Monday, November 11, 2013

ISS Software infected by Stuxnet Malware from Russian USB stick - Kaspersky Video

Russian security expert Eugene Kaspersky has also told journalists that the infamous Stuxnet had infected an unnamed Russian nuclear plant and that in terms of cyber-espionage "all the data is stolen globally... at least twice."

Kaspersky revealed that Russian astronauts carried a removable device into space which infected systems on the space station. He did not elaborate on the impact of the infection on operations of the International Space Station (ISS).

Kaspersky said he had been told that from time to time there were "virus epidemics" on the station.

The reason is that the space station uses computer-controlled SCADA systems in order to manage various physical components of the satellite. As these systems are based on Linux, they are open to infection.

The Russian said this example shows that not being connected to the internet does not prevent you from being infected. In another example, Kaspersky revealed that an unnamed Russian nuclear facility, which is also cut off from the public internet, was infected with the infamous Stuxnet malware.

Quoting an employee of the plant, Kaspersky said:

"[The staffer said] their nuclear plant network which was disconnected from the internet ... was badly infected by Stuxnet. So unfortunately these people who were responsible for offensive technologies, they recognise cyber weapons as an opportunity."

Stuxnet is one of the most infamous pieces of malware ever created, though it was never designed to come to the attention of the public.

Never officially confirmed by either government, the widely-held belief is that Stuxnet was created jointly by the US and Israeli governments to target and disable the Natanz nuclear enrichment facility in Iran, in a bid to disrupt the country's development of nuclear weapons.

The malware was introduced to the Natanz facility, which is also disconnected from the internet, through a USB stick and went on to force centrifuges to spin out of control and cause physcial damage to the plant.

Stuxnet only became known to the public when an employee of the Natanz facility took an infected work laptop home and connected to the internet, with the malware quickly spreading around the globe infecting millions of PCs.

Kaspersky told the Press Club that creating malware like Stuxnet, Gauss, Flame and Red October is a highly complex process which would cost up to $10 million to develop.

Speaking about cyber-crime, Kaspersky said that half of all criminal malware was written in Chinese, with a third written in Spanish or Portuguese.

Kaspersky added that Russian-based malware was the next most prevalent threat, but that it was also the most sophisticated.

He also added that Chinese malware authors were not very interested in security with some adding social media accounts and personal photos on servers hosting the malware.

NB: Nasa remains adamant that, despite claims to the contrary, their security was not compromised and has denied that the ISS was infected by Stuxnet.

No comments:

Post a Comment