Yesterday, news about a new trojan have spread. The trojan is called Duqu or, correctly, W32.Duqu. It appears to be based on Stuxnet code, thus it is targeted against industrial automation equipment. However, unlike Stuxnet the new Trojan isn't targeted to sabotage industrial control systems but steals data. So it is most likely just the precursor to the next Stuxnet-like type of attack. Duqu was, from what we know, targeted against selected organizations mainly in the area of software development for industry automation. It does some espionage there, collecting information which then might be used in the next attack wave. It appears that Duqu deletes itself after 36 days.
Interestingly, Stuxnet used digital certificates which had been "stolen" before. Duqu used other digital certificates which seem to have been directly generated in the name of other companies, bypassing the security of CAs. That relates well with current attacks on CAs, with DigiNotar being the most prominent victim (and now out of the business) and other indicators.
The server in India which has been used by Duqu to provide information back to its creators is now blacklisted by its ISP and thus no longer works. However, chances are that there are more instances of Duqu and Duqu-like trojans either out there or on their way.
Duju proves two assumptions:
- Industrial automation increasingly becomes a target of attackers - and Stuxnet was only the first of its type (which has been detected)
- Attacks are increasingly sophisticated - APTs aren't a fairytale, they are real
Some valuable information around that has been provided in a recent KuppingerCole webinar - have a look at the webcast.
Get access to the whole body of KC PLUS research including Leadership Compass documents for only €800 a year
Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.
AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]