Unstoppable Stuxnet worm not the work of lone hacker

Stuxnet, the seemingly unstoppable Windows operating system worm, slithered into the spotlight on Capit0l Hill.

Testifying at a hearing held this morning by the Senate Committee on Homeland and Security Affairs, Dean Turner, director of Symantec's Global Intelligence Network for Symantec Security Response, called Stuxnet "one of the most complex threats we have analyzed to date."

Stuxnet underscores the fact that "direct-attacks to control critical infrastructure are possible and not necessarily spy novel fictions," Turner testified. "The real-world implications of Stuxnet are beyond any threat we have seen in the past."

Stuxnet was initially discovered last June at the Bushehr power plant, Iran's controversial nuclear power facility. It has also been found crawling through unpatched Windows systems in China, Indonesia, India, the United States, and elsewhere. More than 100,000 computers have been infected, according to testimony at the hearing.

The worm is programmed to infiltrate Industrial Control Systems, computer-driven machinery widely used in manufacturing, pharmaceutical factories, water-treatment facilities, power stations and chemical plants. Stuxnet has the potential to overwrite commands and thus sabotage the infected systems.

Susan M. Collins, Republican Senator from Maine, observed that the complexity of Stuxnet is "something no lone hacker could achieve."

Collins is co-sponsoring a bipartisan bill intended to strengthen cyber defenses across the federal government and private sector. The proposed legislation is not expected to make any progress during the current lame duck session of Congress. It is one of several cybersecurity bills that will get hashed over by the next Congress.

One tantalizingly distinctive function Stuxnet performs is that it sets an infection marker with the value "19790509,″ according to this FAQ compiled by security firm F-Secure. Those numbers correspond to a specific date, May, 9 1979. On that day, Jewish-Iranian businessman, Habib Elghanian , was executed in Iran for allegedly spying for Israel, F-Secure points out.

By Byron Acohido