Stuxnet
Stuxnet is cyber weapon and computer worm. It was used to sabotage Iran’s nuclear program with what would seem like a long series of unfortunate accidents.[1] It was first released in 2006.[2] It became known only after the release of the second version.[3] In 2010, an error in the code led the virus to spread outside the test labs and infect computers around the world.[4]
Both the United States and Israel have been accused of developing and releasing Stuxnet.[5] In 2012 the US confirmed that it developed Stuxnet with Israel.[4]
Stuxnet targets PLCs. They control machinery on factory assembly lines, amusement rides, or centrifuges for separating nuclear material. Stuxnet works by targeting machines using the Microsoft Windows operating system and networks. It then looks for Siemens Step7 software. Stuxnet reportedly compromised Iranian PLCs, collecting information on industrial systems and causing the fast-spinning centrifuges to tear themselves apart.[6] Stuxnet reportedly ruined almost one-fifth of Iran's nuclear centrifuges.[3]
Stuxnet is typically introduced to the target environment via an infected USB flash drive. The worm then spreads across the network, scanning for Siemens Step7 software on computers controlling a PLC. If it doesn't find a target, Stuxnet becomes dormant inside the computer.
Stuxnet is special for different reasons:
- It used flaws of the operating system Microsoft Windows which were not known to many people at the time.
- It used stolen digital signatures to install the rootkit.
- The authors had in-depth knowledge of the process visualization system WinCC, which is used to monitor and control technical processes, using the Simatic S7 industrial controller
- It uses another rootkit to infect the computers which ruin the control and monitoring software for the industrial board
Even though it targeted PLCs only very few were infected. The software is written to infect a specific set of PLC, with well-defined modules. In the case of a personal computer, it will infect any computer running the right software.
Stuxnet Media
Overview of normal communications between Step 7 and a Siemens PLC
Anti-aircraft guns guarding Natanz Nuclear Facility
References
- ↑ Ellen Nakashima (2 June 2012). "Stuxnet was work of U.S. and Israeli experts, officials say". Washington Post.
- ↑ "Factbox: Cyber warfare expert's timeline for Iran attack". Reuters. 2 December 2011. Archived from the original on 26 November 2014. Retrieved 20 October 2015.
- ↑ 3.0 3.1 Michael B Kelley (20 November 2013). "The Stuxnet Attack On Iran's Nuclear Plant Was 'Far More Dangerous' Than Previously Thought". Business Insider Inc. Retrieved 20 October 2015.
- ↑ 4.0 4.1 Mathew J. Schwartz (1 June 2012). "Stuxnet Launched By United States And Israel". Information Week Network Computing. Retrieved 20 October 2015.[dead link]
- ↑ Ellen Nakashima; Joby Warrick (2 June 2012). "Stuxnet was work of U.S. and Israeli experts, officials say". The Washington Post. Retrieved 20 October 2015.
{{cite web}}
: CS1 maint: multiple names: authors list (link) - ↑ Kushner, David. "The Real Story of Stuxnet". ieee.org. IEEE Spectrum. Retrieved 25 March 2014.