A Four-Day Plunge to Stuxnet’s Knowhow
To gain information about the Stuxnet computer worm from an unrecognized Belarusian security company is indeed a shameful event for the vulnerability team at Microsoft, as reported by WIRED THREAT LEVEL on December 27, 2010.
The computer worm Stuxnet is suspected to be an underline operation of states including the US and Israel. The worm is functionalized to determine the secretive aims of nuclear attack by Iran. Stuxnet attacked the control systems for accessing Iranian centrifuges and steam turbine, which delays the manifestation of nuclear program by Iran.
During a session held at the Chaos Computer Club (CC) Congress, top vulnerability analyst of Microsoft laid down an account of the ultimate origin and motive behind the Stuxnet project. An account of the software company's response was also presented at the session.
Commenting on the matter, Bruce Dang, a Security Software Engineer at Microsoft Security Response Center, who conducted the analysis, noted about the importance of ascertaining the knowhow of the worm prior to other companies, as reported by WIRED THREATLEVEL on December 27, 2010.
Initially, during June 2010, Belarusian firm VirusBlokAda recognized the worm and informed Microsoft by sending some screenshots. However, Microsoft team was unconvinced and wanted to dismiss the report. Ultimately, when the report was opened and they began to study the codes, they realized that it was a harmful threat.
Dang further stated that, the code had around 1 MB of information and exploited vulnerability in the Windows icon shortcut featured and the infected USB stick, which directs users to the worm i.e. .LNK files.
Microsoft estimates that this Stuxnet is a year-old harmful venture and used quite sophisticated methods for infecting and attacking Iran's nuclear centrifuges.
According to Dang, numerous things are obvious from his interpretation of the code. The code was written by various people. Moreover, the developers of the code were alert to ensure that it ran flawlessly, with great impact and complete reliability. That's one objective, which even professional software developers usually fail to meet.
The team at Microsoft took about three to four days or an approximation of 40 Microsoft person-hours to determine the worm but the effects of this worm is sure to resonate much longer.
Related article: A New "Blackmailing" Variant Creeps Around…
» SPAMfighter News - 06-01-2011