Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo

 

Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

Four and a half million PCs, many of them in the U.S., are infected with what security researchers at internet security specialists Kaspersky Lab describe as an “indestructible” form of malware. They are doing everything from taking down websites with Ddos attacks to acting as a conduit for up to 30 other pieces of malware.

This malware, known as TDL4, deploys a number of clever tricks to guarantee its own survival, including one borrowed straight from the world’s most sophisticated cyberweapon, Stuxnet.

Stuxnet was almost certainly a joint U.S. / Israeli creation aimed at damaging the Iranian nuclear weapons program, which it did, by destroying a thousand centrifuges used for uranium enrichment.

The thing about computer viruses is that in one important respect they are exactly like their biological equivalents: through lateral gene transfer (or coders copying one another’s best ideas) enhancements to viruses’ tenacity or lethality can rapidly spread through a population of infectious agents.

And so it is with Stuxnet – one of the vulnerabilities that it exploits was previously unknown. Then those exploits went public and – surprise! – now one of them is in TDL4. Of course, once the vulnerability was known, Microsoft has a chance to patch it; plenty of machines remain un-updated, however, allowing TDL4 to exploit this vulnerability.

The thing about cyberweapons is that, unlike, say, the atom bomb, which has taken decades to propagate across the globe, as soon as a piece of malware is uncovered, its code can be deconstructed and the community of of black-hat hackers who would use it for their own purposes can immediately absorb its lessons.

In this way, cyberweapons lend themselves to a unique kind of ultra-rapid proliferation. Once the genie is out of the bottle, everyone who isn’t up to date with the latest patches is vulnerable.

5 comments. Share your thoughts »

Tagged: Web

Reprints and Permissions | Send feedback to the editor

From the Archives

Close

Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me