It seems that even the world’s premier Atomic regulatory authority is safe from the wrath of hackers and malware. The United Nations top nuclear watch dog International Atomic Energy Agency which has been news recently for its ever so vigilant activities in Iran has been made a fool of itself.
IAEA today accepted that some of its key computers were infected by a malicious malware for past several months. A malware is a code which is typically placed by would be cyber attackers to gain remote access to systems, steal data or control the same. IAEA spokesperson Serge Gas while accepting that IAEA computers were indeed infected by malware said that, “No data from the IAEA network has been affected.”
It is pointed out here that only those computers which are located in the common areas of IAEA’s Vienna headquarters called the Vienna International Centre (VIC) were infected by the malware as per the presser. A normal computer can be infected by a USB drive malware by a visiting person or a third party technician. Gas added, “The (IAEA) secretariat does not believe that the USB devices themselves were infected or that they could spread the malware further”
Staying with the Iran news which IAEA has been involved in greatly for past 2 years, readers may note that only last November, IAEA servers were compromised by Iranian hackers who then posted classified information like contact details of IAEA’s top nuclear experts online. Gas didnt divulge the details of the malware which infected the VIC computers but he said that henceforth the security apparatus would be tightened for the use of removable media in the IAEA premises.
The most virulent and potent virus which has been on the US-CERT’s (Computer Emergency Response Team) radar is the Autorun.inf malware. drive will then be spreading the virus onto other computers if the operating system on those machines has an AutoRun-type feature enabled. The AutoRun function in Windows launches installers and other programs automatically when a flash drive or CD is inserted. For that reason, people should disable any AutoRun features and manually launch programs when using a flash drive though the virus also can be embedded in what looks like a normal file on a USB device, so that even if AutoRun is disabled, the computer will become infected when the file is opened. CERT has information about the dangers associated with AutoRun here, as well as tips specific to the safe use of USB drives here.