Dan Ronco's Blog - Posts Tagged "plc"
A New Breed of Computer Virus
Stuxnet – An early version of PeaceMaker?
"Stuxnet is a working and fearsome prototype of a cyber-weapon that will lead to the creation of a new arms race in the world," Kaspersky Labs said in a statement. Sounds a lot like PeaceMaker, the virus I described in the novel with the same name.
Many of you may have read about Stuxnet, a new super virus that has infected many Windows and corporate control systems. Software security experts believe that Stuxnet is the most complicated virus unleashed in many years. The virus is believed to involve at least 4 zero-day vulnerabilities, two signed code certificates and PLCs. A zero-day vulnerability is a computer threat that tries to exploit software defects that are unknown to others or a security fix that isn’t available A signed code certificate is a file containing a digital signature to ensure that the specified code has not been tampered with since it was signed. A programmable logic controller (PLC) is a computer used for management of electromechanical processes, such as opening or closing valves, inserting or pulling control rods in nuclear reactors, or turning on or off lights.
A high level of expertise was required to develop Stuxnet, probably involving a team of hackers rather than a teenager working in his bedroom. Reuters, in a succinct overview, describes how the software works. The virus has spread across the globe, but interestingly, there have been far more attacks in Iran than any other country.
I anticipate a highly intelligent worm to evolve in the near future with PeaceMaker-like capabilities:
Control of all Windows-based computers
Seek out and hide in Windows computers, waiting for a signal to launch a coordinated attack
Change or delete specific data or just destroy it all
Coordinate an attack sequence on specific nations, industries, etc
It is my belief that the power to control software is the power to control the world. In PeaceMaker, I describe the consequences of a world-wide shutdown.
"Stuxnet is a working and fearsome prototype of a cyber-weapon that will lead to the creation of a new arms race in the world," Kaspersky Labs said in a statement. Sounds a lot like PeaceMaker, the virus I described in the novel with the same name.
Many of you may have read about Stuxnet, a new super virus that has infected many Windows and corporate control systems. Software security experts believe that Stuxnet is the most complicated virus unleashed in many years. The virus is believed to involve at least 4 zero-day vulnerabilities, two signed code certificates and PLCs. A zero-day vulnerability is a computer threat that tries to exploit software defects that are unknown to others or a security fix that isn’t available A signed code certificate is a file containing a digital signature to ensure that the specified code has not been tampered with since it was signed. A programmable logic controller (PLC) is a computer used for management of electromechanical processes, such as opening or closing valves, inserting or pulling control rods in nuclear reactors, or turning on or off lights.
A high level of expertise was required to develop Stuxnet, probably involving a team of hackers rather than a teenager working in his bedroom. Reuters, in a succinct overview, describes how the software works. The virus has spread across the globe, but interestingly, there have been far more attacks in Iran than any other country.
I anticipate a highly intelligent worm to evolve in the near future with PeaceMaker-like capabilities:
Control of all Windows-based computers
Seek out and hide in Windows computers, waiting for a signal to launch a coordinated attack
Change or delete specific data or just destroy it all
Coordinate an attack sequence on specific nations, industries, etc
It is my belief that the power to control software is the power to control the world. In PeaceMaker, I describe the consequences of a world-wide shutdown.
