New York: Indian authorities detained computer equipment from a data center in Mumbai as part of an enquiry into the Duqu malicious software that some security experts warned could be the next big cyber threat.
Two workers at a web-hosting company called Web Werks told Reuters that officials from India’s Department of Information Technology preceding week took several hard drives and other components from a server that security firm Symantec Corp told them was communicating with computers infected with Duqu.
“This one is challenging,” said Marty Edwards, director of the US Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team. “It’s a very complex piece of software.”
He declined to comment on the investigation by authorities in India, although said that his agency was working with counterparts in other countries to learn more about Duqu.
They said that they did not know how the malware got on to Web Werks’ server. “We couldn’t track down this customer,” said one of the two employees, who did not want to be recognized for fear of losing their jobs.
An official in India’s Department of Information Technology who investigates cyber attacks also refused to discuss the matter. “I am not able to comment on any investigations,” said Gulshan Rai, director of the Indian Computer Emergency Response Team, or CERT-In.