Saturday, October 9, 2010

A government-produced worm that may be aimed at an Iranian nuclear plant?

The Story Behind The Stuxnet Virus

Stuxnet is an Internet worm that infects Windows computers. It primarily spreads via USB sticks, which allows it to get into computers and networks not normally connected to the Internet. Once inside a network, it uses a variety of mechanisms to propagate to other machines within that network and gain privilege once it has infected those machines. These mechanisms include both known and patched vulnerabilities, and four "zero-day exploits": vulnerabilities that were unknown and unpatched when the worm was released. (All the infection vulnerabilities have since been patched.)

The Stuxnet computer worm that appears aimed at undermining Iran's nuclear program is part of a worsening phenomenon. Half of all companies running "critical infrastructure" systems worldwide say they have sustained politically motivated attacks.

A global survey of such attacks – rarely acknowledged in public because of their potential to cause alarm – found companies estimated they had suffered an average of 10 instances of cyber war or cyber terrorism in the past five years at a cost of $US850,000 ($880,000) a company.

After going through quite few articles and news, here are some interesting and useful links I would like to share which help you to understand the Stuxnet Worm.

F-Secure - Stuxnet Questions and Answers
ICSA Labs - Stuxnet Worm: Facts First
Bruce Schneier's Commentary - The Story Behind The Stuxnet Virus
Sydney Morning Herald - Mystery computer worm part of a global cyber war

Ralp Langner - Stuxnet Logbook *Updated*


Anonymous said...

You should read this!!and maybe link this page among your security experts:

Shoaib Yousuf said...

Thanks mate, that's very interesting and useful research website.