Symantec reports early Stuxnet variant first went live in 2005 A new report from Symantec claims that Stuxnet is not a recent piece of malware, but was in action trying to cripple Iran's nuclear program way back in 2005. "We now have evidence that Stuxnet actually had its command and control servers alive in 2005, that's five full years than anyone previously thought," said Francis …
For what it's worth, it was not until very recently that ANY anti-virus/anti-malware software was able to find Stuxnet (or it's variants).
Stuxnet was never designed to be found and had only a single purpose - to ruin Iranian Uranium enrichment systems.
It was never out in the "wild", it was directed at a specific target.
How would any anti-virus software vendors know to look for this particular type of infection?
SOME AV vendors may have even been told NOT to do anything to stop it.
Stuxnet may have been created with the skills of AV and Speed Drive/PLC company employees under contract to the Feds and Israeli's.
The only thing that the authors messed up on was that the source code should have deleted itself when it was detected.
"SOME AV vendors may have even been told NOT to do anything to stop it."
Hypothetically possible, but this seems to me extremely unlikely. Reason being that such an instruction issued with legal or other threats, would inevitably severely trouble the consciences of the best professionals in the AV field, sufficient for information to leak with plausible deniability, when it would otherwise have stayed secret. For the propagators of such a threat, security is better kept based on keeping those who need to know as few as possible.
The job of AV professionals is to look after the interests of their customers, not to respond to the threats of 1001 security agencies of 200 or so jurisdictions hypothetically in a position to threaten them, some of these with very dodgy, local and personal agendas.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
