The Stuxnet worm continues to raise alarms among security managers at industrial plants worldwide. The malicious program has attacked industrial control computer systems sold by Siemens, primarily in Iraq. For a high-level overview of how the worm works, take a look at an article by Arik Hesseldahl at Bloomberg Businessweek.  

The worm takes advantage of computer systems that were in place well before the Internet went mainstream. Many systems that control factories and power plants were built with no intention of connecting to the Internet, but gradually they were linked so that companies could better monitor plant activity more effectively, he writes.  

Stuxnet is a highly complex worm, and security experts suspect that it took months of work by at least a dozen programmers, costing millions of dollars to produce. Once it is downloaded onto a machine, it can spread to others because passwords for many industrial control systems tend to be difficult to change, Hesseldahl reports. This is true not only of systems from Siemens, but from Honeywell, ABB and Invensys, according to Frank Heidt, CEO of Leviathan Security Group.

For more:
- see Arik Hesseldahl's article at Bloomberg Businessweek

Related Articles:
Iran says it has detained computer worm suspects
Microsoft tool now scans for the Zeus Trojan
Zeus Trojan mules used fake names, passports
Crackdown on Zeus banking scam unearths massive cybercrime outfit
Evidence of Zeus Trojan found in majority of Fortune 500 companies
The growing problem of banking Trojans