Stuxnet Worm Reportedly Aimed at Iran by U.S. and Israel
This revelation from the New York Times is a bit outside our normal sphere of coverage, but it’s important because it shows that computer security is going to become even more important as governments move to electronic attacks on one another, potentially causing normal civilians to become unwitting transmission vectors to real-world targets.
This kind of revelation strikes me as being much more dangerous to our national security that anything in the Wikileaks cable dump. It is very likely to prompt similar actions against critical NA infrastructure that does not benefit from military strength protection against cyber attack.
I think I disagree. The Stuxnet worm was essentially a public action on the part of whoever programmed it, which remains unconfirmed. So the entity creating it couldn't have been too worried about being discovered. Also, if the target was indeed the Iranian centrifuges, it seems unlikely that Iran would be clueless about who caused the damage (and they'd blame the U.S. and Israel, regardless). I think the only notable revelation is that this is the first time we've seen such a sophisticated virtual attack against a real-world target come out in the open.
And as far as it increasing the vulnerability of North American infrastructure, I cannot believe that hostile powers have not already been attempting to determine its weaknesses (the U.S. government has said as much).
Mac users are mostly clueless about computer security since their computers come factory equipped with a fairly decent set of safeguards.
PC people have been infected for years and have to run and pay for software to keep them somewhat safe. Governments and large corporations have a large number of strategies to keep the bad guys out and are pretty good at it.
The most interesting part of the whole Stuxnet episode is the realization that bombs have been replaced with software. Talk of an attack on Iran's nukes has stopped since this "directed virus" did the work of the bombs without significant loss of life and without the release of radiation.
The idea was brilliant and the results are far reaching. One thing we should think about is that Iran was so lax in their security that the bug got into their most secure systems. Makes you wonder about the general level of security that they employ for the rest of the country. That's the shocking thought!
Though I'm certainly no expert, my understanding is that Iran's security is probably far more traditional, focusing on controlling people more so than information.