Irregular Expressions

Nov 30 2010   4:50PM GMT

A few more Stuxnet specifics – Part 1



Posted by: Dan O'Connor
Tags:
malware

So I have been doing a little more reading about stuxnet and I have some interesting details that I have collected.

What is known is that stuxnet has the ability to jump between machines using removable media. If you read in to that, it makes you think that what ever it was targeting was something not connected to the internet. This can leave a short list of possible targets.

It had four zeroday attacks as a method of infection, I can’t recall a single variant of worm or virus having that kind of firepower.

It’s code was signed! Ta-da, it had not one but two digital certificates that where stolen to have it’s code trusted by the OS.

It targeted two specific SCADA systems one built by Seimens and the other by an Iranian company.

Once it starts targeting them it messes around with the speed of the centrifuges running them either way too fast or almost not at all while hiding this from the command and control infrastructure displays.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: