Posted by: Dan O'Connor
So I have been doing a little more reading about stuxnet and I have some interesting details that I have collected.
What is known is that stuxnet has the ability to jump between machines using removable media. If you read in to that, it makes you think that what ever it was targeting was something not connected to the internet. This can leave a short list of possible targets.
It had four zeroday attacks as a method of infection, I can’t recall a single variant of worm or virus having that kind of firepower.
It’s code was signed! Ta-da, it had not one but two digital certificates that where stolen to have it’s code trusted by the OS.
It targeted two specific SCADA systems one built by Seimens and the other by an Iranian company.
Once it starts targeting them it messes around with the speed of the centrifuges running them either way too fast or almost not at all while hiding this from the command and control infrastructure displays.