NEWS FROM THE LAB - Friday, November 26, 2010

Alternative Theories Posted by Mikko @ 08:30 GMT

While most Stuxnet origin theories claim the malware to be written by Israel or the US government, there are other theories as well.

Jeffrey Carr wrote an interesting piece for Forbes, proposing four different theories on where Stuxnet might have come from.

Forbes Stuxnet Ydinverkosto

While I don't think it's likely that Ydinverkosto would have written Stuxnet, we are aware of real Finnish computer attacks done by ecological extremists. The cases are not recent though.

Think about the PC virus Ekoterror. Found in 1992, this Finnish virus would activate by overwriting the beginning of the hard drive and displaying this message:

Ekoterror virus

In English:

    EkoTerror (C) 1991 ATK-toimisto P.Linkola Oy
    Your hard drive has been disabled to protect the environment.
    There must be no nuclear powered hard drives in a green society.

The copyright statement inside the virus was a reference to Mr. Pentti Linkola, a Finnish ecologist known for his radical thoughts. I remember calling him at the time to discuss the incident. It was obvious he had nothing to do with the case and did not know who was behind it.

Is there a link between Ekoterror and Stuxnet? I don't think so.

In any case, Jeffrey's full white paper is available from here. (PDF)

Signing off,