How Do You Know It Isn’t?

AllahPundit over at Hot Air wonders:

Exit question: I’ve asked this before but I’m still mystified by it. If one of the two goals of Stuxnet was to hide its sabotage by making centrifuge operators believe that everything was running smoothly, why was it so easily discovered by cybersecurity experts? Ideally, this thing should have run on Iranian computer networks for years and years, spinning its centrifuges into oblivion at every turn until Iran simply gave up in utter befuddlement at what the problem might be. Instead, it looks as though it ran for about a year (maybe less) before being detected. Is that … deliberate? If so, why? If not, why weren’t stronger measures taken to keep the worm invisible?

We know very little about the actual capabilities of the Stuxnet worm/virus/trojan/malware – pick any word that works for you. What I have seen so far indicates that the sucker is ‘waaaaaay overbuilt for what it has reportedly accomplished so far (one report I read said that the code contained at least four zero day exploits). What other very, very secret things could it be doing – or be patiently waiting to do?

If I were trying to fight this thing, I’d be frightened out of my mind about what I did not know about the full capabilities of Stuxnet. Here’s the Wikipedia article on Stuxnet. Given the evident complexities in the malware that we know of so far, it is not unreasonable to wonder what else is in there that we don’t know about yet.

(Frankly, given the field I work in, I am definitely worried about Stuxnet.)

This entry was posted in Geek Stuff. Bookmark the permalink.

3 Responses to How Do You Know It Isn’t?

  1. Pingback: Stuxnet a joint US-Israel project… « Public Secrets

  2. checkers says:

    This is stuxnet I, it is designed to hide or divert attention from stuxnet II, which can not be found. The Iranians will think they have cleared their systems and stuxnet II will be quietly there doing its thing.

  3. Gaius says:

    Actually, I think along the same lines, Checkers. There has to be more to this if what we already know is as bad as it is. The fact that Stuxnet was able to propagate through some very unusual channels should terrify any cybersecurity professional. They literally do not know where to look for this thing. It could be in their cellphones by now – in fact, I’d bet on it.

Comments are closed.