IT Security Experts in Iran Discover New Virus Attack
Last July, the discovery of Stuxnet worm, which targeted industrial installations, created alarm among cyber security specialists. Recently, security professionals in Iran identified another new cyber espionage virus named 'Star'.
The virus is reported to be designed to cause damage to government computer systems. The virus was identified before it causes serious damage. Preliminary investigations suggest that virus acts like a regular executable file during the initial stages. IT security professionals are conducting further investigations on the virus.
Sophisticated cyber weapons may cause serious damage to industrial installations. Stuxnet exploits various vulnerabilities and replicates through removable drives, Server Message Block (SMB). The worm exploits vulnerabilities to fingerprint industrial control system, spread in Local Area Network (LAN), copy and execute on remote computers, and by-pass security products. Stuxnet allows execution of malicious code by contacting a remote command and control server. The worm is capable of updating itself through peer-to-peer mechanism.
Cyberspace is now leveraged for information warfare, cyber espionage and other covert attacks. Critical industrial installations and infrastructural facilities face constant threat of cyber-attack. Cyber-attack on critical facilities such as power grids, telecommunications, water supply systems, gas and oil storage, transportation, and banking may lead to chaos and have adverse economic implications.
The threats in the cyberspace are imminent. Organizations must be proactive in safeguarding the IT infrastructure rather than considering IT security as a mere compliance activity. Hiring professionals qualified in masters of security science and penetration testing may help organizations in identifying and remediating security flaws.
Employees must be made aware of different cyber security threats, data security and incident management procedures through training sessions, online degree and e-learning programs. Organizations must ensure adherence to IT security policies through proper monitoring mechanisms. Erring employees must be counseled and advised to create IT security conscious culture in the organization.
IT professionals must constantly upgrade their technical skill sets by undertaking new online university degree courses and security certifications. They may abreast themselves of latest developments in IT security by participating in conferences, seminars and discussion forums.
EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.
EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.
EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences. http://www.eccouncil.org
Tag Words: industrial installation, critical infrastructure, cyber espionage, worm, cyber weapon, star, stuxnet, cyber security, internet security, industrial