Stuxnet is one of the most complex pieces of malware ever detected and the first known to target real-world infrastructure such as water plants, power stations and industrial units.
The worrying thing about Stuxnet is that mischief or financial reward wasn’t its purpose, it was aimed right at the heart of a critical infrastructure. Government organisations across the world need to think carefully about how they are protecting their power stations, water plants and industrial units, from malicious attack. Traditional security technologies that are on the look out for already identified malicious code, will fail during such sophisticated attacks.
Stuxnet isn’t just another piece of malware. It is the most refined piece of malware ever discovered. It exploited four previously un-known and un-patched vulnerabilities in Windows. That said, the attack could have been stopped in its tracks at the very beginning. Step one of the infiltration was via a USB port and there is the technology called device and application control, that when used prevents unauthorised applications from uploading and executing.
The security controls need to be aligned with the potential risk. Given that the risk of infection could cause widespread chaos, our critical infrastructure must be protected by. The thinking needs to switch from allowing everything in until it is proved to be bad to preventing anything from coming in unless it is proved to be good. Malware and unwanted or unlicensed software will not be prevented from executing on a network – ensuring that we can keep the bad guys out.