Symantec Warns Of New Stuxnet Worm: Duqu
posted by Paul Fiddian | 20.10.2011
A warning's been issued by Symantec concerning a new computer virus strongly related to the infamous Stuxnet worm.
Stuxnet, identified in mid-2010, was apparently manufactured to observe and interfere with Iran's alleged nuclear weapons development programme. Information's not yet been published on who actually created Stuxnet but both the US and the Israeli governments have been blamed by some sources.
Now, it seems there's a Stuxnet follow-up in the shape of Duqu - so named because the files it creates all begin with the letters ‘D' and ‘Q'. However Duqu, while similarly structured, isn't intended to carry out the same role as Stuxnet.
Duqu Worm Warning
"The threat was written by the same authors (or those that have access to the Stuxnet source code) and appears to have been created since the last Stuxnet file was recovered", Symantec explained, in a statement published online covering the Duqu worm warning.
It continued: "Duqu's purpose is to gather intelligence data and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party. The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility."
New Stuxnet Worm
The new Stuxnet worm warning, says Symantec, was raised by a "research lab with strong international connections." This warning emerged on 14 October and, while Symantec hasn't fully detailed its intended targets, they're reported to be "specific assets" owned by "a limited number of organizations".
The majority of Stuxnet infections were found in Iran - supporting ideas that the worm was created to try and take out the country's nuclear facilities. According to experts, it was arranged so it would disturb the motion of the centrifuges used to enrich uranium.
Iran has frequently denied that its uranium enrichment programme, creating material that could be used in the production of nuclear weapons, is 100 per cent peaceful in motive. It has confessed, though, that damaged was suffered by its centrifuges around the same time that Stuxnet was active, without making a definitive link between the two.
The advent of Stuxnet prompted governments to put more robust critical systems security strategies in place. Security Technology will provide further coverage of the Duqu malware in future News Items.