(LiveHacking.Com) – It was this time last year that the world first heard about Stuxnet, the computer worm that launched the first successful cyberattack on infrastructure facilities – namely Iran’s nuclear programme. In a US House of Representatives committee hearing, Roberta Stempfley and Sean P. McGurk from the DHS’s Office of Cyber Security and Communications revealed that the US Government is concerned that cyber-terrorists could use variants of Stuxnet to attack other installations that use programmable control systems.
Their comments echo testimony given in March of this year to a Homeland Security House Subcommittee by Deputy Under Secretary Philip Reitinger.
According to both testimonies (which are word for word the same) “copies of the Stuxnet code, in various different iterations, have been publicly available for some time now.” As a result “the Department is concerned that attackers could use the increasingly public information about the code to develop variants targeted at broader installations of programmable equipment in control systems.”
ICS-CERT and the NCCIC remain vigilant and continue analysis and mitigation efforts of any derivative malware.