New Stuxnet Variant Allegedly Struck Iran


New Stuxnet Variant Allegedly Struck Iran (Oct 31, 2018)

A more aggressive and sophisticated variant of Stuxnet has been recently observed targeting infrastructure and strategic networks in Iran. There is little information at the time of the publication of the article; however, General Gholamreza Jalali, the head of Iran's Passive Defence Organisation, stated that they had discovered and neutralised a new generation of Stuxnet that contained several parts attempting to breach various Iranian systems. A variant of Stuxnet is likely to emerge in a non-recognisable form, since there has been so much news attention and cyber security research on that specific malware.

Recommendation: Defence-in-depth (layering of security mechanisms, redundancy, fail-safe defence processes) is the best way to ensure safety from APTs, including a focus on both network and host-based security. Prevention and detection capabilities should also be in place. Furthermore, all employees should be educated on the risks of spear phishing and how to identify such attempts.

Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.