Wired is claiming that the Stuxnet virus/malware/whatever is actually targeting particular pieces of industrial equipment that is likely to be used for uranium enrichment in Iran and then interfering with it slowly over the course of weeks.
http://www.wired.com/threatlevel/2010/11/stuxnet-clues/
I’m always wary of claims that computer viruses are targeting things other than just your data and possibly your computer’s ability to send spam, but this seems like it might be the real deal. An actual, state-created piece of malware aimed at trying to directly interfere with a real-world process. I’m both stunned and a little scared. I’d be curious to know if it actually had any effect.
I know almost nothing about SCADA systems in general, and absolutely none about the ones in question, but I’ve heard from a variety of people that I trust that they are quite vulnerable and lag something like 10-15 years behind where we are in computer security in general. I guess this is the right place to look if you wanted to hit something.
I’m still interested to see how this pans out when more determined journalists get a hold of it and start placing it into context rather than tech news reporting on an anti-virus company’s press release.
