The Stuxnet worm does not seem to have impacted any systems in the United States, according to a Department of Defense official
Greg Schaffer, assistant secretary for cybersecurity and communications at DHS, told reporters the complex malware demonstrates the plethora of increasingly sophisticated cyber threats.
“It was a very tiered, very complex, very sophisticated virus,” he told the Defense Writers Group, according to AFP. “It was looking for specific kinds of software and very special implementations within that software.”
Schaffer said Stuxnet “focused on specific software implementations and those software implementations did exist in some U.S .infrastructure so there was the potential for some U.S. infrastructure to be impacted at some level.”
“There was some risk because those software packages exist within the U.S. ecosystem, but it’s not clear that there’s any particular process that is in the United States that would have triggered the software,” he said.
Stuxnet has divided security experts into two camps, exemplified by SRA International“˜s Adam Meyers dismissing the near-mythical “game-changing” status of the virus, to Symantec’s Dean Turner claiming the malware was a milestone in many ways, including its use of four zero-day exploits.
It is currently unclear who created the worm, but speculations range from Siemens insiders to state-sponsored saboteurs.