Stuxnet a Limited Risk to US Infrastructure

Some US infrastructure is vulnerable to attack by the Stuxnet computer worm, Gregory Schaffer, assistant secretary of homeland security for cybersecurity and communications, said Tuesday. Though there is “some risk,” due to the fact that the software packages Stuxnet preys on do “exist within the US,” Shaffer told reporters in Washington D.C., that it’s not clear that “any particular process” would systematically “trigger” the virus across an entire sector, such as water or electricity. He said the Department of Homeland Security has “made a lot of information available” to public and private entities to understand the worm and determine “whether they were vulnerable, and what to do if they were, and how to clean up,” if attacked. Shaffer noted that, in the past year, DHS built a full-scale, industrial mock-up to practice defense, deploying a rapid-reaction advisory team to aid in recovery. Stuxnet is reportedly highly sophisticated and, at least initially, targeted computers in Iran’s nuclear infrastructure.