I work in
Information systems. Recently a handful of employees received an email that
contained malware. Within a very short
time many of our computers were infected.
I was part of the response team.
We use symantec but in this case it did not pick up this virus and
remove the threat. Our team was able to
run another piece of software to remove
the virus because it was just an ordinary virus, nothing as sophisticated as
Stuxnet.
This story all started in 2009 at a Uranium Enrichment plant outside Natanz in central Iran. At this facility there were about 8,700 centrifuges that would spin at supersonic rates to enrich uranium hexafluoride. The centrifuges were delicate and breakage was expected at the rate of about 10% over a year. Inspectors were in and out of this plant and they soon began to notice that the centrifuges were breaking at a much higher rate. The conservative estimate was 900- 1000 but it was possible that it was way over that number.
Sergey Ulasen worked for a very small security firm in Belarus as the head of the anti virus division. His division was methodically working their way through suspicious files they had just found on a computer from Iran. At first they thought it was your every day run of the mill computer hacker virus but it turned out to be way more. They were looking at a zero day exploit, a term that was new to me and perhaps to some of you. An exploit is attack code that hackers use to install viruses and other malicious tools onto your computer. When you do a windows update often the updates contains code to combat known malicious virus code. When it is a zero day exploit there is no known fix yet. Hackers use them to attack holes that are still unknown to the software makers and the antivirus vendors like Symantac,AVG, and Microsoft just to name a few. These zero day exploits are very very dangerous to the integrity of the data found on the infected machines.
Stuxnet was the name given to this virus and it was soon discovered that this virus was different than other known virus or worm. Instead of just infecting the particular computer where it was installed, it was programed to cause physical destruction on the nuclear facility.
I was completely engrossed in how the virus installed itself and how it worked. The author did a great job relating the story of the planning, conception and execution of the virus and how it was discovered, I will not give away any of those secrets. You will have to read the book yourself. I really found the book fascinating and scary and when I say scary I don't mean a little bit scary.
I am scared and awed by the individuals who write the code that creates such havoc in the tech world but really I am even more impressed and gratified with those who identify and combat these hackers. It is scary to know what a strong weapon these viruses have become and what a threat they are to all of us. We are now so dependent on computers and satellites for almost everything.
If you are in the IT world or even if you aren't Countdown to Zero Day is a book to put on your reading list.
This story all started in 2009 at a Uranium Enrichment plant outside Natanz in central Iran. At this facility there were about 8,700 centrifuges that would spin at supersonic rates to enrich uranium hexafluoride. The centrifuges were delicate and breakage was expected at the rate of about 10% over a year. Inspectors were in and out of this plant and they soon began to notice that the centrifuges were breaking at a much higher rate. The conservative estimate was 900- 1000 but it was possible that it was way over that number.
Sergey Ulasen worked for a very small security firm in Belarus as the head of the anti virus division. His division was methodically working their way through suspicious files they had just found on a computer from Iran. At first they thought it was your every day run of the mill computer hacker virus but it turned out to be way more. They were looking at a zero day exploit, a term that was new to me and perhaps to some of you. An exploit is attack code that hackers use to install viruses and other malicious tools onto your computer. When you do a windows update often the updates contains code to combat known malicious virus code. When it is a zero day exploit there is no known fix yet. Hackers use them to attack holes that are still unknown to the software makers and the antivirus vendors like Symantac,AVG, and Microsoft just to name a few. These zero day exploits are very very dangerous to the integrity of the data found on the infected machines.
Stuxnet was the name given to this virus and it was soon discovered that this virus was different than other known virus or worm. Instead of just infecting the particular computer where it was installed, it was programed to cause physical destruction on the nuclear facility.
I was completely engrossed in how the virus installed itself and how it worked. The author did a great job relating the story of the planning, conception and execution of the virus and how it was discovered, I will not give away any of those secrets. You will have to read the book yourself. I really found the book fascinating and scary and when I say scary I don't mean a little bit scary.
I am scared and awed by the individuals who write the code that creates such havoc in the tech world but really I am even more impressed and gratified with those who identify and combat these hackers. It is scary to know what a strong weapon these viruses have become and what a threat they are to all of us. We are now so dependent on computers and satellites for almost everything.
If you are in the IT world or even if you aren't Countdown to Zero Day is a book to put on your reading list.
No comments:
Post a Comment