According to this article by Symantec, it looks like the top countries affected Stuxnet (by infection count) were Iran and some of its closest neighbors geographically. To me, it looks like an intelligence service lost a couple of arrows out of its quiver here. Microsoft is closing one of the vulnerabilites used by Stuxnet in the September 2010 Microsoft monthly patches.
The smart money is on the U.S. or Israel, but I guess the public storyline will never tell us for sure. Nation-state intelligence services cannot wait for a time of war to penetrate and exploit the infrastructure of potential enemies. That type of offensive penetration and espionage activity happens all the time. Like some others, the U.S. is very good at cyber offense and computer network exploitation. It very well could have been us that lost a couple privately held vulns this time around.
References:
http://www.symantec.com/connect/blogs/w32stuxnet-network-information
http://krebsonsecurity.com/2010/09/stuxnet-worm-far-more-sophisticated-than-previously-thought/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+KrebsOnSecurity+%28Krebs+on+Security%29
email: david @ sharpesecurity.com
website: http://www.sharpesecurity.com/
Twitter: twitter.com/sharpesecurity
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment