DHS Warns on Existence of Variant of Stuxnet Code
A year after arrival of the Stuxnet worm in the cyberspace, officials at Department of Homeland Security (DHS) have warned against existence of clones of Stuxnet code with different iterations. Roberta Stempfley and Sean P. McGurk of DHS made this disclosure before a U.S subcommittee on Oversight and Investigations. Last year, the Stuxnet worm hit the headlines for targeting industrial installations and Iranian nuclear program by exploiting the vulnerabilities in Windows OS and Siemens software. The worm, which spread through USB memory sticks apparently, delayed the Iranian nuclear program by some years if not sabotaged the entire program.
According to DHS, the worm is capable of escaping detection by the security software, gaining unauthorized access, stealing proprietary information and making alterations. After the discovery of the Stuxnet code, the emergency response team for the industrial control systems analyzed the code and shared information with various critical industrial facilities, federal agencies and other stakeholders. The emergency response team also issued several advisories to safeguard industrial control systems. DHS has warned that cyber-attackers may capitalize the publicly available data on Stuxnet to develop more sophisticated variants that could target “broader installations of programmable equipment”.
Sophisticated threats such as Stuxnet worm require coordinated action between different federal agencies in the United States (U.S) such as DHS, Department of Defense (DoD), intelligence agencies and Department of Justice (DOJ). Again, effective coordination between different public and private players is crucial to combat the ever evolving threats in the cyber space and reduce instances of security breach. Private players include Internet service providers (ISP), defense contractors and operators of critical industrial facilities. Government bodies must also focus on improving cyber security awareness among employees through mandatory e-learning and online degree programs.
In the recent months, there have been series of cyber-attacks on key installations such as Oak Ridge National Laboratory (ORNL), Y2K National Security Complex, Pacific Northwest National Laboratory (PNNL) and defense contractors such as Lockheed Martin, Northrop Grumman and L-3 Communications Holdings. Cyber-attackers are also targeting police departments and military publications.
The frequent threats have resulted in increased demand for cyber security professionals qualified in masters of security science, IT degree programs, computer forensics and other security certifications.
DHS has said that the computer emergency response teams will continue to coordinate with critical industrial facilities to detect malicious code and devise appropriate incident response measures. Professionals may leverage online university degree programs and gain understanding of latest information security practices and incident management procedures.
Contact Press
EC-Council
Website: http://www.eccuni.us
Email: iclass@eccouncil.org
Tel: 505-341-3228
EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.
EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.
EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences.
Processing your request, Please wait....
