New cyberweapon ‘Duqu’ threatens vital infrastructure

continued from page 2

Question of the Day

Should Congress make English the official language of the U.S.?

View results

A DHS spokesman said the department would continue to work with cybersecurity researchers to get more information about Duqu and distribute it to the private-sector companies that own and operate critical U.S. industrial control systems.

Mr. Szor said early signs indicate that “more than one machine is infected” at some of the victim organizations, underlining the determined and targeted nature of the attack.

He said McAfee had identified three or four slightly different versions of Duqu.

“It’s almost like every piece is custom made for just that one attack,” he said.

Mr. O Murchu said the attackers had been more careful to try to hide the traces of their weapon this time around. Data that Duqu sent to its home base, a computer server in India that was disabled this week, was both encrypted and hidden along with photographs.

“They’ve gone to a lot more effort to to hide the traffic,” he said.

Duqu also was designed to erase itself from infected computers automatically after 36 days, he said, although that could be modified by the attackers.

© Copyright 2014 The Washington Times, LLC. Click here for reprint permission.

blog comments powered by Disqus
TWT Video Picks