/aug 8, 2012

Stuxnet: The New Face of 21st Century Cyber Warfare Infographic

By Neil Dupaul

In June of 2010 the Stuxnet worm made it's debut to the world. Joint engineered by the United States and Israel to cripple Iran's nuclear efforts, it wasn't long before the worm was altered and turned loose on the internet spawning a number of variations of the original worm and affecting computers around the world! Stuxnet Worm
 

Stuxnet is a computer worm discovered in June 2010 that was jointly created by the US and Israel to slow Iran’s nuclear efforts.

Timeline:

2006 - US military and intelligence officials propose top-secret cyber war program against Iran’s uranium enrichment program. 2007- A virtual replica of Iran’s Natanz plant is built at American national laboratories. The US and Israel join to develop a complicated computer worm. It is the most complicated computer worm the world has ever seen. 2008 - Centrifuges at the Natanz plant begin crashing. 2009 - The US estimates that “Olympic Games” set back Iran’s production of a nuclear weapon by 1.5 to 2 years. Former President Bush urges President-Elect Obama to continue “Olympic Games.” 2010: Spring - NSA and the Israelis secretive unit 8200 target 1,000 centrifuges (roughly 1/5 of Iran’s functional centrifuges), whose failure was a huge set back to Iran. A special version of the worm is developed. Summer - 130,000 computers were infected by the Stuxnet virus and copies of the worm escape Natanz and become available on the internet. Late 2010-11 - Iranian production recovers. 2011-2012 - Intelligence agencies in the US and Israel seek out new targets that could further slow Iran’s progress. Stuxnet continued to run.

Results of the Stuxnet Virus:

  • Stuxnet took out 984 Centrifuges in Iran.
  • The worm consists of a layered attack against three different systems, Siemens PCS 7, WinCC, and STEP7. The Current Stuxnet code will not affect computers unless they use all three systems.
  • Tiffany Rad, a Hacker altered the code demonstrating how she could use the code to control prison doors without alerting the guards.
  • Researchers linked some of the code in the Stuxnet worm to Flame, the most sophisticated cyber spying program ever discovered. Deployed over 5 years ago a Symantec researcher has only recently identified a component of Flame that allows operators to delete files remotely.
  • June 24, 2012 0:00:01 Stuxnet: turned off
  • The framework may have become the blueprint for the next big cyber weapon, Duqu, has striking similiarities to Stuxnet. According to researchers 50% of the source code and 99% of the software rules for Duqu are the same as Stuxnet. To avoid suspicion from network administrators, Duqu camouflagues its own data behind normal web traffic. Unlike Stuxnet Duqu is able to record keystrokes and collect various details of the infected system which are then encrypted and appended to an image file

Veracode Security Solutions

Vulnerability Scanner
SQL Injection Attack
Android Security
Software Development Lifecycle
Vulnerability Assessment
iOS Security
Facebook Security
Mobile Security

 

Related Posts

By Neil Dupaul

Neil is a Marketing Technologist working on the Content and Corporate teams at Veracode. He currently focuses on Developer Awareness through strategic content creation. In his spare time you'll find him doting over his lovely wife and daughter. He is a Co-Owner of CrossFit Amoskeag in Bedford NH, his favorite topic is artificial intelligence, and his favorite food is pepperoni pizza.