Crossroads Blog | CYBER SECURITY LAW AND POLICY

cyber attack, Cyber Exploitation, Stuxnet

Duqu Update

On November 13, 2011, Yossi Melman reported for Ha'aretz on how Iran came under attack by the Duqu virus.  The article cited the head of Iranian civil defense as saying "The elimination [process] was carried out and the organizations penetrated by the virus are under control … The cyber defense unit works day and night to combat cyberattacks and spy [computer] virus."  The same official added that Iranian companies have received software to combat Duqu. 

***

On November 11, 2011, Gregg Keizer wrote for ComputerWorld on how Kapersky Labs (the same lab that discovered Stuxnet) believes that those behind Duqu have been working on the virus for over four years.  Moreover, Kapersky Labs discovered that each Duqu attack was custom-tailored to the target.  This targeting indicates that those behind Duqu are "very professional, very polished."  The article noted that Kapersky Labs believes that the same people behind Stuxnet are also behind Duqu. 

. . .and at least one cybersecurity expert believes that the US and Israel are behind Stuxnet.

 ***

On November 3rd, Jim Finkle reported for Reuters on how Belgian officials shut down a server collecting data from computers infected with Duqu.  The article also noted that those behind Duqu are not necessarily the same people behind Stuxnet because "hackers could have reverse engineered the code for Stuxnet", creating Duqu.    

On November 7th, Jim Finkle again reported for Reuters on how Indian authorities shut down a server linked to Duqu.  That server was located in Mumbai.  Again, Duqu is significant because some experts believe that Duqu is collecting information for the development of a new cyberweapon that could target critical infrastructure.

Leave a Reply