ITsecurity
twitter facebook rss

Stuxnet: Sprinting for the Finnish

Posted by on November 20, 2015.

Conficker is still appearing in unexpected places and the word Stuxnet pops up whenever threats to infrastructure are discussed (even in technically impoverished TV dramas). It seems that old malware never really dies: it just gets re-blogged on anniversaries.

Still, I was amused to see the revival of a five-year-old tweet by Mikko Hypponen noting my ‘hilarious conspiracy theory’ that Finland was Stuxnet’s target, rather than Iran.

mikko tweet

That mischievous conspiracy theory was actually based on a Dutch article which summarized an article by Symantec’s Eric Chien. It made the observation that ‘The Stuxnet worm may be designed to sabotage the enrichment process of uranium.’

Security researchers tend to see a lot of grim stuff and we have to find our amusement where we can, so I was amused to note that Eric had also said:

…we can now confirm that Stuxnet requires the industrial control system to have frequency converter drives from at least one of two specific vendors, one headquartered in Finland and the other in Tehran, Iran.

So I suggested that, given some of the wilder theories that abounded at that time about the origin of the attack:

I wouldn’t be surprised, given some of the wilder speculation that we’ve seen, if someone noticed that Finland’s Radiation and Nuclear Safety Authority has the acronym STUK and tried to suggest a connection with the most commonly used name for the malware. 😉

It might have been more appropriate to wait for April Fools Day to post it, I suppose, but that seemed a long way off in November 2010. And I didn’t expect my little exercise in satire to pop up again five years later.

I can’t wait to see what other retrospective stories Mikko comes up with, even though (or especially as) I’m unlikely to get a mention in them. 🙂

David Harley  

Leave a Reply

Your email address will not be published. Required fields are marked *

Submitted in: David Harley | Tags: , , ,