If you’ve followed cyber news at all in the past six months, you’ve probably heard of Stuxnet, the malicious Internet worm that targeted Iran’s critical infrastructure. And, you’ve probably also heard how Stuxnet was “game-changing,” because of its devastating demonstration of a cyber attack’s potential to wreak havoc on critical systems.
But one cybersecurity expert now says Stuxnet wasn’t as game-changing as breathless media coverage made it out to be.
“Stuxnet, which targeted a specific type of infrastructure, was sophisticated, but not different from a lot of malware,” he said. “There wasn’t anything that was game-changing.”
Meyers said Stuxnet might have surprised people unfamiliar with malware’s capabilities.
“For a lot of people who hadn’t seen that before,” he said, “it was a revelation to them that you can target supervisory control and data acquisition systems and incident command systems and have malware jump from an open network to a closed network from, say, a USB port.
“For some people, it was a game-changer, but I guess it’s all about perspective,” he added.