New Stuxnet Variant Hits Iran

437

News broke that a malware similar in nature to Stuxnet but more aggressive and sophisticated allegedly hit the infrastructure and strategic networks in Iran.

According to Bleeping Computer, Iranian infrastructure and strategic networks have come under attack in the last few days by a computer virus similar to Stuxnet but “more violent, more advanced and more sophisticated,” and Israeli officials are refusing to discuss what role, if any, they may have had in the operation, an Israeli TV report said Wednesday.

Andrea Carcano, CPO and Co-founder at Nozomi Networks:

“Nearly a decade ago, Stuxnet was able to leverage both known and previously unknown vulnerabilities to install, infect and propagate an air gapped nuclear facility, and was stealthy enough to evade best-practice security technologies and procedures. It’s not surprising to see evidence that these types of malware are growing in aggression and sophistication. We’ve seen the same with TRITON and GreyEnergy. In addition, some advanced ICS malware frameworks, including Stuxnet and TRITON, are publicly available on the Internet, which dangerously increases the chances of a copycat attack against industrial systems.

“At the same, it’s important to remember that as these types of threats have matured, so have the defences against them. To improve detection, ICS operators are now able to gain deep visibility into the network by applying technologies that are able to monitor network traffic to detect anomalies or suspicious activities. New technologies, such as passive monitoring of industrial control networks using artificial intelligence and machine learning, are now helping operators quickly detect advanced persistent threats and mitigate them, before they cause harm.”

In this article