The buzz all around the world of cyber security these days is Stuxnet. It’s an incredible little piece of malware that utilized four undisclosed zero day vulnerabilities to propagate itself before implanting itself as a rootkit using stolen digital certificates to authenticate itself.12 Stuxnet has apparently been around for awhile in several variants, using it’s rootkit techniques to remain completely hidden as it spread around the world. Specifically, it seems to target SCADA systems and has been found concentrated in India, Indonesia and Iran amongst other countries. Theories abound regarding its purposes since it seems to focus so specifically on Siemens industrial control systems and conspiracists are pondering coincidental timing of the worm and Iran’s nuclear program (using Siemens’ SCADA). Many theorize the worm must be the work of a nationstate due to its sophistication and fingers have pointed at Russians, Chinese and the Israelis.
1 For more information on rootkits, please read r00tkit Analysis: What Is a Rootkit
2 For a pretty detailed reverse engineering breakdown of Stuxnet, checkout the work performed by Symantec outlining the infection process.
Similarly tagged OmniNerd content:
* * item2.1
# # item2.1
Welcome! OmniNerd's content is generated by nerds like you. Learn more.