Skip to main content
  1. Home
  2. Computing
  3. News

Symantec releases new report on Stuxnet, warns energy sector to beware

By

stuxnetCyber security firm Symantec released its quarterly report yesterday, revealing that targeted attacks to steal company data have increased. The report specifically focuses on the Hydraq Trojan and the Stuxnet worm, and the damage they caused and concern for future attacks involving each.

“Past targeted attacks…are important because they demonstrate that there are vulnerabilities in critical infrastructure sectors – specifically, in the power and energy sectors. The Stuxnet attacks were the first ones that specifically targeted ICS (industrial control systems). This is significant because it is an actual event of what was formerly just a plausible scenario.”

In an interview with CNET, Symantec executive Ralph Langer says the targeted attacks using the Stuxnet virus were always intended “to destroy [Iran’s] centrifuges but also to lower the output of enriched uranium.” The security firm notes that these types of targeted attacks can easily be tied back to politics and government-led operations. The hardest hit facility was the Natanz nuclear plant in Iran, Langer says. The company also revealed earlier this year that of the more than 100,000 targeted organizations, 60 percent were Iranian. Additionally, 12,000 of the viruses were targeting only five hosts, industrial organizations located in the country.

And as news that the Stuxnet virus was intended to take down Iranian nuclear facilities surfaces, The Telegraph is reporting that Israel is inching towards claiming responsibility as the source. Israel has been a suspect, but according to the report, a video celebrating the military success of lieutenant general Gabi Ashkenazi’s features direct reference to his involvement with the Stuxnet worm. The video means the IDF may have unwittingly tied  itself closer to Stuxnet.

Aside to being increasingly careful with sensitive information, Symantec advises companies and organizations wary of attacks to limit Internet use. The report mentions energy and power industries are of particular concern. This warning comes shortly after a report from McAfee revealed that Chinese hackers may have launched cyberattacks targeting US energy firms last year.

Topics
Molly McHugh
Molly McHugh
Former Digital Trends Contributor
Before coming to Digital Trends, Molly worked as a freelance writer, occasional photographer, and general technical lackey…
A dangerous new jailbreak for AI chatbots was just discovered
the side of a Microsoft building

Microsoft has released more details about a troubling new generative AI jailbreak technique it has discovered, called "Skeleton Key." Using this prompt injection method, malicious users can effectively bypass a chatbot's safety guardrails, the security features that keeps ChatGPT from going full Taye.

Skeleton Key is an example of a prompt injection or prompt engineering attack. It's a multi-turn strategy designed to essentially convince an AI model to ignore its ingrained safety guardrails, "[causing] the system to violate its operators’ policies, make decisions unduly influenced by a user, or execute malicious instructions," Mark Russinovich, CTO of Microsoft Azure, wrote in the announcement.

Read more