Delegates at the Black Hat conference in Las Vegas are sharply split on the merits (or otherwise) of malware like Stuxnet that can be used offensively to take down infrastructure.
Stuxnet was the first malware that was publicly acknowledged to have been designed to take down physical equipment – in this case, Siemens supervisory control and data acquisition (SCADA) systems. According to recent reports it was developed by the US and Israel as part of Operation Olympic Games, a malware program started by former President Bush and expanded by the current administration.
Security researchers said Tuesday they have come across a new strain of espionage malware that has successfully infected 800 different organizations this year in the Middle East to steal information and spy on communications.
The Flame cyber-attack that targeted computers across the Middle East has been linked to the Stuxnet worm, which is believed to have been orchestrated by the US and Israel to attack Iranian nuclear centres.
Speaking at the Reuters Global Media and Technology Summit on 11 June, Eugene Kaspersky, chief executive of the Russian security firm that bears his name and which discovered the Flame virus in May, said his team of researchers have found that Flame shares an almost identical piece of code with a 2009 version of Stuxnet.
When Kaspersky Labs analysed the Duqu Trojan early last month, they were stumped by a block of code that appeared to be previously unseen programming language. It seems now that the language was not new, but rather an old one. A custom object oriented C framework compiled with MSVC 2008 including options to minimise size and expand only when activated in line.
The Duqu malware that targeted industrial manufacturers around the world contains so many advanced features that it could only have been developed by a team of highly skilled programmers who worked full time, security researchers say.