Story

New cybervirus found in Japan: Stuxnet designed to attack off-line servers via USB memory sticks

Stuxnet, a computer virus designed to attack servers isolated from the Internet, such as at power plants, has been confirmed on 63 personal computers in Japan since July, according to major security firm Symantec Corp.

The virus does not cause any damage online, but once it enters an industrial system, it can send a certain program out of control.

Symantec says the virus reaches the servers via USB memory sticks, and warns against the careless use of such devices.

Systems at power plants, gas stations and water facilities are not connected to the Internet to protect them from cyber-attacks.

A Symantec engineer who has analyzed the virus said it was made using advanced technology, and it is highly likely a well-funded organization, not an individual, produced it. The virus has spread throughout the globe via the Internet.

After Stuxnet finds its way onto an ordinary computer via the Internet, it hides there, waiting for a USB memory stick to be connected to the computer, when it transfers itself to the memory stick. When the USB device is then connected to a computer linked to an isolated server, it can enter the system and take control of it.

As computers that harbor Stuxnet do not operate strangely, the virus can be transferred to a memory stick inadvertently.

According to the security company, the virus is designed to target a German-made program often used in systems managing water, gas and oil pipelines. The program is used at public utilities around the world, including in Japan.

The virus could cause such systems to act erratically, and it could take months to restore them to normal.

The 63 infected computers found in Japan were likely infected sometime after June.

Article is from: (Oct. 5, 2010)

According to the company, about 60 percent of the computers that have been infected with the virus were discovered in Iran. Since September, about 30,000 computers there have been found to be infected with the virus. The country's Industry and Mines Ministry has called the virus an electronic act of war.

Some computers at the Iranian Bushehr nuclear power plant, which is scheduled to begin operation in October, have been infected with the virus.

A supervisor at the plant said the virus has not damaged the facility's main computer system and would not affect its planned opening.

In Japan, no public utilities have been affected by the virus. Nevertheless, the Cabinet Office's National Information Security Center has urged electric power companies to exercise extreme care when using USB devices, and to scan any programs that may have been tampered with.