Stuxnet reloaded - the war has just begun

Yesterday, news about a new trojan have spread. The trojan is called Duqu or, correctly, W32.Duqu. It appears to be based on Stuxnet code, thus it is targeted against industrial automation equipment. However, unlike Stuxnet the new Trojan isn't targeted to sabotage industrial control systems but steals data. So it is most likely just the precursor to the next Stuxnet-like type of attack. Duqu was, from what we know, targeted against selected organizations mainly in the area of software development for industry automation. It does some espionage there, collecting information which then might be used in the next attack wave. It appears that Duqu deletes itself after 36 days.

Interestingly, Stuxnet used digital certificates which had been "stolen" before. Duqu used other digital certificates which seem to have been directly generated in the name of other companies, bypassing the security of CAs. That relates well with current attacks on CAs, with DigiNotar being the most prominent victim (and now out of the business) and other indicators.

The server in India which has been used by Duqu to provide information back to its creators is now blacklisted by its ISP and thus no longer works. However, chances are that there are more instances of Duqu and Duqu-like trojans either out there or on their way.

Duju proves two assumptions:

  • Industrial automation increasingly becomes a target of attackers - and Stuxnet was only the first of its type (which has been detected)
  • Attacks are increasingly sophisticated - APTs aren't a fairytale, they are real
The consequence is that not only the business IT environments need adequate protection but industrial environments as well - they might even need better protection. And if feasible, technical isolation of these networks is a pretty good idea. No net, no (online) attack. Besides this, there is no reason to assume that you are safe against attacks, whichever precautions you take. Thus it is about being proactive at any stage - preventing attacks, identifying attacks, dealing with attacks.

Some valuable information around that has been provided in a recent KuppingerCole webinar - have a look at the webcast.


Discover KuppingerCole

KuppingerCole PLUS

Get access to the whole body of KC PLUS research including Leadership Compass documents for only €800 a year

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Stay Connected

Blog

Spotlight

AI for the Future of Your Business Learn more

AI for the Future of Your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]

Latest Insights

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00