Stuxnet is a highly advanced computer worm first discovered in June 2010. Researchers concluded that Stuxnet had a specific target—various Siemens PLCs (Programmable Logic Controllers). Due to Stuxnet’s extremely high-level of coding, the general consensus is that its development must have required between 5-30 individuals most likely operating with the resources and backing of a nation state or states.

As an extremely targeted piece of malware, Stuxnet was designed to only affect specific Siemens SCADA (Supervisory Control And Data Acquisition) systems and were only detected in the wild due to a coding error that caused the worm to copy itself to a nuclear facility worker’s laptop that was connected to the facility’s network, which was then brought back to his house and connected to the Internet. The worm itself had three related targets: the Windows operating system, various pieces of Siemens PLC controller software that run on Windows, and the Siemens PLC devices themselves. Attacking all three of these platforms required the use of many zero-day exploits. After Stuxnet infects all three of these platforms, it is able to modify the rotational speed of turbines and simultaneously trick monitoring software and hardware that the turbine rotational speeds have not changed (a type of man-in-the-middle attack).  By subsequently speeding up turbines and later slowing them down significantly, Stuxnet was able to cause them significant enough damage to require replacements. Siemens released an update in July 2012 to fix the bugs that allowed Stuxnet to affect its previously vulnerable SCADA systems.

An intelligence gathering worm, Duqu, was discovered shortly after Stuxnet, and researchers believe that the information it was gathering may be used as the basis for a future Stuxnet-like attack.

DDoSPedia Index