Friday, 25 November 2011

Stuxnet explained: video

Stuxnet is one of the most interesting pieces of malicious code found in the last few years.

It provides significant evidence that nation states are using computers to undermine each other.

The well-made video below explains what Stuxnet is (a weapon in code form), what it did and poses some questions about the future.

It suggests, incorrectly as far as I know, that the source code is available. Thus far it is not "open source", as claimed in the video.

This is one of many pieces of recent media that explores the concept of cyber war. It is a controversial area, largely because there is little proof. Stuxnet is tangible evidence, which is why security companies are so excited about it.

Cold war, cyber war or simply war?

Eugene Kaspersky has just written an interesting article that poses the view that this type of cyber war, in which malicious code is used as a form of weapon, is a series of acts of international aggression. He believes that it is tantamount to cyber terrorism.

Malicious code such as Stuxnet can do a few things but one of the most interesting characteristics is its capacity for sabotage. In the Cold War of the 1980s there were claims of sabotage, but rarely anything as direct as the tasks that Stuxnet is capable of carrying out.

One similar incident involved the Trans-Siberian pipeline back in 1982. The US is said to have planted a logic bomb that resulted in a massive explosion. Rather than introducing a virus from a network or USB key, the theory goes that US programmers planted the malicious code into a program that they knew would be stolen by the Russians.

Stuxnet: Anatomy of a Computer Virus from Patrick Clair on Vimeo.