26 Facts About Stuxnet

Stuxnet is a malicious computer worm first uncovered in 2010 and thought to have been in development since at least 2005.

Stuxnet reportedly compromised Iranian PLCs, collecting information on industrial systems and causing the fast-spinning centrifuges to tear themselves apart.

Stuxnet has three modules: a worm that executes all routines related to the main payload of the attack; a link file that automatically executes the propagated copies of the worm; and a rootkit component responsible for hiding all malicious files and processes, to prevent detection of Stuxnet.

Stuxnet, discovered by Sergey Ulasen, initially spread via Microsoft Windows, and targeted Siemens industrial control systems.

On 1 June 2012, an article in The New York Times said that Stuxnet is part of a US and Israeli intelligence operation named Operation Olympic Games, devised by the NSA under President George W Bush and executed under President Barack Obama.

Related searches

Kaspersky Lab experts at first estimated that Stuxnet started spreading around March or April 2010, but the first variant of the worm appeared in June 2009.

Second variant, with substantial improvements, appeared in March 2010, apparently because its authors believed that Stuxnet was not spreading fast enough; a third, with minor improvements, appeared in April 2010.

Stuxnet attacked Windows systems using an unprecedented four zero-day attacks.

Stuxnet is unusually large at half a megabyte in size, and written in several different programming languages which is irregular for malware.

Entirety of the Stuxnet code has not yet been disclosed, but its payload targets only those SCADA configurations that meet criteria that it is programmed to identify.

Stuxnet installs malware into memory block DB890 of the PLC that monitors the Profibus messaging bus of the system.

Prevention of control system security incidents, such as from viral infections like Stuxnet, is a topic that is being addressed in both the public and the private sector.

Experts believe that Stuxnet required the largest and costliest development effort in malware history.

Symantec estimates that the group developing Stuxnet would have consisted of between five and thirty people, and would have taken six months to prepare.

The Guardian, the BBC and The New York Times all claimed that experts studying Stuxnet believe the complexity of the code indicates that only a nation-state would have the abilities to produce it.

The leading force behind Stuxnet is the cyber superpower – there is only one; and that's the United States.

The Institute for Science and International Security suggests, in a report published in December 2010, that Stuxnet is a reasonable explanation for the apparent damage at Natanz, and may have destroyed up to 1,000 centrifuges sometime between November 2009 and late January 2010.

LEU quantities could have certainly been greater, and Stuxnet could be an important part of the reason why they did not increase significantly.

American presidential advisor Gary Samore smiled when Stuxnet was mentioned, although American officials have suggested that the virus originated abroad.

In 2009, a year before Stuxnet was discovered, Scott Borg of the United States Cyber-Consequences Unit suggested that Israel may prefer to mount a cyber-attack rather than a military strike on Iran's nuclear facilities.

Fact that John Bumgarner, a former intelligence officer and member of the United States Cyber-Consequences Unit, published an article prior to Stuxnet being discovered or deciphered, that outlined a strategic cyber strike on centrifuges and suggests that cyber attacks are permissible against nation states which are operating uranium enrichment programs that violate international treaties gives some credibility to these claims.

Frank Rieger stated that three European countries' intelligence agencies agreed that Stuxnet was a joint United States-Israel effort.

The cyber weapon that came to be known as Stuxnet was created and built by the NSA in partnership with the CIA and Israeli intelligence in the mid-2000s.

In July 2013, Edward Snowden claimed that Stuxnet was cooperatively developed by the United States and Israel.

An early version of Stuxnet contained code to propagate infections via USB drives that is nearly identical to a Flame module that exploits the same vulnerability.

Related searches

Stuxnet later plead guilty for lying to FBI agents pursuing an investigation into the leak.