We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

How to survive the next Stuxnet

Protect critical infrastructure from viruses

Stuxnet is one of the most complex malware threats observed to date. Here's how to protect critical infrastructure from the next Stuxnet to come along.

Capitalise on effective data loss prevention solutions
Data loss prevention technology specialises in finding and preventing internal data spill events. It is not yet widely understood, but many data breach events are the result of internal data spills left unintentionally by well-meaning insiders. Not using data loss prevention technology to identify these spill events, clean them up and encrypt the content, simply makes the job of an attacker that much easier.

In the case of Stuxnet, to target specific organisations the attackers needed sensitive data describing the systems the targeted organisations were running and their configurations. By preventing attackers from acquiring this detail, a similar attack in the future is much less likely to be successful.

Where able, employ automated compliance monitoring to root out default password use
Some industrial control system manufacturers insist that their systems - no matter where they are deployed - use default password setups. This may be for legitimate reasons, but Stuxnet highlighted the obvious weakness in such a strategy. Because Stuxnet targeted a specific industrial control system, one in which the default passwords were public knowledge and easily attained. In environments where default password use is not necessary - a situation that will hopefully increase - automated compliance monitoring can assert detection and control over default password setups, ensuring default passwords are not used. It also identifies failed password guess attempts.

Stuxnet was of such great complexity and required such significant resources to develop that few attackers will be capable of producing a similar threat in the near future. Thus, we do not expect masses of threats of similar sophistication to suddenly appear. However, the real-world dangers of Stuxnet-like threats are obvious.

The threat highlighted that attack attempts on critical infrastructure facilities are not just theoretical, but entirely possible and more are likely. We implore all organisations to implement defences to ward off such attacks; this is more than a suggestion, it is the only responsible thing to do.

Francis deSouza is senior vice-president of the Enterprise Security Group at Symantec.

  1. Best practices help erect a defence barrier
  2. More best practices
  3. Capitalise on effective data loss prevention solutions
IDG UK Sites

Acer Aspire R11 review: Hands-on with the 360 laptop and tablet convertible

IDG UK Sites

Apple Watch release day: Twitter reacts

IDG UK Sites

See how Framestore created a shape-shifting, oil and metal based creature for Shell

IDG UK Sites

Apple Watch buying guide, price list & where to buy today: Which Apple Watch model, size, material,?......