Computer hackers have built a virus that analysts say could be used for industrial espionage and sabotage.

The Trojan worm called Stuxnet spreads via infected USB thumb drives and attacks a computer's Windows operating system. The virus has already affected Siemens AG's industrial control systems.

Confirming media reports that Siemens learned of the problem on July 14, Siemens spokesman Alexander Machowetz said: "Just viewing the contents of the USB stick can activate the Trojan. Siemens recommends avoiding the use of a USB stick."

Siemens said it has only identified one customer whose systems were infected by the virus. Microsoft is yet to patch the flaw, and all versions of Windows are vulnerable.

Stuxnet Worm

Stuxnet is a virus that has been designed to specifically attack software programs running Supervisory Control and Data Acquisition (SCADA) systems, which monitor automated industrial control systems such as chemical factories, power generators and food processing plants.

The threat carried by Stuxnet worm is that once it infects a computer, it begins to communicate with a remote server that will be able to take control of the computer. Randy Abrams from security firm ESET told Reuters that this will technically enable confidential corporate data to be stolen from a computer.

Stuxnet Trojan

Analysts say the Stuxnet Trojan will also be capable of sabotage by instructing computer systems to attack infrastructure. "It could be very valuable to a nation-state for war-like espionage. It could be very valuable to terrorist organizations," said ESET's Abrams.

The worm is causing serious concern among the IT security community. It is believed Stuxnet has been developed for a thumb drive because SCADA systems are generally unconnected to the internet, meaning a USB is the only way to reach them.

Experts have yet to determine precisely who created the worm, but ESET researcher Pierre-Marc Bureau wrote in an official company blog that its developers are using different certificates in different attacks, leading him to write that "we rarely see such professional operations".

Microsoft has issued a workaround solution until a patch is ready, while Siemens is preparing to launch a dedicated website showing how to remove the malware.

Further resources:

Computer Security

IT Security