Ralph Langner


60 Minutes Weighs Stuxnet’s Legacy

The security community might understand what the Stuxnet worm did. Now the war is over what the worm means – Stuxnet’s legacy, if you will. The latest to weigh in on that question is Steve Croft, of the CBS news magazine 60 Minutes.

Video: Expert Proves Stuxnet’s Link To Iran Nuclear Facilities

When Ralph Langner, an independent security researcher, presented his analysis of specialized code used by the Stuxnet worm to an audience of his peers at the S4 Conference in Miami last month, it was a chance to get down in the weeks with one of the world’s top experts on Stuxnet and threats to industrial control system.

UPDATE: Why Stuxnet-Like Attacks Aren’t Going Away

Ralph Langner is the closest thing to a rock star that you get in the Dockers and pocket-protector world of industrial control systems. The German researcher made headlines in 2010 as among the first security experts to analyze parts of the Stuxnet worm’s code devoted to manipulating programmable logic controllers by Siemens, and the first to explicitly link the Stuxnet malware with an effort to disable Iran’s uranium enrichment operation.


Miami, Florida – A no-holds barred presentation at the S4 Conference laid bare the woeful state of security for many industrial control systems that power the world’s critical infrastructure. Organizers have also cooperated with security scanning firms Rapid7 and Tenable to release modules for the Metasploit and Nessus products that can test for the discovered security holes.

A month after an unknown gray hat hacker calling himself “pr0f” used a three character password to hack his way onto computers used to manage water treatment equipment in South Houston, Texas, a security researcher is accusing the company that makes the industrial control system (ICS) software, Siemens, of trying to cover up the existence of other, more serious vulnerabilities.

To hear many of the leading computer security experts, Tuesday, October 18 was “D-Day,” with the “D” standing for “Duqu,” a new piece of malware that virus experts were tripping over each other to call “Stuxnet 2.0.” “Stuxnet Clone ‘Duqu’ Possibly Preparing Power Plant Attacks” read a headline on the Website of Foxnews, summing up the air of hysteria surrounding the new malware. But less than a day later, questions are being raised about the purpose and threat posed by the new malware.

The Stuxnet worm may be the most famous piece of malicious software ever written. When it was first detected, a little over a year ago, the worm sounded a warning to nations around the world that critical infrastructure systems were potential targets of attack for foreign governments and cyber criminal organizations alike. But with the anniversary of the Stuxnet worm’s discovery just past, the Department of Homeland Security admits that it is now reevaluating whether it makes sense to warn the public about all of the security failings of industrial control system (ICS) and SCADA software. 

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.