Stuxnet By Shane Serafin Overview What is Stuxnet
Stuxnet By Shane Serafin
Overview � What is Stuxnet � How it was spread � How it was detected � What it exploited � What it looked for � What it did � Who it attacked � Who was behind it � The after effects of Stuxnet � The future of Stuxnet
What is Stuxnet? � � � Name given to complex malware used for an attack on Iran’s Nuclear Facility First real cyber weapon So advanced estimated 20 x more complex than previous virus codes � Tens thousand plus lines of code � Very professionally written � � Multiple languages like C, C++, and other object oriented languages Half a megabyte in size
How it was spread? � Infected USB drives � Minimized risk of discover by only allowing it to spread to no more than three PCs then it stopped � Released a year before it was discovered and drew any attention
How it was detected? � Stayed dormant and didn’t attack � Had a real clearance that was stolen instead of a forged security clearance � Told systems everything was fine after it attacked � First reported in July 2010 by Virus. Blok. Ada � Computer � Sent � Set in Iran facility was in reboot loop information to a domain up sinkhole to reroute traffic
What it exploited? � Security gaps that system creators are unaware of called “Zero Days” � 12 million pieces of malware examined a year by researches with less than a dozen having it � Successful � Sell viruses exploit a Zero Day on Black Market for $100, 000
What it looked for? � Programmable S 7 -300 � Circuitry � Also logic controller called Siemens and software Iran’s nuclear facility used in traffic lights, assembly lines, oil pipelines, gas pipelines, water treatment, and electricity grids
What it did? � Changed settings in centrifuges that spin nuclear material � Sped up the spin cycle to damage it � Needed replaced 10 x faster
Who it attacked? � Iran’s � Set Nuclear enrichment facilities the program back several years � Open call to hackers to join Iranian Revolutionary Guard. (2 nd largest online)
Who was behind it? � Unknown, � Nation with funding and technology � Suspects: ◦ USA ◦ Israel ◦ Russia nothing was proven
The After Effects of Stuxnet � New era of warfare begun � Attacks on critical infrastructure in the US � Defense Secretary Leon Panetta “there is a strong likelihood that next Pear Harbor we confront will be from a cyber attack” � Enforcement officials stressing important on Cyber Security
The Future of Stuxnet � Who will redesign it � Available � No online and is open source telling who or what they will target
Video About Stuxnet � http: //www. youtube. com/watch? v=7 g 0 pi 4 J 8 au. Q
Questions
Sources � http: //thehackernews. com/2011/12/us-israel-or-russia- who-is-behind. html � http: //www. computerworld. com/s/article/9185919/Is_Stu xnet_the_best_malware_ever_? taxonomy. Id=85&page. Numb er=1 � http: //www. cbsnews. com/8301 -18560_162 - 57390124/stuxnet-computer-worm-opens-new-era-ofwarfare � http: //www. youtube. com/watch? v=7 g 0 pi 4 J 8 au. Q � http: //www. wired. com/threatlevel/2011/07/how-digital- detectives-deciphered-stuxnet/all/1
- Slides: 15