Tag Archives: Stuxnet

60 Minutes: #Stuxnet Worm (Why You Should Care)

(Embedded video feeds aren't resolving properly on some systems. If you don't see the video interface above, here's a direct link to launch it, manually)

Last night, 60 Minutes broadcast an excellent, in-depth analysis of the Stuxnet Worm and how it was used to infiltrate and damage the Iranian nuclear program.  Let's put politics aside for a moment (as I always try to do on this blog).  Anyone who wants (or needs) to understand how malicious code may be used to wreak havoc upon a thought-to-be-secure system should watch this video.

Particularly, pay close attention to how the worm was introduced into the facility's computers.  I guarantee, it'll be the best 15 minutes you can invest before you sit down and formulate your security plan.

An Inauspicious Anniversary

MP900448582 Sorry, folks…it's year-end for corporations and I've been buried this week getting out the last-minute reports and preparing for LegalTech NY.  However, I did want to share something of interest with you for a late Friday afternoon.  Twenty-five years have passed since the accidental creation of the computer virus.

I know what you're thinking.  What does this have to do with e-discovery?  A lot, actually.  This isn't just about annoyances or stealing individual accounts and/or passwords; although that in itself is bad enough.  If you take it to the extreme, the issues are much more serious.

Have you heard of Stuxnet?  I've personally seen relatively benign viruses like "I Love You" bring corporations to a screeching halt, let alone one that specifically targets Iran's centrifuges.  Many corporations underestimate the danger – especially when it comes to the security of their data, since many viruses exist to open tunnels in security systems.

It's a dangerous way to lose safe harbor protection.