Cyber security firm Symantec released its quarterly report yesterday, revealing that targeted attacks to steal company data have increased. The report specifically focuses on the Hydraq Trojan and the Stuxnet worm, and the damage they caused and concern for future attacks involving each.
“Past targeted attacks…are important because they demonstrate that there are vulnerabilities in critical infrastructure sectors – specifically, in the power and energy sectors. The Stuxnet attacks were the first ones that specifically targeted ICS (industrial control systems). This is significant because it is an actual event of what was formerly just a plausible scenario.”
In an interview with CNET, Symantec executive Ralph Langer says the targeted attacks using the Stuxnet virus were always intended “to destroy [Iran’s] centrifuges but also to lower the output of enriched uranium.” The security firm notes that these types of targeted attacks can easily be tied back to politics and government-led operations. The hardest hit facility was the Natanz nuclear plant in Iran, Langer says. The company also revealed earlier this year that of the more than 100,000 targeted organizations, 60 percent were Iranian. Additionally, 12,000 of the viruses were targeting only five hosts, industrial organizations located in the country.
And as news that the Stuxnet virus was intended to take down Iranian nuclear facilities surfaces, The Telegraph is reporting that Israel is inching towards claiming responsibility as the source. Israel has been a suspect, but according to the report, a video celebrating the military success of lieutenant general Gabi Ashkenazi’s features direct reference to his involvement with the Stuxnet worm. The video means the IDF may have unwittingly tied itself closer to Stuxnet.
Aside to being increasingly careful with sensitive information, Symantec advises companies and organizations wary of attacks to limit Internet use. The report mentions energy and power industries are of particular concern. This warning comes shortly after a report from McAfee revealed that Chinese hackers may have launched cyberattacks targeting US energy firms last year.