bmanahan188at October 27,2015 Stuxnet is truly an amazing virus that changed the entire game. Not only is it truly advanced in the wide variety of methods that it simultaneously employs, but also in the ultimate payload that it delivers which destroy nuclear infrastructure. I believe this is just the beginning of advanced attacks against infrastructure, and we will see more and more as we continue into our global cyberwar.
sliu23at November 06,2015 Stuxnet must be the most famous APT weapon that has been exposed. It changes people’s old view about malware. The designer of Stuxnet is quite intelligence to increase the size of malware, choose multiple mechanism and use the USB drive as the one way of transmission to penetrate the inside network. Normally, insulating inside and outside network in physics is the best way to protect those crucial facilities and apartments. Stuxnet shows us that physics insulation network is not as security as we think. Although the strategy that Stuxnet works every 27 days is not complicated, it is also as important as the advanced techniques used in Stuxnet to delay the exposure time. The exposure of Stuxnet is just a start. Its design idea would not only be applied in cyber-war weapon but also in the ordinary malware in the future.
tshafiat November 20,2015 I think the fact that there are so many backdoors and security vulnerabilities speaks to the industries design geared towards profit making and less towards security. I’ve heard it said that security is a polar opposite to usability. It appears it costs quite a bit to ensure that software is secure. So many patches and updates that don’t improve software, but make it more secure speaks to the fact that the industry is geared towards pushing the product to the market first, and making it secure later. This is a goldmine for the hacker and malware producer who benefits by finding vulnerabilities. This video is also a reminder to always change the manufacturer default password. This default password is there to make user setup easier and reminds us that usability is a polar opposite to security. Security is only as strong as the weakest link, and quite often that is the human component in the chain.
Searching through the Windows networks for PLCs and then infiltrating the PLCs and proceeding to gather telemetry data on the PLC for 13 days is a lot of work before Stuxnet proceeds to sabotage the target devices. There is an enormous amount of understanding required to design Stuxnet to do all this.
One other impressive strength of Stuxnet’s design was its stealth. The 27 day waiting period is genius, the false negatives it transmits to the monitors as it controls the centrifuges is one level of stealth detail, and there are many others. Stuxnet designers take into account all monitor systems and antivirus programs it will be encountering and has stolen certificates to help them. So certificates can be stolen and used to enable virus worms to be more stealthy and should not be blindly trusted.
brober15at November 25,2015 It seems that every time I hear someone knowledgeable discussing the next logical step for malware to be used in cyber warefare, it's to attack power plants. I hope that the people who operate such critical infrastructure are paying attention and doing what they can do mitigate the threats. It's only a matter of time before someone tries something similar to the U.S., we changed the rules of the game. Here it might be a small measure of solace that US tech companies supposedly cooperate with the US government. Perhaps they provided assistance (such as source code) that other governments wouldn't be able to access. Which in turn might limit our exposure to such attacks.
gcorkerat November 29,2015 Very good breakdown of Stuxnet. It is very impressive and scary how sophisticated Stuxnet is. The motivation also seems like it would be unique to a nation - according, to Edward Snowden, it was developed by the US and Israel.