Many of us who study computers whether it be Cyber Forensics, Information Technology, or Computer Information Systems, know that cybercrime is among us. I would like to bring to everyone’s attention a situation recently in the news, and that is a virus called Stuxnet.
Stuxnet, for those who don’t know, is a worm (a type of computer virus) that was developed to attack Iran’s Natanz nuclear facility (Fingas, 2014). The worm is meant to attack PLC which are Programmable Logic Controllers. I hope I grabbed your attention because, yes, this is a very bad infection for controls that can override functions in a nuclear facility. The Natanz nuclear facility has no direct Internet connection, so the virus couldn’t be spread to it via an Internet connection. It is now known that before the virus reached Natanz, it attacked 5 key vendors that affiliate with Natanz and was brought in by one of the employees, or someone who works in the facility.
I know many people don’t care what is happening hundreds of miles away, but according to Kaspersky Labs, the virus has now spread all over the Internet. Since the virus is intended for corporations, it is not a major concern for end users, but companies need to ensure that private data stored on their networks is protected. Many people believe this virus contains American roots. (Fingas, 2014). The Issue I have with claiming that it has come from America is that there is no proof. Kaspersky apparently can tell you where the rogue code (Stuxnet) has been, but not its origins.
If you would like to read more about Stuxnet, please refer to:
Fingas, J. (2014, November 13). Stuxnet worm entered Irans’s nuclear facilities through hacked suppliers. Retrieved from: http://www.engadget.com/2014/11/13/stuxnet-worm-targeted-companies-first/
If you would like to discuss this further, please comment below.