The Langner Group, based in Germany, has published the most detailed report yet on the Stuxnet malware that was used to sabotage Iran's uranium enrichment efforts. [more inside]
“On the one hand the government is freaking out about cyber-security, and on the other the U.S. is participating in a global market in vulnerabilities and pushing up the prices,” says Soghoian, who says he has spoken with people involved in the trade and that prices range from the thousands to the hundreds of thousands. Even civilian law-enforcement agencies pay for zero-days, Soghoian says, in order to sneak spy software onto suspects’ computers or mobile phones.
An advanced and well-orchestrated computer spy operation that targeted diplomats, governments and research institutions for at least five years has been uncovered by security researchers in Russia.
The highly targeted campaign, which focuses primarily on victims in Eastern Europe and Central Asia based on existing data, is still live, harvesting documents and data from computers, smartphones and removable storage devices, such as USB sticks, according to Kaspersky Lab, the Moscow-based antivirus firm that uncovered the campaign. Kaspersky has dubbed the operation “Red October.”[more inside]
A year after the infrastructure-attacking Stuxnet worm was discovered in Iran, a new piece of malware using some of the same techniques (but apparently with different goals) has been found infecting systems in Europe. The new malware, dubbed “Duqu” [dü-kyü], appears to have been written by someone with direct access to the Stuxnet source code.
In-depth pieces in Vanity Fair and Wired detail the structure and impact of the Stuxnet worm, and what it means for the future of cybersecurity. (Previously)
Wikileaks may have been the big news, but there were numerous other data breaches in 2010. [more inside]
In June 2010, a bit of malware of unprecedented ability was discovered by a Belarussian security firm. Stuxnet had remained undetected for over a year. Security researchers have gradually learned more about this worm, which has led to much speculation about its origins and purposes. Though questions remain, it is clear that it is extremely advanced, and that it was designed to find a very specific hardware/software system and disrupt the operation of centrifuges, causing some to assert that it was built to sabotage Iran's nuclear facilities. Recently, Iran confirmed that its nuclear facilities had been seriously affected by Stuxnet. Some experts say that a worm of this level of sophistication could only have been designed by a nation-state. Previously.