infosec-news February 2011 archive
Main Archive Page > Month Archives  > infosec-news archives
infosec-news: [ISN] Pentagon Deputy: What if al-Qaeda Got Stuxne

[ISN] Pentagon Deputy: What if al-Qaeda Got Stuxnet?

From: InfoSec News <alerts_at_nospam>
Date: Wed Feb 16 2011 - 08:46:55 GMT

By Spencer Ackerman
Danger Room
February 15, 2011

Points for imagination here: at the RSA information-security conference
in San Francisco, Deputy Defense Secretary William Lynn worried aloud
about a terrorist group getting ahold of a malware tool like Stuxnet.

Sure, al-Qaeda hasn’t launched any cyberattacks so far. Nor have its
operatives manifested any ability to design anything as sophisticated as
the Stuxnet worm. “But it is possible for a terrorist group to develop
cyberattack tools on their own or to buy them on the black market,”
Lynn, the Pentagon’s point man on cybersecurity, warned on Tuesday. “As
you know better than I, a couple dozen talented programmers wearing
flip-flops and drinking Red Bull can do a lot of damage.”

Maybe so. But in last week’s congressional mega-hearing from the
nation’s intelligence leaders on threats facing the country, no
spymaster assessed that al-Qaeda was looking to launch a giant
cyberattack. The most likely forecasted method of terrorist assault
against the U.S. are “small-scale attacks” like homemade bombs, Director
of National Intelligence James Clapper told a House panel. al-Qaeda
appears more focused on making inroads to unsuspecting Muslim youth
through social media.

Lynn left little doubt he had a worm like Stuxnet in mind, even though
he didn’t mention it by name. He warned about the “accidental release of
toxic malware” in which “something as trivial as a thumb drive stuck in
the wrong computer” could have “a calamitous effect on the global
economy.” What’s that sound like to you?


Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.