Sophos: Malware threats greater risk than Stuxnet

The security vendor's head of technology hits out at "doomsayers" of the Stuxnet worm and calls for more attention to be paid in dealing with everyday attacks.

Security specialist Paul Ducklin has "rubbished" the latest Stuxnet development published by Sky News, calling it "inaccurate, inflammatory and irresponsible".

The article claimed that the super virus has been traded on the black market, and that it is now in the hands of the "bad guys". The report was referring to terrorists who might use the virus to create widespread mayhem, such as shutting down critical national systems.

The Sophos head of technology for Asia Pacific told ZDNet Asia in a phone interview that there must be clear evidence to suggest the development is clearly taking place. "Just by saying it doesn't make it true," he reasoned.

Ducklin said the constant reports on cyber warfare are "worrying". He added that "we're fretting ourselves to pieces over a virus that is written to make an unknown effect on unknown specific equipment, in an unknown plant in an unknown location, written by an unknown group".

He ridiculed that "all the attention seemed to be on this particular virus family, which is already detected and blocked, yet people are making all these claims".

Ducklin thinks the industry should pay more attention to real cyberscams that are happening on a daily basis, such as criminals who are producing hundreds and thousands of variants of new malware aimed at "looting our bank accounts" or fraudulent schemes that make use of call centers to con people.

The most widely reported case of the Stuxnet attack was on the "sabotage" of Bushehr nuclear plant in Iran, which was said to be part of a cyber warfare plan orchestrated by another country. According to Ducklin, India and Indonesia suffered far worse Stuxnet attacks, and this could be one of the worm's plans, which is to target countries starting with "I".

"It has a very specific target, and from what we can see, [this target] has not been hit yet. We can't prove that it has or hasn't hit anywhere. This is all guess work," he noted.

Of all the security and economic ramifications other security experts have warned that the Stuxnet worm is capable of inflicting, Ducklin said it is already happening.

"The article seemed to suggest that the U.K. will come to a standstill tomorrow. But the fact is, our economy is already badly hit, and with an increasing number of people being hit by viruses that cause huge monetary loss, the potential effects can be much worse [if we do not act to prevent more people falling prey]," he said.

To caution against getting hit by malware con schemes, he suggested simple measures such as not revealing too much personal information on social networking sites and exercising caution when opening links on the Internet.