Evidence is rising that Stuxnet, a cyberweapon that attacked Iran's nuclear facilities in 2009, is part of a supersophisticated manufacturing process for malicious software, two antivirus companies tell the Monitor.
Somewhere in the world, the creators of the Stuxnet worm are involved in a cyberweapon manufacturing operation that can pump out supersophisticated malicious software tweaked for specific missions, new targets, and detection evasion.
Stuxnet, the first military-grade cyberweapon known to the world, has been called a digital missile and a cyber-Hiroshima bomb. But it was not a one-shot blast, new research shows. Rather, Stuxnet is part of a bigger cyberweapons system – a software platform, or framework – that can modify already-operational malicious software, researchers at two leading antivirus companies told the Monitor.
The platform appears to be able to fire and reload – again and again – to recalibrate for different targets and to bolt on different payloads, but with minimal added cost and effort, say researchers at Kaspersky Labs and at Symantec.
Kaspersky, based in Moscow, and Symantec, in Sunnyvale, Calif., are antivirus companies, competitors in fact. Each has had teams laboring independently for more than a year to decipher Stuxnet. Both are amazed to have discovered digital fingerprints of a much larger family of weaponized software.
Page 1 of 5