin/trackback/213763

Comments (0) Read through and enter the discussion with the form at the end

Post A Comment / Question Use this form to add a comment to this entry.

Send To A Friend Use this form to send this entry to a friend via email.

Austin Technology Law Blog

Stanfield Hiserodt PLLC

300 West Avenue Suite 1316

Austin, Texas 78701

Phone:

512-482-0040

Fax:

512-472-8181

Austin Technology Law Blog : Texas Technology Lawyers & Attorneys for Copyright, Trademarks & Software Licensing in Houston, Dallas & Austin TX

Published By
Stanfield Hiserodt PLLC

Legal thoughts on Technical Business Transactions, Intellectual Property and Licensing