Friday, October 01, 2010

Shtting Down Stuxnet in Infected Systems

A possible approach to remove Stuxnet is to create an anti-body superior in its "resilience" in comparison to the Stuxnet malware itself.

The anti-body should be just as "infective" if not more, i.e. it must be possible to have it installed in all relevant systems on the network, in a manner similar to Stuxnet itself.

Spreading like a manner similar to Stuxnet itself, and possiblly in a more viral manner, the anti-bodies will disable Stuxnet for garbage collection.

This seems like the best approach to me when it comes to super-infections. At least that's how it happens in our bodies.

Iran has made some interesting advances in drug invention and production.

I will not be surprised to see Iran become a leader or a leading partner in the production of cyber anti-bodies that work against malware from cyber criminals.

By the way, my conjecture is that those who created the Stuxnet -- whose operations are essentially akin to biological warfare -- have most probably also created some anti-bodies.

Of course, there's an art in creating anti-bodies and in immunology.

That same art needs to be applied here.

No comments: