The 10 Biggest Security Stories Of 2011

Duqu emphasized once again the cyber-threat against computer-run industrial control systems. Discovered in October, the malware was believed to be an electronic spy meant to gather information for a more serious attack later. Duqu is similar to the Stuxnet malware, but didn't have the destructive payload of the latter. Discovered in 2010, Stuxnet is believed to have damaged the control systems in Iran's nuclear facility. Duqu was found in the systems of industrial suppliers and factories. Its purpose was to steal electronic documents and send them to a command and control server operated by hackers, experts believed. At least six organizations in as many as a dozen countries had Duqu-infected computers. The malware took advantage of a zero-day vulnerability in Windows. Microsoft released a patch for the security hole shortly after the flaw was discovered.

Get a roundup of CRN's security coverage right to your inbox with the Security Advisor newsletter.