Stuxnet infected Chevron, achieved its objectives

Stuxnet infected Chevron, achieved its objectives

Summary: Chevron was infected by Stuxnet almost immediately after it spread into the wild, but the nature of the malware meant that it identified its systems as the wrong target and caused no damage.

SHARE:
TOPICS: Security, Malware
4

The malware responsible for disrupting Iran's nuclear facilities also infected the network of energy giant Chevron during its spread.

Stuxnet, which is alleged to be part of a US-led operation to stop Iran from becoming nuclear weapons-capable, infiltrated nuclear enrichment facilities in Natanz, Iran, in 2010 and successfully modified its industrial grade equipment to malfunction. Stuxnet's payload was specific to the systems in place in Iran, but its spreading mechanism was not as picky. As a result, the malware managed to escape from the facility and spread far beyond its initial target.

Stuxnet only delivers its payload if the industrial equipment is one of two Siemens Programmable Logic Controllers (PLCs) and a specific network card is used. Nevertheless, this had lead some researchers to speculate on the effects that Stuxnet may have on other targets with similar industrial equipment in place. Until now, no companies fitting the description had reported being infected.

However, Mark Koelmel, Chevron's general manager of its earth sciences department, has now told The Wall Street Journal that its network had been infected shortly after Stuxnet's discovery in July 2010.

Although the energy giant had been infected, Stuxnet's achieved its aim of identifying it as an innocent target and withheld its payload. As a result, it caused no damage to Chevron's systems and the company was able to remove it.

"Two years ago, our security systems identified the Stuxnet virus. We immediately addressed the issue without incident," Chevron told ZDNet's sister-site CNET.

Although Chevron wasn't adversely affected by Stuxnet's payload, the identification and removal of the malware does require action by all that are infected. This cost, while small, is significant when the total number of infected businesses is considered — an oversight that Koelmel criticised the US government for.

"I don't think the US government even realised how far it had spread," he said. "I think the downside of what they did is going to be far worse than what they actually accomplished."

This includes several subsequent iterations or modified copy-cats of Stuxnet, such as Duqu, Flame, and Gauss. Kaspersky believes that some of them may have been created by the original authors of Stuxnet.

Topics: Security, Malware

Michael Lee

About Michael Lee

A Sydney, Australia-based journalist, Michael Lee covers a gamut of news in the technology space including information security, state Government initiatives, and local startups.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

4 comments
Log in or register to join the discussion
  • I Wonder

    I wonder what the general opinion is of the US and the creation of Stuxnet?
    jhnnybgood
    • IDK...

      What was the general opinion of the US when we created the atomic bomb?
      Worth2Cents
  • I think they're loving Linux more in Iran

    Stuxnet, Flame, and Duqu seem to be creations of the same entity based on their coding and methods of operation. For a quick rundown of how these worms and other malware work, have a look here:

    http://dougvitale.wordpress.com/2012/11/08/hardcore-malware-stuxnet-duqu-and-flame/
    beau parisi
  • wondering if Chevron is being factual about cost OR

    just wrangling for a large economic incentive from the Obama coffers that the Democrats are stealing from the American People.
    in war there are always unintended casualties.
    it's not a good thing to inflict more pain by demanding economic compensation.
    that kind of mentality is what prepared Germany for the rise of Hitler.
    just sayin'
    :(
    .
    wessonjoe