Stuxnet and Duqu – the next problem for the world, targeted viruses!

About 18 months ago, a virus was released on the Internet that has had some devastating effects across the whole world.   The effect of the virus was not that it propagated readily, it could transfer from Microsoft computer through USB and network shares like other viruses.   It does unauthorized things to the computer like other viruses do.   Stuxnet is a virus that has changed the viral landscape and will have huge ramifications going forward.

There are 3 noticeable differences in the design of the Stuxnet virus.   The code for the virus was so well written and compact that it raised the interest of the top boffins at Symantec, who have worked for months to reverse engineer it (An updated virus definition file was produced within a couple of days by most anti-virus companies).   The code is so well written that they believe that there was some significant money behind the virus itself.   There was no noticeable payload (expected damage) from the virus but it used four zero day exploits in its design to infect computers.  It is targeted; the Stuxnet virus was actually looking for a specific type of Computer system.

Most viruses attack in a shot gun type of attack profile, infecting as much as possible in as short as time as possible but the Stuxnet virus is a laser guided scalpel.   It is after one specific type of computer system which actually turned out to be a nuclear system in Iran.   Stuxnet was designed to reprogram the nuclear centrifuge so that they would overload and damage themselves.   Stuxnet is the first virus designed to actually damage hardware and physical devices.

If the Stuxnet virus was so specific, the new DuQu virus is even more dangerous, yes there are definitions for anti-virus protection, so most of the time the anti-virus software should pick it up.   There are still components of the DoQu virus that are highly encrypted and other components whose target and capability are not yet known but it is designed to do something and yes “designed” is the correct word.   urthermore, like Stuxnet, it is also designed to attack a specific type of computer system, but at present they haven’t worked out what they are or where they are located.   DuQu also includes zero day exploits that are in the process of being rectified by the software companies.

In the 1980’s there was a role playing game called “shadow run” that was based in 2050.   One of the premises of the game is a cyber-war that includes the introduction of a virus that can and does physically damage to critical infrastructure.   This is a prediction from 30 years ago that is coming to fruitation in our time.   It’s a great world we live in isn’t it?

Roger Smith, is an educator. Teaching students at ADFA (UNSW) and showing them how vulnerable they are to cybercrime.

He is also CEO at R & I ICT Consulting Services Pty Ltd, an Amazon #1 author on Cybercrime and founder of the SME Security Framework. He is a Consultant who specialises in inexpensive and highly effective security strategies for small and medium businesses and not for profit organisations.

He has developed and authored the SME Security Framework and the Security Policy Training Course which are considered to be the definitive guides to helping SME's protect their organisation using the principles of Technology, Management, Adaptability and Compliance.