Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Political analysts have forecast potential consequences for the United States after it was confirmed to have been involved in the creation of the Stuxnet malware that attacked Iranian uranium enrichment facilities.
The New York Times piece released last week revealed direct involvement by US President Barack Obama in ordering the creation and spread of the malware to the Iranian facilities, which largely succeeded before the virus was discovered outside of the country.
But the United States, seen as one of the most vulnerable countries to “cyber-attacks” due to its heavy reliance on computers, could become highly prone to similar attacks in future as retaliation to its actions.
SANS Institute director of research Alan Paller said news of the US' involvement meant businesses and infrastructure operators would be required to bolster their own defences against such attacks.
"We are now going to be the target of massive attacks," Paller told Computerworld US.
"For a long time everything has been under the radar ... the US has acted like it was an innocent victim. But behaviour will change when there's no longer an argument."
Ohers called it the "end of plausible deniability" for the US regarding its involvement in the attacks.
Though first created during the Bush administration under the code name 'Olympic Games', the Obama government continued using new variants of Stuxnet to sabotage the Iranian uranium refinement site, Natanz. Using a worm to sabotage Iran’s nuclear weapons programme was deemed preferable to Israeli air strikes on the facility.
Stuxnet’s existence became known in June 2010 after a programming error made the worm spread to an engineer’s computer that was connected to a centrifuge, and from there, around the world.
The Stuxnet worm and recently discovered Flame malware represent “a spectacular failure for our company and the antivirus industry in general” according to Mikko Hyppönen, the chief research office of Finnish security firm F-Secure in an article written for Wired.com’s Threat Level blog.
According to Hyppönen, Stuxnet wasn’t detected until well over a year after it was unleashed. F-Secure had samples of Flame dating back to 2010 and 2011 that were collected through its automated reporting systems, but Hyppönen said his company was unaware their existence.
Flame, Stuxnet and Duqu were most likely written by a Western intelligence agency and hidden in plain sight, according to Hyppönen, using standard code libraries that made them look more like a business database system than pieces of malware.
Hyppönen said there were likely to be more variants of politically motivated malware not yet detected.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.