Skip to main content

Stuxnet

Stuxnet is a Windows-specific computer worm first discovered in July 2010 by VirusBlokAda, a security firm based in Belarus. It is the first discovered worm that spies on and reprograms industrial systems,the first to include a programmable logic controller (PLC) rootkit, and the first to target critical industrial infrastructure. It was specifically written to attack Supervisory Control And Data Acquisition (SCADA) systems used to control and monitor industrial processes. Stuxnet includes the capability to reprogram the PLCs and hide its changes.


The worm's probable target is said to have been high value infrastructures in Iran using Siemens control systems. According to news reports the infestation by this worm might have damaged Iran's nuclear facilities in Natanz and eventually delayed the start up of Iran's Bushehr Nuclear Power Plant. Although Siemens has stated that the worm has not caused any damage, on November 29, Iran confirmed that its nuclear program had indeed been damaged by Stuxnet.


Russian digital security company Kaspersky Labs released a statement that described Stuxnet as "a working and fearsome prototype of a cyber-weapon that will lead to the creation of a new arms race in the world." Kevin Hogan, Senior Director of Security Response at Symantec, noted that 60% of the infected computers worldwide were in Iran, suggesting its industrial plants were the target.Kaspersky Labs concluded that the attacks could only have been conducted "with nation-state support", making Iran the first target of real cyberwarfare.


History 

The worm was first reported by the security company VirusBlokAda in mid-June 2010, and roots of it have been traced back to June 2009. It contains a component with a build time stamp from 3 February 2010. 

In the United Kingdom on 25 November 2010, Sky News announced that it had received information that the Stuxnet worm, or a variation of the virus, had been traded on the black market. Sky News stated that the virus had possibly been traded to a criminal gang or terrorist group and that such a virus was a "tier 1" threat to national security



Removal 

Siemens has released a detection and removal tool for Stuxnet. Siemens recommends contacting customer support if an infection is detected and advises installing the Microsoft patch for vulnerabilities and prohibiting the use of third-party USB flash drives. 

The worm's ability to reprogram external programmable logic controllers (PLCs) may complicate the removal procedure. Symantec's Liam O'Murchu warns that fixing Windows systems may not completely solve the infection; a thorough audit of PLCs is recommended. In addition, it has been speculated that incorrect removal of the worm could cause a significant amount of damage.


SOURCE : WIKIPEDIA 


Labels:

Comments

Post a Comment

Popular posts from this blog

Valentine's week

Celebrate your Valentine's week with  Your Valentine 7 Feb Rose Day 8 Feb Propose Day 9 Feb Chocolate Day 10 Feb Teddy Day 11 Feb Promise Day 12 Feb Kiss Day 13 Feb Hug Day 14 Feb VALENTINE'S DAY 15 Feb Slap Day 16 Feb Kick Day 17 Feb Perfume Day 18 Feb Flirting Day 19 Feb Confession Day I want to confess dear sweetheart!! (*-*) 21 Feb Break Up
Post a Comment
Read more

Free download XSS SHELL v0.3.8

XSS SHELL v0.3.8 WHAT IS XSS SHELL ? XSS Shell is powerful a XSS backdoor and zombie manager. This concept first presented by "XSS-Proxy - http://xss-proxy.sourceforge.net/  ". Normally in XSS attacks attacker has one shot, in XSS Shell you can interactively send requests and get responses from victim. you can backdoor the page.  You can steal basic auth, you can bypass IP restrictions in administration panels, you can DDoS some systems with a permanent XSS vulnerability etc. Attack possibilities are limited with ideas. Basically this tool demonstrates that you can do more with XSS. FEATURES XSS Shell has several features to gain whole access over victim. Also you can simply add your own commands.  Most of the features can enable or disabled from configuration or can be tweaked from source code. Features; - Regenerating Pages - This is one of the key and advanced features of XSS Shell. XSS Shell re-renders the infected page and keep user in virtual environment...
Post a Comment
Read more

How to find who is invisible or blocked you on Google Gtalk

So guys are you ready to know that which of your friend has blocked you on google talk. Whenever you noticed a contact in your Gtalk/Google Talk has not been online for some time, have it ever crossed your mind you’ve been blocked? If you are curious in finding out who actually blocked you in Gtalk, here’s a workaround you can try. This following method we attempt to show make use of a chat client call Pidgin. STEPS TO FIND WHO IS INVISIBLE OR BLOCKED YOU ON GOOGLE CHAT: 1. Download, Install Pidgin Click here to download Pidgin chat client. If you already have Pidgin installed, you may skip this step. 2. Configure Pidgin for GtalkYou’ll probably start with the below screen. Click the Add button. "Accounts -> Manage Account" will also bring you to the same screen. Let’s add Gtalk to Pidgin. Configure Pidgin Welcome Screen Clicking Add will allow you to add new Gtalk account. The following two screenshots show what you need to fill up for Basic and Advance tab, pay...
Post a Comment
Read more