By Robert McMillan
IDG News Service
July 23, 2010
Computers in Iran have been hardest hit by a dangerous computer worm
that tries to steal information from industrial control systems.
According to data compiled by Symantec, nearly 60 percent of all systems
infected by the worm are located in Iran. Indonesia and India have also
been hard-hit by the malicious software, known as Stuxnet.
Looking at the dates on digital signatures generated by the worm, the
malicious software may have been in circulation since as long ago as
January, said Elias Levy, senior technical director with Symantec
Stuxnet was discovered last month by VirusBlokAda, a Belarus-based
antivirus company that said it found the software on a system belonging
to an Iranian customer. The worm seeks out Siemens SCADA (supervisory
control and data acquisition) management systems, used in large
manufacturing and utility plants, and tries to upload industrial secrets
to the Internet.
Symantec isn't sure why Iran and the other countries are reporting so
many infections. "The most we can say is whoever developed these
particular threats was targeting companies in those geographic areas,"
Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada
July 24-29th, offering over 60 training sessions and 11 tracks of Briefings
from security industry elite. To sign up visit http://www.blackhat.com