Stuxnet, Game-changing? Think Again, Cyber Expert Says

1 min read
Image: ktsdesign

If you’ve followed cyber news at all in the past six months, you’ve probably heard of Stuxnet, the malicious Internet worm that targeted Iran’s critical infrastructure. And, you’ve probably also heard how Stuxnet was “game-changing,” because of its devastating demonstration of a cyber attack’s potential to wreak havoc on critical systems.

But one cybersecurity expert now says Stuxnet wasn’t as game-changing as breathless media coverage made it out to be.

Adam Meyers, director of cybersecurity intelligence at leading GovCon IT security provider SRA International, told Nextgov Stuxnet was simply like most other forms of malware.

“Stuxnet, which targeted a specific type of infrastructure, was sophisticated, but not different from a lot of malware,” he said. “There wasn’t anything that was game-changing.”

Meyers said Stuxnet might have surprised people unfamiliar with malware’s capabilities.

“For a lot of people who hadn’t seen that before,” he said, “it was a revelation to them that you can target supervisory control and data acquisition systems and incident command systems and have malware jump from an open network to a closed network from, say, a USB port.

“For some people, it was a game-changer, but I guess it’s all about perspective,” he added.