Rethinking Stuxnet | threatpost

Rethinking Stuxnet | threatpost.

What the sophistication of Stuxnet shows is a level of professionalism and seriousness that normally is attributed to governments and their intelligence agencies. They have the motive, the means and the opportunity to create a piece of malware of the magnitude of Stuxnet and pinning this on the government of Israel is perhaps a logical conclusion, given some of the evidence. There’s a hidden reference in the worm’s code to a date on which an Iranian Jew was executed, as well as some vague Biblical connections. Iran and Israel have a hostile, complicated history, and Israel also is thought to have elite offensive information security capabilities. And Iran had a huge number of Stuxnet infections, including at its Bushehr nuclear plant, which Israel presumably has a vested interest in damaging. Add that all together and you get a seemingly solid case for Israel having unleashed Stuxnet on Iran.

However:

There are no clear benefits that would accrue to Stuxnet’s creators if they made it easy for people to identify them. In fact, there are some major deterrents, including possible retaliation from the target.

In other words, if the Israelis were smart enough to build Stuxnet, why would they be so stupid as to leave clues that lead directly back to them?

Going forward I am going to avoid any posts tied to politics.

About Bill Frank

Principal at Cymbel. 25+ years in IT. Specialist in information security since 1999, helping organizations mitigate the risks of modern malware. @riskpundit http://www.linkedin.com/in/riskpundit

Speak Your Mind

*