Stuxnet

Indian authorities are investigating a computer server in Mumbai for links to the Duqu malicious software that some security experts warned could be the next big cyber threat.

Web Werks, a Mumbai-based Web-hosting company, said it had given an image of the suspicious virtual private server to officials from the Indian Computer Emergency Response Team (CERT-In), after security firm Symantec Corp found the server was communicating with computers infected with the Duqu virus.

The design similarities between the recently-publicised Duqu malware and the infamous Stuxnet worm that caused widespread alarm more than a year ago have been hugely exaggerated, an analysis by Dell SecureWorks has concluded.

The essence of the company’s strip-down analysis is that despite some common features, Duqu and Stuxnet have been designed to do different jobs, one very targeted, the other more general.

Russia has for the first time laid the blame for the Stuxnet worm at the door of the US and Israel, describing it as "the only proven case of actual cyber-warfare."

In translated comments reported by the AFP agency, foreign ministry security department chief Ilya Rogachyov was blunt about the origins of a piece of malware that has mystified experts since first appearing in June 2010.

It was January 2010, and investigators with the International Atomic Energy Agency had just completed an inspection at the uranium enrichment plant outside Natanz in central Iran, when they realized that something was off within the cascade rooms where thousands of centrifuges were enriching uranium.

Natanz technicians in white lab coats, gloves and blue booties were scurrying in and out of the "clean" cascade rooms, hauling out unwieldy centrifuges one by one, each sheathed in shiny silver cylindrical casings.

 Stuxnet-style malware that attacks computer hardware could put your company out of business by physically destroying the servers, networking equipment and storage resources in your data center. Unlike Stuxnet, however, this type of malware is easy to create.

That's the stark warning Itzik Kotler issued at the HackInTheBox hacker convention in Amsterdam last month. Kotler is the chief technology officer of the information security company Security Art.

The media storm over the Stuxnet worm may have passed, but many of the software holes that were used by the worm remain unpatched and leave Siemens customers open to a wide range of potentially damaging cyber attacks, according to industrial control system expert Ralph Langner.