cross-referenced news and research resources about
Stuxnet worm virus
Stuxnet is a malicious computer worm believed to be a jointly built American-Israeli cyber weapon. Although neither state has confirmed this openly, anonymous US officials speaking to The Washington Post claimed the worm was developed during the Obama administration to sabotage Iran’s nuclear program with what would seem like a long series of unfortunate accidents.
Stuxnet specifically targets programmable logic controllers (PLCs), which allow the automation of electromechanical processes such as those used to control machinery on factory assembly lines, amusement rides, or centrifuges for separating nuclear material. Exploiting four zero-day flaws, Stuxnet functions by targeting machines using the Microsoft Windows operating system and networks, then seeking out Siemens Step7 software. Stuxnet reportedly compromised Iranian PLCs, collecting information on industrial systems and causing the fast-spinning centrifuges to tear themselves apart. Stuxnet’s design and architecture are not domain-specific and it could be tailored as a platform for attacking modern SCADA and PLC systems (e.g., in automobile or power plants), the majority of which reside in Europe, Japan and the US. Stuxnet reportedly ruined almost one fifth of Iran's nuclear centrifuges.
Stuxnet has three modules: a worm that executes all routines related to the main payload of the attack; a link file that automatically executes the propagated copies of the worm; and a rootkit component responsible for hiding all malicious files and processes, preventing detection of the presence of Stuxnet.
|
|
|
updated Thu. December 7, 2023
-
Lawfare (blog)
February 9, 2018
Kello combines his theory of three ways technology can be revolutionary with lucid explanations of just how cyber weapons have changed the international order, drawing on examples like Stuxnet and Russian interference in the 2016 U.S. election. He also contributes to debates over familiar topics likeÃÂ ...
ISBuzz News
January 30, 2018
“These vulnerabilities are the same type of vulnerabilities that Stuxnet targeted. Stuxnet was able to leverage both known and previously unknown vulnerabilities to install, infect and propagate, and was powerful enough to evade state-of-the-practice security technologies and procedures. These latestÃÂ ...
Help Net Security
January 24, 2018
... communication between machines, many cyber attacks will leverage compromised or rogue keys and certificates. A nation-state with this power can bombard critical infrastructure through increasingly sophisticated variations of attacks, sabotaging core services using attacks derived from Stuxnet andÃÂ ...
Arab News
January 24, 2018
One of the exhibits at this year's event is a 12 minute excerpt from a virtual reality production called Zero Days VR, which is based on a 2016 documentary made by Alex Gibney about cyber warfare and the “Stuxnet” virus. The rise of the Internet of Things, or web-connected devices, is a particular worry forÃÂ ...
ITWeb
January 24, 2018
A few years later, in 2010, he produced classified briefings on the operation of the Stuxnet worm, and has invented several patents, including US patent 6,577,920 "Computer virus screening". Hypponen has assisted law enforcement agencies in the US, Europe and Asia, and has written for internationalÃÂ ...
The Verge
January 23, 2018
The famed Stuxnet attack injected a formidable computer worm into Iran's Natanz enrichment facility in 2009, destroying about 1,000 centrifuges. The United States and Israel are suspected of being behind the attack, which used a USB drive to deliver malware to “air gapped” systems, or those with no directÃÂ ...
CSO Online
January 22, 2018
As we approach the 10th anniversary of when Stuxnet was (likely) deployed, it is worthwhile to examine the effect it still has on our world. As the world's first-ever cyberweapon, it opened Pandora's box. It was the first true cyber-kinetic weapon – and it changed military history and is changing world history,ÃÂ ...
Dark Reading
January 19, 2018
Langner, a top Stuxnet expert, says ICS malware analysis is time-consuming. "It took me three years to analyze Stuxnet," he says. The ICS malware sandbox tool is aimed at more efficiently spotting ICS-specific malware, and can simulate the types of traffic to and from a PLC, for example, as its honeypotÃÂ ...
Dark Reading
January 18, 2018
"I strongly support the idea" of a VirusTotal for ICS malware, he says. Langner, a top Stuxnet expert, says ICS malware analysis is time-consuming. "It took me three years to analyze Stuxnet," he says. The ICS malware sandbox tool is aimed at more efficiently spotting ICS-specific malware, and can simulateÃÂ ...
Fox Business
January 18, 2018
Once attackers have perfected a Triton-type attack, the "logical next step" would be to combine it with a Stuxnet-type attack in order to disrupt a plant and its safety back-up systems, said Rob Lee, chief executive of the cybersecurity firm Dragos Inc. The Triton attackers were able to reprogram a 16-year-oldÃÂ ...
CyberScoop
January 16, 2018
The way Trisis works echoes Stuxnet, which American spies used to affect the speed of centrifuges as they spun filled with uranium, causing them to eventually break. Some historians consider the Stuxnet operation to have been a success because it derailed Iran's efforts to develop nuclear weapons forÃÂ ...
ITProPortal
January 16, 2018
Stuxnet and Dragonfly already demonstrated the destructive potential of a targeted cyber attack against infrastructure, from banks and hospitals to transportation and even energy providers. These attacks typically exploit basic gaps in cyber defences, yet have the potential to have substantial, lastingÃÂ ...
Data Center Knowledge
January 4, 2018
The malware -- which FireEye calls Triton and Dragos calls TRISIS – is similar to the Stuxnet malware used in Iran in 2010 and Industroyer deployed in Ukraine in 2016. A recent Triton attack targeted Schneider Electric's Triconex safety system, and the malware has already had at least one victim, theÃÂ ...
BBC News
January 3, 2018
The first nation state-level cyber-attack on critical infrastructure, widely attributed to a joint collaboration between American and Israeli intelligence against Iran, was uncovered in 2010. Known as the Stuxnet virus, the attack aimed to take down Iran's nuclear program. The virus failed to achieve its mission.
BBC News
January 3, 2018
The first nation state-level cyber-attack on critical infrastructure, widely attributed to a joint collaboration between American and Israeli intelligence against Iran, was uncovered in 2010. Known as the Stuxnet virus, the attack aimed to take down Iran's nuclear program. The virus failed to achieve its mission.
mySanAntonio.com
December 28, 2017
The Stuxnet computer worm temporarily disabled 1,000 centrifuges at the facility, prompting Iran to become a cyber threat — including to the U.S. less ... Iranian hackers developed payback motive, too, after 2012 newspaper reports about the U.S. and Israeli “Stuxnet” malware attacks on the Iranian nuclearÃÂ ...
The Cipher Brief
December 17, 2017
Iran wasn't pursuing cyber capabilities with much urgency, experts say, until it was revealed in 2010 that a joint Israeli-U.S. Stuxnet worm sabotaged nuclear centrifuges at Iran's facility in Natanz. As the first-known instance of virtual intrusions resulting in physical effects, the operation demonstrated theÃÂ ...
WIRED
December 14, 2017
Since Stuxnet first targeted and destroyed uranium enrichment centrifuges in Iran last decade, the cybersecurity world has waited for the next step in that digital arms race: Another piece of malicious software designed specifically to enable the damage or destruction of industrial equipment. That rare type ofÃÂ ...
Scientific American
December 11, 2017
Stuxnet demonstrated that cybersecurity breaches can cause physical damages. What if those damages had biological consequences? Could bioterrorists target government laboratories studying infectious diseases? What about pharmaceutical companies producing lifesaving drugs? As life scientistsÃÂ ...
Futurism
December 8, 2017
Stuxnet's power is based on its ability to capitalize on software vulnerabilities in the form of a “zero day exploit.” The virus infects a system silently, without requiring the user to do anything, like unwittingly download a malicious file, in order for the worm to take effect. And it didn't just run rampant throughÃÂ ...
CBS News
December 7, 2017
Stuxnet demonstrated that cybersecurity breaches can cause physical damages. What if those damages had biological consequences? Could bioterrorists target government laboratories studying infectious diseases? What about pharmaceutical companies producing lifesaving drugs? As life scientistsÃÂ ...
Ars Technica
November 3, 2017
One of the breakthroughs of the Stuxnet worm that targeted Iran's nuclear program was its use of legitimate digital certificates, which cryptographically vouched for the trustworthiness of the software's publisher. Following its discovery in 2010, researchers went on to find the technique was used in a handfulÃÂ ...
CSO Online
August 22, 2017
Stuxnet is an extremely sophisticated computer worm that exploits multiple previously unknown Windows zero-day vulnerabilities to infect computers and spread. Its purpose was not just to infect PCs but to cause real-world physical effects. Specifically, it targets centrifuges used to produce the enrichedÃÂ ...
TechRepublic
August 15, 2017
It has been almost seven years since Stuxnet first made headlines for its devastating attack on Iranian uranium enrichment centrifuges. The years haven't made it less relevant though—it's still an important topic due to the fact the exploit Stuxnet took advantage of still ranked among the most widely used inÃÂ ...
NoCamels
December 31, 1999
... far beyond what is being published in the media,” and that the partnership enables both sides “to cope effectively with increasing threats,” hinting at reported joint US-Israel efforts to set back Iran's nuclear program in 2010 with the Stuxnet virus. Of utmost concern are the intentions and actions of non-stateÃÂ ...
Politico (blog)
December 31, 1999
A federal court has unsealed new details about how investigators tried to track down suspected sources for New York Times reporter David Sanger's book discussing how the U.S. and Israel used a computer virus known as "Stuxnet" to sabotage Iran's nuclear program. Documents made public Thursday onÃÂ ...
mySanAntonio.com
December 31, 1999
The Stuxnet computer worm temporarily disabled 1,000 centrifuges at the facility, prompting Iran to become a cyber threat — including to the U.S. less ... Iranian hackers developed payback motive, too, after 2012 newspaper reports about the U.S. and Israeli “Stuxnet” malware attacks on the Iranian nuclearÃÂ ...
TechGenix (blog)
December 31, 1999
Anyone who has worked in the InfoSec community is well acquainted with the various nation-state sponsored cyberattacks in the Middle East and North Africa region (MENA) region. Most notable of these would be the Stuxnet attack, which went after Iranian nuclear facilities and endangered numerous livesÃÂ ...
The Stack
December 2, 2017
It is not unheard of for western states to carry out cyber-attacks – it has been widely alleged, though never confirmed, that the U.S., with possible assistance from Israel, worked to disable Iranian nuclear centrifuges through a virus called Stuxnet. Though these discussions are taking place within NATO, the ...
DatacenterDynamics
December 2, 2017
The US' NSA and CIA,with assistance from Israel's Unit 8200, is strongly thought to have been responsible for Stuxnet, the first known case of a cyber attack destroying physical infrastructure. Both nations have yet to confirm their involvement in the destruction of Iranian centrifuges at the Natanz nuclear ...
RT
November 9, 2017
The campaign against the Russian cybersecurity firm goes back to 2010, when Kaspersky Lab revealed the origin of the Stuxnet virus, Machon told RT. Back then, Kaspersky Labs stated that “this type of attack could only be conducted with nation-state support and backing.” Nobody officially claimed ...
ThinkAdvisor
November 6, 2017
Using the Stuxnet virus, which took an Iranian uranium facility offline, Ben-Israel noted that real physical effects — in this case the collapse of the centrifuge machines — can result from "virtual" information such as the computer virus. This led him to propose four false dogmas relating to cyber warfare.
Ars Technica
November 3, 2017
One of the breakthroughs of the Stuxnet worm that targeted Iran's nuclear program was its use of legitimate digital certificates, which cryptographically vouched for the trustworthiness of the software's publisher. Following its discovery in 2010, researchers went on to find the technique was used in a handful ...
Eurasia Review
November 2, 2017
It was made public by the New York Times in a June 2012 article that, by the joint work of the US and Israeli computer scientists, a new secret and special computer virus named “Stuxnet v.0.5” was produced in 2007. In 2009, with the permission of the President of the United States, the virus was infiltrated ...
Belleville News-Democrat
November 2, 2017
In an article entitled “The Stuxnet Attack On Iran's Nuclear Plant Was 'Far More Dangerous' Than Previously Thought,” Business Insider author Michael B. Kelly explains the virus's effect on the “Natanz Enrichment Complex,” Iran's primary nuclear enrichment facility: “Stuxnet, a joint U.S.-Israel project, ...
Now. Powered by Northrop Grumman. (blog)
October 25, 2017
Stuxnet was the first known attack that allowed hackers to manipulate physical objects in the real-world. The Stuxnet worm, which targets ...
Machine Design
October 12, 2017
EU Automation explains how manufacturers can use programmable logic controllers and still reduce the risks of cyberattacks like Stuxnet, one ...
The Guardian
October 11, 2017
Israeli security has had a tense relationship with Kaspersky Lab since the company's research on Stuxnet, a specialised piece of malware ...
The Verge
October 3, 2017
More specifically, it seems to be decompiled code for the infamous Stuxnet virus (thanks, aaron44126!), which is a particularly strange thing for ...
Metro
September 28, 2017
Stuxnet was credited for successfully taking down the centrifuges ... He continued: 'Stuxnet 2.0 was designed to work with the same type of ...
TechTarget
September 11, 2017
A Windows Shell flaw used by the Stuxnet worm continues to pose problems years after it was patched. Nick Lewis explains how the flaw ...
CSO Online
August 22, 2017
Stuxnet is an extremely sophisticated computer worm that exploits multiple previously unknown Windows zero-day vulnerabilities to infect computers and spread. Its purpose was not just to infect PCs but to cause real-world physical effects. Specifically, it targets centrifuges used to produce the enriched ...
TechRepublic
August 15, 2017
Stuxnet was one of the most advanced malware attacks in history. ... TechRepublic's smart person's guide about Stuxnet is a quick introduction ...
Quartz
August 25, 2017
Similarly, cyberweapons like StuxNet were most likely originally developed as tools of defense to limit Iran's nuclear proliferation abilities, butÃÂ ...
Infosecurity Magazine
August 24, 2017
... by delivering advanced capabilities into the hands of governments and others that can end up in the wrong hands—i.e., the Stuxnet effect.
The Economist
August 24, 2017
... Interview”, a satirical film about the country's leader, and the American-Israeli Stuxnet software-driven sabotage of Iran's nuclear centrifuges.
ENGINEERING.com
August 22, 2017
Prior to the Stuxnet attack, very few outside the engineering profession had heard of a programmable logic controller (PLC),let alone what itsÃÂ ...
War on the Rocks
August 22, 2017
The best-known offensive cyber operation remains the Stuxnet attack on Iran's nuclear facility at Natanz in 2009. The attack was clever andÃÂ ...
CSO Online
August 22, 2017
Stuxnet is an extremely sophisticated computer worm that exploits multiple previously unknown Windows zero-day vulnerabilities to infectÃÂ ...
Techzine
August 18, 2017
Een aantal jaar geleden was de computerworm Stuxnet veelvuldig in het nieuws. De malware richtte zich in 2010 onder meer op het nucleaireÃÂ ...
|
news and opinion
|
|
|
stuxnet
software worms:
stuxnet
|
|