view counter

Infrastructure protectionDHS official: Stuxnet a "game changer"

Published 19 November 2010

The head of the Cybersecurity Center at DHS said Stuxnet is an incredibly large, complex threat with capabilities never seen before; “This code can automatically enter a system, steal the formula for the product you are manufacturing, alter the ingredients being mixed in your product, and indicate to the operator and your anti-virus software that everything is functioning as expected,” he said

A highly complex computer attack that may have been targeting Iran’s nuclear power plants is posing a serious security threat to critical infrastructure worldwide, according to government and cyber-industry experts testifying Wednesday on Capitol Hill.

The computer worm known as Stuxnet was discovered this past July and specifically targets computers that run critical infrastructure such as the electric power grid, water treatment and oil and gas pipelines.

The head of the Cybersecurity Center at DHS said Stuxnet is an incredibly large, complex threat with capabilities never seen before.

This code can automatically enter a system, steal the formula for the product you are manufacturing, alter the ingredients being mixed in your product, and indicate to the operator and your anti-virus software that everything is functioning as expected,” Sean McGurk told the Senate Homeland Security Committee.

McGurk called the development of Stuxnet a “game changer.”

McGurk said there is not enough knowledge to identify what specifically was the target of the attack. “To say it was specifically designed to target a particular facility is very difficult for anyone to say with assurance,” said McGurk.

CNN reports that a study by the Symantec Corporation, a cybersecurity firm, indicated Iran’s nuclear plants could be the intended target. “Stuxnet is a threat targeting a specific industrial control system likely in Iran, such as a gas pipeline or power plant,” according to the report.

Symantec official Dean Turner told the lawmakers that “even if something like this is tied to one particular country or group of countries, the ability of it to have a global reach is enormous.”

He said there were approximately 44,000 unique Stuxnet infections worldwide with 1,600 of them in the United States. Nearly 60 percent of the global infections were in Iran.

Who was behind the attack also remains a mystery. DHS’s McGurk said the department’s analysis of the code did not point to where it was developed.

The Symantec study did not identify a source of the attack.

The sophistication of the malware makes it unlikely it could easily be duplicated by others. “Stuxnet has such complexity requiring significant rescues to develop that few attackers will be capable of producing a similar threat,” Turner said.

The discovery of Stuxnet was a wake up call to government and industry, agreed all those who testified. Michael Assante, the president of the National Board of Information Security Examiners said, “We’re not only susceptible, but we’re not very well prepared.”

Enhanced cooperation between the federal government and private sector was cited as one key component to fending off cyber threats.

Senator Joseph Lieberman (I-Connecticut), the chairman of the Senate Homeland Security Committee, lamented that critical cybersecurity legislation needed to combat cyber threats will have to wait until the new Congress convenes next year.

I’m sorry to say it seems unlikely we can pass this bill in this lame-duck session, although we should. I’ve been disappointed that the administration and some other committees that have an interest in this issue have been slow to engage,” said Lieberman.

view counter
view counter