Dubai: A highly sophisticated, malicious computer virus that attacked Iran's nuclear enrichment centrifuges last year could threaten other industrial and business complexes around the world including the Middle East, suggest computer-security experts.
Mystery virus Stuxnet is worrisome not only for its ability to infiltrate complex controller systems but also for its potential to encourage next-generation virus threats built on the foundations of the new super bug.
Serious delays
Industrial complexes in oil, energy and public utilities sectors are vulnerable because they rely on computer controllers to run a phalanx of machines and technical operations.
Once hit with a Stuxnet-like virus, serious delays in detecting and purging an entire industrial system of the infection could cause serious disruptions.
Dimitrios Petropoulos, managing director, ENCODE Middle East, said the danger lies not only within being hit by the Stuxnet virus but also by a possible emulated copy-cat version in future by sophisticated cyber criminals.
"If someone can write something like this once, they can do it twice," said Petropoulos from offices in Dubai Internet City. "They were definitely targeting industrial installations. With the pervasiveness of our information systems, I don't know why this comes as a surprise. It was just a matter of time before someone developed this."
What is different about Stuxnet is that the virus, according to a New York Times report, infiltrated a highly secure nuclear enrichment plant's controller system apparently through a USB stick and once inside laid dormant while quietly monitoring routine operations.
After learning the daily operation cycles, it mimicked normal progress reports to trick plant engineers and supervisors into believing all was well as the virus went to work damaging electric motors.
Iranian President Mahmoud Ahmadinejad confirmed in late November the enrichment programme's physical plant had been compromised and that unknown virus creators had "succeeded in creating problems for a limited number of our centrifuges with the software they had installed in electronic parts."
Prevention
"Prevention is not enough, it's just a matter of time before an attack manifests itself. It's important to also have detective and corrective technology in place so that once it happens, you can detect, isolate and eradicate the virus so that the installation can go back to normal operations," Petropoulos told Gulf News.
Dale Zabriskie, principal technologist with Symantec Corporation, said a review by his company so far suggests that Stuxnet may be one of the more advanced viruses to date.
"We estimate it took five to ten people six months to produce Stuxnet," Zabriskie said in an interview while visiting Dubai from his London-based offices.
Zabriskie also believes there will be copycat versions of the Stuxnet software.
In the Middle East, virus attacks in general by less complex viruses are being largely focused on Egypt, Saudi Arabia and the UAE, paving the way for more diligent efforts by industrial and business complexes to stay secure, he said.
Zabriskie said the key to security remains within the people of an organisation.
Corporations need to know where essential information is located within a system, which employee is accessing it and how to properly enforce policy and protection to keep danger at bay.
Neil Batstone, a business development manager for Verizon based in Dubai, said companies must be more vigilant than ever to protect controller systems from infection.
"Companies can mitigate and protect themselves by undergoing regular security assessments while ensuring they have a diligent and structured patching regime," Batstone told Gulf News.
