South Korea concocting Stuxnet-like virus to infect enemies

South Korea concocting Stuxnet-like virus to infect enemies

Image of Korean border defences courtesy of ShutterstockSouth Korea is looking to develop a Stuxnet-like virus in order to do just what that earlier cyberweapon did in 2010: attack an enemy’s nuclear facilities.

Stuxnet is widely believed to have been created by the US and Israel to attack Iran’s nuclear facilities.

According to the Yonhap news agency, South Korea’s defense ministry said on Wednesday that the country plans to push forward its efforts to develop sophisticated cyberwarfare tools to wreak havoc on its northern neighbor’s nuclear facilities.

South Korea’s long-term plan includes developing malware to cripple North Korea’s missile and atomic facilities, Yonhap reports, along with fortifying its psychological warfare capability to paralyze the origin of a cyberattack.

The rationale for self-paralysis seems to be the social media sloppiness that’s recently gotten South Korean soldiers and military personnel into hot water.

By law, they’re obligated to maintain politic neutrality, Yonhap reports.

In spite of those obligations, more than a dozen members of the cyber command’s psychological warfare unit have been under investigation by military prosecutors for allegedly posting politically charged messages online against the opposition camp and its candidate ahead of the 2012 vote.

At any rate, even if South Korea manages to both create a cyberweapon on par with Stuxnet and to impose a cone of silence and/or confusion around its own potential whistleblowers, the country might well have to deal with their Stuxnet-like weapon’s Stuxnet-like side effects.

Stuxnet’s apparent intended target was Iran’s Natanz nuclear plant, where it ruined one-fifth of Iranian’s nuclear centrifuge.

But Stuxnet didn’t stop there, of course.

It’s believed that, due to a programming error introduced in an update to the worm, it spread to an engineer’s computer that had been connected to the centrifuges Stuxnet was after.

When the engineer disconnected his computer and took it home, Stuxnet was let out of its cage, didn’t notice that it wasn’t in an Iranian nuclear facility anymore, and blithely continued to infect SCADA (supervisory control and data acquisition) systems, eventually infecting an undetermined number of computers – estimated to be in the range of tens of thousands of computers around the world.

It didn’t stop there, either. Stuxnet spawned. Another malware attack, Duqu, was dubbed the son of Stuxnet due to similar driver file certificates between the two.

Stuxnet was primarily designed to sabotage industrial machinery. Duqu looked to be designed for espionage, particularly information related to industrial systems – potentially information that could fuel future attacks similar to those of Stuxnet.

In other words, if South Korea recreates Stuxnet, there’s reason to fear that it could unleash a whole new Pandora’s box full of related malware.

Stuxnet didn’t respect national borders.

There’s no reason to believe that a South Korean replicant will, either.

Image of Korean defences courtesy of Shutterstock.