ReadWriteEnterprise

Last week the news blogs were filled with information about a second attack on a computer-based supervisory control system (SCADA) at the Curran-Gardner Township Public Water District based near Springfield Ill. The first was the Stuxnet malware targeted at an Iranian nuclear facility that was extensively covered. We wrote about how the Symantec anti-virus researchers decompiled the malware and demonstrated it to us here earlier this summer, and how variants on Stuxnet called Duqu were also found last month floating around European networks.

It may not be an independent source of data about Windows, but Microsoft's system of telemetry for tracking the causes of system failures, is orders of magnitude more sensitive than anything else in the field. A report released by Microsoft this morning reveals that what would have been a record quiet year for Windows security was pretty much wiped out by one stupid little flaw that Microsoft can't completely patch.

Today eEye Digital Security released the results of a survey of over 1,600 IT administrators, managers and C-level executives about their top security concerns. Most respondents said that high profile malware like Project Aurora and Stuxnet were either small or very small threats to their enterprises. Slightly more were concerned about government or state sponsored hacking. But most still saw this as a low priority.

So what are they actually worried about?

Late last year the Stuxnet made international headlines by infecting computers at an Iranian nuclear power plant. Much of the coverage has been focused on speculation as to who was behind the malware, which appeared to be designed specifically to target nuclear power plants with certain types of equipment. But how were the creators of Stuxnet able to infiltrate a high security nuclear power plant? According to Symantec, one of the key components in the attack was a legitimate digital certificate. The attackers either stole a private key, or were able to get their files signed. How can you keep your digital certificates and encryption keys safe?

Stuxnet is a computer worm that can do as much damage as a bomb could in destroying an industrial plant or military installation. The Wikipedia entry about Stuxnet says it is the first discovered worm that spies on and reprograms industrial systems.

Stuxnet's capabilities are clear following its use to attack Iran's nuclear installations. The implications are considerable. Any enterprise that uses industrial control systems could be attacked by the worm, potentially causing as much damage as any sort of explosion.