As The Worm Turns: Cybersecurity Expert Tracks Blowback From Stuxnet | WAMU 88.5 - American University Radio

NPR : News

As The Worm Turns: Cybersecurity Expert Tracks Blowback From Stuxnet

The CIA has a term called "blowback" to describe when an operation against the enemy has unintended negative consequences for the U.S. or its allies. In the age of cyberwarfare, blowback seems to be a paramount concern.

Take Stuxnet, the worm directed against Iran in 2010 that ended up infecting computers around the world – including in the United States. We learned today in The New York Times what had long been suspected: that Stuxnet, which caused Iranian uranium enrichment centrifuges to grind to a halt, was made in the USA.

(Earlier this week, we also learned of another Iran-specific piece of malware dubbed Flame.)

Eric Byres, a leading cybersecurity expert, was part of a team at Tofino Security that spent months on Stuxnet "taking that puppy apart," he says.

Byres says Stuxnet's creator took several swipes at Iran's nuclear facilities before hitting paydirt, but each tweak also made the worm more likely to break out and cause collateral damage in untargeted networks.

"One was so virulent that it got out of the box," he says.

There are some safeguards that might have prevented Stuxnet's escape, Byres says.

"You can bet that whoever created this is trying to figure out how to keep it from happening again," he says, adding, "In hindsight, I would do things like check the character set and the time zone of the infected computer. Things that would indicate whether you're in an Iranian computer or not. For example, the code could ask itself whether that's a Farsi keyboard or not and self-destruct if it isn't."

There's no evidence that Iran intentionally unleashed Stuxnet back on the U.S., although that seems like only a matter of time. Every time a cyberattack is launched, you risk handing ammunition to the enemy, he says.

"This is an arms race. It's like the first guy to throw a bronze spear. He might have won, but if his enemies survived and pulled it out of the ground, the first thing they'd say is, 'We've got to make one like this.' That's what's happening here."

Copyright 2012 National Public Radio. To see more, visit http://www.npr.org/.

NPR

In Tom Hanks' iPad App, Typewriters Make Triumphant Return (Ding!)

For iPad users who are nostalgic for the clickety-clack of keystrokes and "ding!" of the carriage return, Hanks has created Hanx Writer, an app that simulates using a typewriter.
NPR

New U.S. Rules Protect Giant Bluefin Tuna

To reduce the number of giant bluefin tuna killed by fishing fleets, the U.S. is putting out new rules about commercial fishing in the Gulf of Mexico and parts of the western Atlantic.
NPR

Should Local Police Get The Military's Extra Armored Trucks?

The Pentagon has been transferring mine-resistant, ambush-protected vehicles to local police. Built to protect U.S. forces from roadside bomb blasts at war, these huge vehicles aren't always welcome.
NPR

In Tom Hanks' iPad App, Typewriters Make Triumphant Return (Ding!)

For iPad users who are nostalgic for the clickety-clack of keystrokes and "ding!" of the carriage return, Hanks has created Hanx Writer, an app that simulates using a typewriter.

Leave a Comment

Help keep the conversation civil. Please refer to our Terms of Use and Code of Conduct before posting your comments.