The Stuxnet virus could be tailored to attack many other industrial control systems, a Homeland Security official told senators yesterday.
Sean McGurk, acting director of Homeland Security’s national cybersecurity operations center, told the Senate Homeland Security and Governmental Affairs Committee that variations could be produced using publicly available information about the virus.
He said Stuxnet had significantly changed the landscape of targeted cyberattacks.
“We have not seen this coordinated effort of information technology vulnerabilities and industrial control exploitation completely wrapped up in one unique package,” he said.
Of most concern, he warned, was the fact that Stuxnet – probably developed by a well-resourced team – not only modifies files of industrial control system software but can steal the data contained there without being detected. This, he said, made it a blueprint for future attackers.
“The concern for the future of Stuxnet is that the underlying code could be adapted to target a broader range of control systems in any number of critical infrastructure sectors. These systems are used to operate physical processes that produce the goods and services that we rely upon, such as electricity, drinking water, and manufacturing,” said McGurk.
“Although each of the critical infrastructure industries, from energy though water treatment, is vastly different, they all have one thing in common: they are dependent on control systems to monitor, control, and safeguard their processes.”
There are still around 44,000 computers infected with Stuxnet worldwide, about 60 percent of these in Iran, Dean Turner, director of Symantec’s Global Intelligence Network, told the Committee. There are still around 1,600 infections are in the US, he said.