Inside Stuxnet
Written by Andrew Johnson   
Sunday, 11 March 2012

Ralph Langner has analyzed the Stuxnet virus and made a convincing argument that it was created to do a single job. The technical details are really interesting and not the sort of thing you will encounter in the usual news media.

 

stuxnetdeepdive

 

The conclusion is that Stuxnet was designed to attack the Natanz processing facility in Iran. There is no clue as to who created the code, however. One interesting observation is that there seems to be no way to create Stuxnet without a test facility, i.e. you need substantial resources to create such a virus.

 

If you would like to see a less technical but wider discussion of security for SCADA systems, here's one that appeared recently on 60 Minutes.

Computer virus's evident success in damaging Iran's nuclear facility has officials asking if our own infrastructure is safe. Steve Kroft reports.

 

 

 

 

It is sobering to note that Siemens still has not fixed the vulnerabilities in its SCADA control computers.

 

 

stuxnethardware

Siemens PCL unit with three I/O modules

 

Further Reading

Planes are Unix hosts waiting to be hacked

Cracking Stuxnet - a beginner's guide


blog comments powered by Disqus

 

To be informed about new articles on I Programmer, subscribe to the RSS feed, follow us on Google+, Twitter, Linkedin or Facebook or sign up for our weekly newsletter.

Banner


Kivy App Contest 2014
16/04/2014

The theme for the second application development contest organized by Kivy has been announced and you now have a month in which to code and submit your entries.



HeartBleed - The Programmers View
10/04/2014

You've heard about the HeartBleed vulnerability in OpenSSL, you probably have had to deal with its consequences - but perhaps you don't know just how old fashioned a bug it is. 


More News

Last Updated ( Sunday, 11 March 2012 )
 
 

   
RSS feed of news items only
I Programmer News
Copyright © 2014 i-programmer.info. All Rights Reserved.
Joomla! is Free Software released under the GNU/GPL License.