Sometimes the ‘Good Guys’ Use Malware, Too

This is the first confirmation that the Stuxnet virus completely shut down some nuclear enrichment in Iran.

According to some reports, Stuxnet is a piece of malware targeted for ‘SCADA’ software – or control systems software used in power plants, utilities, factories, and in this case nuclear plants. Both the targeting of SCADA and state sponsorship of Stuxnet are rumored – not confirmed.  

Note how the malware got in there: “installed in electronic parts”, or embedded in firmware. I guess they didn’t have a Trusted Manufacturing flow.

UPDATE: An article just came out right after I posted this, from SC Magazine, highlighting a survey on Supply Chain Security and using the Stuxnet infection of Iranian facilities as an example.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s