Switched has a new home! Huffpost Tech.

Click here to visit the new home of Switched!

Hot on HuffPost Tech:

See More Stories
AOL Tech

Stuxnet Could Be Most Complex Malware Ever, Targeting Iranian Nuclear Plants?

by Amar Toor on September 23, 2010 at 03:04 PM

Stuxnet malware An awe-inspiringly complex piece of malware named 'Stuxnet' has some security experts openly wondering whether or not it's the most sophisticated worm ever to hit the planet. Others are speculating that it may be used to target a nuclear plant in Iran.

Although the worm originally popped up in June, when it attacked Windows PCs operating industrial control systems, cyber experts are only now realizing the extent of its power. Unlike most malware, Stuxnet can autonomously distinguish various industrial computer systems, and seems uniquely designed to attack one specific target. "Stuxnet is the key for a very specific lock -- in fact, there is only one lock in the world that it will open," German researcher Ralph Langner tells the Christian Science Monitor. "The whole attack is not at all about stealing data but about manipulation of a specific industrial process at a specific moment in time. This is not generic. It is about destroying that process."

After having studied Stuxnet for several months, some experts are now worried that the malware could be used to manipulate -- and perhaps destroy -- real-life infrastructure. According to Computer World, Stuxnet's complexity has led many to believe that only a governmental effort could've produced it. And, considering that Iran took the brunt of the worm's attack in June, some are even speculating that it could be targeting an Iranian nuclear plant or centrifuge facility.

Expert Bruce Schneider, however, acknowledges that "there's not much in the way of actual evidence to support" the Iran theory, while Grey Logic founder Jeffrey Carr tells AOL News that any such speculation is "irresponsible." Even if the worm isn't specifically targeting Iranian nuclear facilities, however, former North American Electric Reliability Corp security chief Michael Assante says its mere existence should give cause for grave concern.

"What we're seeing with Stuxnet is the first view of something new that doesn't need outside guidance by a human -- but can still take control of your infrastructure. This is the first direct example of weaponized software, highly customized and designed to find a particular target," Assante tells the Christian Science Monitor. "The implications of Stuxnet are very large, a lot larger than some thought at first... It's the type of threat we've been worried about for a long time." Great.

Tags: CyberAttack, cybersecurity, cyberterrorism, CyberWarfare, defense, Iran, IranNuclearProgram, malware, Microsoft, nuclear, NuclearEnergy, NuclearWeapons, stuxnet, virus, windows, worm

HuffPost AOL Social News Most Popular