September 27, 2010

Stuxnet worm allows hackers to control industrial machinery

Well, it finally happened: A worm has been developed that can break into computers which control machinery at the heart of industry. Such a security breach could allow attackers to assume control of critical systems like pumps, motors, alarms and valves in an industrial plant. Worse, safety systems could be switched off at a nuclear power plant; fresh water contaminated with effluent at a sewage treatment plant, or the valves in an oil pipeline opened, contaminating the land or sea.

The worm is called Stuxnet and it's about 600-kilobytes in size. It was professionally written, an indication that a nation-state or organized crime outfit is likely behind it.

This worm will prove particularly problematic for legacy systems, but it's also a wake-up call for new distributed systems such as smart grids. Security will have to be embedded in the architecture right from the start to avoid such vulnerabilities.


1 comment:

Unknown said...

George, there is a lot of truth in what you say. It's remarkable, though, that we would say just the same about the previous situation with computers and the internet as most of us know it.

I think, in the case in Iran a critical factor is the local staff. But this is only a problem for the Iranian government, but not for me ;-)