Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo

 

Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

A newly discovered piece of malicious code dubbed Duqu is closely related to the notorious Stuxnet worm that damaged Iran’s nuclear-enrichment centrifuges last year. Although it has no known target or author, it sets the stage for more industrial and cyberwar attacks, experts say.

“This is definitely a troubling development on a number of levels,” says Ronald Deibert, director of Citizen Lab, an Internet think-tank at the University of Toronto who leads research on cyberwarfare, censorship, and espionage. “In the context of the militarization of cyberspace, policymakers around the world should be concerned.”

Indeed, the spread of such code could be destabilizing. The Pentagon’s cyberwar strategy, for example, makes clear that computer attacks on industrial and civilian infrastructure like chemical factories or power grids as well as military networks could be regarded as equivalent to a conventional bombing or other attack, if civilians were endangered.

Duqu was described Tuesday by the security firm Symantec, which says the malware’s purpose appears to be gathering intelligence from computerized industrial control systems. It doesn’t do damage, but rather spies on them to gather information relevant to making future attacks.

Symantec researchers wrote that Duqu has circulated for 10 months and is “essentially the precursor to a future Stuxnet-like attack,” but with the target unknown. The code can monitor messages and processes, and look for information including the design of so-called SCADA systems (for “supervisory control and data acquisition”). These are computer systems that are used at industrial plants and power plants to control things like pumps, valves, and other machinery.

The code was originally discovered at a handful of unnamed sites in Europe by an undisclosed research team and given to Symantec for analysis on October 14, the company says.

The Stuxnet worm was highly specific to the Iran’s Natanz facility, where uranium enrichment is conducted in hardened underground bunkers. Iran maintains that Natanz is an entirely peaceful effort to make fuel for nuclear power plants, but some observers fear it may also serve as a bomb-making program.

1 comment. Share your thoughts »

Credit: DigitalGlobe

Tagged: Computing, Web, malware, virus, Iran, espionage, cyberwar

Reprints and Permissions | Send feedback to the editor

From the Archives

Close

Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me