• Home
  • Browse News By Category
    • /news/Duqu-Virus-Precursor-of-More-Attacks.cfm /news/index.cfm?cat=Architecture
      Architecture
    • /news/Duqu-Virus-Precursor-of-More-Attacks.cfm /news/index.cfm?cat=Arts_and_Humanities
      Arts & Humanities
    • /news/Duqu-Virus-Precursor-of-More-Attacks.cfm /news/index.cfm?cat=Engineering
      Engineering
    • /news/Duqu-Virus-Precursor-of-More-Attacks.cfm /news/index.cfm?cat=Events
      Events
    • /news/Duqu-Virus-Precursor-of-More-Attacks.cfm /news/index.cfm?cat=Faculty_News
      Faculty News
    • /news/Duqu-Virus-Precursor-of-More-Attacks.cfm /news/index.cfm?cat=Health_and_Medicine
      Health & Medicine
    • /news/Duqu-Virus-Precursor-of-More-Attacks.cfm /news/index.cfm?cat=Research
      Research
    • /news/Duqu-Virus-Precursor-of-More-Attacks.cfm /news/index.cfm?cat=Science
      Science
    • /news/Duqu-Virus-Precursor-of-More-Attacks.cfm /news/index.cfm?cat=Social_Sciences
      Social Sciences
    • /news/Duqu-Virus-Precursor-of-More-Attacks.cfm /news/index.cfm?cat=Student_News
      Student News
  • Browse News By Year
    • /news/Duqu-Virus-Precursor-of-More-Attacks.cfm /news/index.cfm?year=2013
      2013
    • /news/Duqu-Virus-Precursor-of-More-Attacks.cfm /news/index.cfm?year=2012
      2012
    • /news/Duqu-Virus-Precursor-of-More-Attacks.cfm /news/index.cfm?year=2011
      2011
    • /news/Duqu-Virus-Precursor-of-More-Attacks.cfm /news/index.cfm?year=2010
      2010
    • /news/Duqu-Virus-Precursor-of-More-Attacks.cfm /news/index.cfm?year=2009
      2009
    • /news/Duqu-Virus-Precursor-of-More-Attacks.cfm /news/index.cfm?year=2008
      2008
    • /news/Duqu-Virus-Precursor-of-More-Attacks.cfm /news/index.cfm?year=2007
      2007
    • /news/Duqu-Virus-Precursor-of-More-Attacks.cfm /news/index.cfm?year=2006
      2006
    • /news/Duqu-Virus-Precursor-of-More-Attacks.cfm /news/index.cfm?year=2005
      2005
  • Calendar of Events
  • CCNY In The News
  • Spotlight on Faculty
  • Student Success
  • Webcasts
  • Additional Resources
  • Communications and Marketing
Share This
November 9, 2011

Duqu Virus Precursor of More Attacks, Cyber Security Expert Warns

Tarek Saadawi-2 

Professor Saadawi says Duqu's main goal is "information gather and surveillance of specific cyber systems."

CCNY Electrical Engineering Professor Tarek Saadawi Likens to Reconnaissance Plane on Spy Mission

Although so far the Duqu seems to have affected only a small number of cyber systems, it likely is a precursor to imminent more harmful attacks, warns cyber security expert Dr. Tarek Saadawi, professor of electrical engineering at The City College of New York’s Grove School of Engineering.

Professor Saadawi likens Duqu to a reconnaissance plane on a spying mission to prepare for a bombing raid. “Duqu’s main goal is information gathering and surveillance of specific cyber systems,” he says. “It attacks servers and systems to collect information on the details of the targeted infrastructure.   This collected information allows the attacker to fine-tune its future attack.”

Because of Duqu’s sophistication, many, but not all, cyber security experts believe it may be an extension or a breed of the Stuxnet virus code.  Stuxnet, which targets industrial control systems, was used in a cyber attack on a nuclear processing facility in Iran that may have been developing materials for weapons.

Although it is subject to debate, Duqu seems to be an evolution of one of the modules of the Stuxnet virus code, he notes. The code allows parts of Stuxnet to be developed for other purposes.

“With the main purpose being as a collector of information, (Duqu) monitors keyboard strokes to be able to capture the access passwords to various systems,” Professor Saadawi says.  It has also other forms of sophistication, including its main Trojan module, which includes a kernel driver, the injected DLL (dynamic link library) and a configuration file.

While software companies and system administrators continue to work on protections against Duqu and workarounds for systems infected by the virus, Professor Saadawi says research and development efforts should focus on closing all cyber system security weakness.  He adds that to protect their personal computers and home networks individuals should:

•    Always update anti-virus programs.
•    Conduct periodic Windows updates, preferably automatically.
•    Update application software, since vendors continue to build in more secure features.
•    Close Internet browsers when not in use so they do not degrade the performance of security software.
•    Shut down computers at night.

Note to Reporters:

More information about Professor Saadawi can be found at http://tinyurl.com/saadawiccny.  To speak with him, please contact Ellis Simon, Director of Public Relations, The City College of New York, 212-650-6460, esimon@ccny.cuny.edu

« BACK TO NEWS