Ralph Langner has analyzed the Stuxnet virus and made a convincing argument that it was created to do a single job. The technical details are really interesting and not the sort of thing you will encounter in the usual news media.

The conclusion is that Stuxnet was designed to attack the Natanz processing facility in Iran. There is no clue as to who created the code, however. One interesting observation is that there seems to be no way to create Stuxnet without a test facility, i.e. you need substantial resources to create such a virus.

If you would like to see a less technical but wider discussion of security for SCADA systems, here's one that appeared recently on 60 Minutes.

Computer virus's evident success in damaging Iran's nuclear facility has officials asking if our own infrastructure is safe. Steve Kroft reports.

It is sobering to note that Siemens still has not fixed the vulnerabilities in its SCADA control computers.

Siemens PCL unit with three I/O modules

Further Reading

Planes are Unix hosts waiting to be hacked

Cracking Stuxnet - a beginner's guide

Comments

Make a Comment or View Existing Comments Using Disqus

or email your comment to: comments@i-programmer.info

To be informed about new articles on I Programmer, subscribe to the RSS feed, follow us on Google+, Twitter, Linkedin or Facebook or sign up for our weekly newsletter.