Evidence is rising that Stuxnet, a cyberweapon that attacked Iran's nuclear facilities in 2009, is part of a supersophisticated manufacturing process for malicious software, two antivirus companies tell the Monitor.
Somewhere in the world, the creators of the Stuxnet worm are involved in a cyberweapon manufacturing operation that can pump out supersophisticated malicious software tweaked for specific missions, new targets, and detection evasion.
Stuxnet, the first military-grade cyberweapon known to the world, has been called a digital missile and a cyber-Hiroshima bomb. But it was not a one-shot blast, new research shows. Rather, Stuxnet is part of a bigger cyberweapons system – a software platform, or framework – that can modify already-operational malicious software, researchers at two leading antivirus companies told the Monitor.
The platform appears to be able to fire and reload – again and again – to recalibrate for different targets and to bolt on different payloads, but with minimal added cost and effort, say researchers at Kaspersky Labs and at Symantec.
RECOMMENDED: Iran nuclear program: 5 key sites
Kaspersky, based in Moscow, and Symantec, in Sunnyvale, Calif., are antivirus companies, competitors in fact. Each has had teams laboring independently for more than a year to decipher Stuxnet. Both are amazed to have discovered digital fingerprints of a much larger family of weaponized software.
Page 1 of 5