A destructive Internet worm could be potent cyber weapon

By William Maclean
Sunday, December 19, 2010

LONDON - Al-Qaeda scares airlines with parcel bombs worth $4,000. War with the Taliban costs the West billions of dollars a week. North Korea shells disputed land, winning instant fresh attention in a standoff with major powers.

Weaker combatants have always used unconventional or inexpensive means to defy stronger foes, including guerrilla warfare and suicide attacks that depend on a greater willingness to sacrifice life.

This approach can be decisive. Of all "asymmetric" wars since 1800 in which one side had far more armed power than the other, the weaker side won in 28 percent of cases, according to a 2001 study by U.S. political scientist Ivan Arreguin-Toft.

The ratio may now be set to shift further in favor of the underdog.

The revelation this year of a novel way to use computers to sabotage an enemy's lifeline infrastructure suggests that a powerful new kind of weapon is moving within reach of weak states, militant groups and criminals, some analysts say.

That weapon is likely to be a variant of Stuxnet, a highly destructive Internet worm discovered in June by a Belarus company and described by Kaspersky Lab, an international security company, as "a fearsome prototype of a cyber-weapon," analysts say.

German industrial control systems expert Ralph Langner wrote in a blog that "Stuxnet is like the arrival of an F-35 fighter jet on a World War I battlefield."

Whoever created the bug, believed by many to have targeted an Iranian uranium-enrichment facility, the job probably required many man-hours of work and millions of dollars in investment.

But now that its code has been publicly analyzed, hackers will need only a few months to develop a version of the customized malware for black market sale, some experts say.

Ali Jahangiri, an information security expert who tracks Trojan codes, harmful pieces of software that look legitimate, describes that prospect as "a great danger."

"The professional Trojan codemakers have got the idea from Stuxnet that they could make something similar which can be used by governments, criminals or terrorists," he told Reuters.

'Running out of time'

Stuxnet's menace is that it reprograms a control system used in many industrial facilities to inflict physical damage.

CONTINUED     1        >

© 2010 The Washington Post Company