After Stuxnet, waiting on Pandora’s box

[InfoSec News <alerts () infosecnews org>]

http://www.washingtonpost.com/blogs/checkpoint-washington/post/after-stuxnet-waiting-on-pandoras-box/2011/09/20/gIQAOkw0hK_blog.html

By Jason Ukman
Checkpoint Washington
The Washington Post
09/20/2011

The mysterious computer worm known as Stuxnet has gained more than a 
little notoriety since it was discovered in the summer of 2010. It 
wreaked havoc on Iran’s nuclear program. It stirred suspicions that it 
had been unleashed by the Israelis, the Americans or both. And, last but 
hardly least, it heightened long-standing concerns about the potential 
for a cyber attack on critical infrastructure in the West.

In the case of Iran, Stuxnet worked its way into an industrial control 
system by rather insidious means -- identifying the centrifuges used to 
enrich uranium and causing them to spin so rapidly that they began to 
break. But experts have said that the worm could just as easily serve as 
a blueprint to sabotage machines that are critical to power plants, 
electrical grids and other utilities in the United States and elsewhere.

Ralph Langner, a German cyber expert was among the first to analyze 
Stuxnet and identify its ability to target control systems. Langner, who 
is in Washington this week for a handful of events, including one 
Tuesday at the Brookings Institution, took some time to talk about the 
aftermath of Stuxnet.

He remains as concerned as ever that infrastructure in the United 
States, Europe and elsewhere is vulnerable to cyber attack. And he says 
it’s not going to take a sophisticated attacker or the resources of a 
nation-state to launch a strike that could have major economic and 
national security consequences. Excerpts of the interview are below.

[...]

_____________________________________________________________
Register now for the #HITB2011KUL - Asia's premier
deep-knowledge network security event now in it's 9th year!
http://conference.hitb.org/hitbsecconf2011kul/