Anonymous claims to have Stuxnet access

The “hacktivist” group Anonymous claims to have access to the sophisticated computer virus reportedly developed as a joint Israeli-US cyber attack against Iran’s nuclear facilities.

Anonymous says it has obtained details of the Stuxnet worm from the emails of HBGary, a US security company the loose hacker collective attacked earlier this month.

It is not yet clear whether Anonymous plans to deploy the computer virus, but last week the group signalled an intention to attack Iranian government websites in support of a planned green movement rally in Tehran.

However, security experts told the Guardian on Monday that even though Anonymous does have access to parts of Stuxnet, it does not control the crucial code enabling it to attack Iran’s Bushehr nuclear plant — an attack Russia’s Nato ambassador said could potentially trigger a “new Chernobyl”.

Orla Cox, a security operations manager at Symantec, the cyber security firm that has been researching Stuxnet since its discovery, said it was “very difficult to tell” how dangerous Anonymous’s copy of Stuxnet is.

“It would be possible [for Anonymous to use Stuxnet in an attack],” Cox said. “But it would require a lot of work, it’s certainly not trivial.

“The impressive thing about Stuxnet is the knowledge its creators had about their target. So even if you have got access to it you need to understand the target — that requires a lot of research.”

‘Difficult’to use in attack
Iran admitted its controversial nuclear programme had been delayed by Stuxnet last year, with reports later claiming that the worm was a joint US-Israeli project intent on knocking Tehran’s nuclear ambitions off course. No group has yet claimed responsibility for building Stuxnet. Experts told the Guardian last year that Stuxnet would have taken five to 10 people around six months to create and required large amounts of funding.

Computer viruses are largely uncharted territory for Anonymous, which has built its notoriety on crippling the websites of governments and multinational corporations, such as Visa and MasterCard, which it deems a threat to freedom of speech.

Late last month the Metropolitan police arrested and then released five people on bail, including three teenagers, it suspected of being involved in December attacks in support of WikiLeaks.

Snorre Fagerland, a senior threat researcher at the Norwegian internet security firm Norman, said it would be “very difficult” for Anonymous to use its version of Stuxnet in an attack. The hacker collective has obtained a “decompiled” version of the virus, rather than the critical source code which would enable an attack.

“The trouble with this [version of Stuxnet] is that you lose almost all context to its abilities,” Fagerland said. “The original source code would contain all the text information about why it’s built this way — that’s gold if you want to use it. If you decompile it you lose all of that.”

A new Symantec report released on Friday shows that Stuxnet was built to repeatedly infect five key industrial facilities in Iran over a 10-month period.

The worm, reportedly tested at Israel’s nuclear development centre at Dimona, worked by sending Iran’s centrifuges spinning out of control, while making it appear that everything was working as normal. – guardian.co.uk

Advertisting

Mabuza’s ‘distant relative’ scored big

Eskom’s woes are often because of boiler problems at its power plants. R50-billion has been set aside to fix them, but some of the contracts are going to questionable entities

ANC faction gunning for Gordhan

The ambush will take place at an NEC meeting about Eskom. But the real target is Cyril Ramaphosa

What the law could clarify this year

Lawfare: Major developments are on the cards where law and politics meet, including the first amendment to South Africa’s Bill of Rights

The secret ‘Warmonger’ at the SSA

A listening device acquired by the agency is at the centre of an alleged R600-million fraud operation
Advertising

Press Releases

New-style star accretion bursts dazzle astronomers

Associate Professor James O Chibueze and Dr SP van den Heever are part of an international team of astronomers studying the G358-MM1 high-mass protostar.

2020 risk outlook: Use GRC to build resilience

GRC activities can be used profitably to develop an integrated risk picture and response, says ContinuitySA.

MTN voted best mobile network

An independent report found MTN to be the best mobile network in SA in the fourth quarter of 2019.

Is your tertiary institution is accredited?

Rosebank College is an educational brand of The Independent Institute of Education, which is registered with the Department of Higher Education and Training.

Is your tertiary institution accredited?

Rosebank College is an educational brand of The Independent Institute of Education, which is registered with the Department of Higher Education and Training.

VUT chancellor, Dr Xolani Mkhwanazi, dies

The university conferred the degree of Doctor of Science Honoris Causa on Dr Xolani Mkhwanazi for his outstanding leadership contributions to maths and science education development.

Innovate4AMR now in second year

SA's Team pill-Alert aims to tackle antimicrobial resistance by implementing their strategic intervention that ensures patients comply with treatment.

Medical students present solution in Geneva

Kapil Narain and Mohamed Hoosen Suleman were selected to present their strategic intervention to tackle antimicrobial resistance to an international panel of experts.