What is Stuxnet what happens when Stuxnet enters a network?

Stuxnet is an extremely sophisticated computer worm that exploits multiple previously unknown Windows zero-day vulnerabilities to infect computers and spread. When it infects a computer, it checks to see if that computer is connected to specific models of programmable logic controllers (PLCs) manufactured by Siemens.

What is Stuxnet and why is it significant to cybersecurity?

Stuxnet is a malicious computer worm first uncovered in 2010 and thought to have been in development since at least 2005. Stuxnet targets supervisory control and data acquisition (SCADA) systems and is believed to be responsible for causing substantial damage to the nuclear program of Iran.

How was Stuxnet different from other viruses of its time?

Stuxnet, as it came to be known, was unlike any other virus or worm that came before. Rather than simply hijacking targeted computers or stealing information from them, it escaped the digital realm to wreak physical destruction on equipment the computers controlled.

How could Stuxnet have been prevented?

How Stuxnet Works. In order for the original Stuxnet worm to work correctly it has to be introduced into a system, usually via an infected USB thumb drive/flash drive. Stuxnet then travels throughout the network looking for specific hardware and software.

Why Stuxnet is called the first cyber weapon?

The cyber fallout Whilst the attack had a direct impact on the operations of the Iranian nuclear refinement facility, Stuxnet has been credited with showcasing the ability for cyber based attacks to have a direct impact upon physical systems and processes.

What was the outcome of the Stuxnet virus?

Its objective was to stealthily manipulate the speed of the sensitive enrichment centrifuges — causing attrition rather than blatant physical destruction. The Stuxnet worm reportedly infected more than 200,000 machines in 14 Iranian facilities and may have ruined up to 10\% of the 9,000 centrifuges in Natanz.

What type of zero days did the Stuxnet malware contain?

Many security companies, including Symantec and Kaspersky have said that Stuxnet was the most sophisticated attack they had ever analyzed. Stuxnet uses four zero-day exploits, a Windows rootkit, the first known PLC rootkit, antivirus evasion techniques, peer-to-peer updates, and stolen certificates from trusted CAs.

How did the Stuxnet virus work?

Stuxnet was a multi-part worm that traveled on USB sticks and spread through Microsoft Windows computers. The virus searched each infected PC for signs of Siemens Step 7 software, which industrial computers serving as PLCs use for automating and monitoring electro-mechanical equipment.

How was Stuxnet discovered?

Photo: David Yellen Cybersleuth: Roel Schouwenberg, of Kaspersky Lab, helped unravel Stuxnet and its kin in the most sophisticated family of Internet worms ever discovered. After discovering a computer virus on his own, the 14-year-old Schouwenberg contacted Kaspersky Lab, one of the leading antivirus companies.

How much is a zero-day worth?

Currently, the lower range of the zero-day exploit market is around $60,000 for an Adobe Reader attack. On the high end, zero-day exploits that attack Apple iOS can go for upwards of $2.5 million USD. Like any other market, zero-day exploit prices are determined largely by supply and demand.

Was Stuxnet a virus or a worm?

What is Stuxnet and how dangerous is it?

Stuxnet was first identified by the infosec community in 2010, but development on it probably began in 2005. Despite its unparalleled ability to spread and its widespread infection rate, Stuxnet does little or no harm to computers not involved in uranium enrichment.

What was the first known version of Stuxnet?

Stuxnet 0.5 [McD13] is the first known version of Stuxnet. It may have become operational as early as November 2005; it became known to malware scanners in November 2007. It was designed to stop compromising computers on July 4, 2009.

How does Stuxnet affect computers not involved in uranium enrichment?

Despite its unparalleled ability to spread and its widespread infection rate, Stuxnet does little or no harm to computers not involved in uranium enrichment. When it infects a computer, it checks to see if that computer is connected to specific models of programmable logic controllers (PLCs) manufactured by Siemens.

What is Stuxnet and why is Iran preparing for another attack?

As Iran prepares for its presidential elections, the attackers behind Stuxnet are also preparing their next assault on the enrichment plant with a new version of the malware. They unleash it just as the enrichment plant is beginning to recover from the effects of the previous attack.