CMIT 320 Network Security Paper Elizabeth Flaim

960 Words Apr 18th, 2015 4 Pages
Network Security Paper - Stuxnet
Elizabeth Flaim
CMIT 320, Section 6380
Professor Charles Pak
Due March 8, 2015

Introduction
Technical Analysis Ralph Langner’s article on the Stuxnet worm discusses the hardware, distribution and targets of the attack. He also goes into detail regarding the outlook of future attacks and what we can do to prevent them. The Stuxnet attack was not executed to steal or erase information. It was carried out to physically destroy a military target; Iran’s Natanz nuclear facility. The attack was aimed at industrial SCADA controllers and was a stand-alone attack. It was not an attack that required access to the Internet. The attackers relied on local networks and USB drives to carry out the attack.
…show more content…
This allowed the worm to be recognized as a device driver and to not be rejected by the Windows operating system. The early version of the worm functioned as a man-in-the-middle attack. It sat between the engineering software and the Siemens controllers for the input and output valves feeding into each centrifuge. The worm would accept commands from the engineering software and give false responses to indicate that these commands were being processed by the controllers. In reality, the worm was regularly allowing the centrifuges to be over-pressurized, which had the effect of causing the centrifuges to wear out and break more quickly. The later version of the software was much more crude. It would take over the centrifuges and refuse to acknowledge signals from the engineering software while an attack was active. The attack operated about once a month and worked by slowing down the centrifuges and then spinning them back up to past their normal full speed. This would cause damage as the centrifuges passed through what was known as a resonance speed, which would destabilize the rotor. Stuxnet managed to increase the rotor speeds at Iran’s Natanz nuclear facility from a normal speed of 63,000 rpm to 84,600 rpm. The worms were carefully designed so that it would not be obvious to someone in the facility that their mechanical systems were being sabotaged. For example, the worm would randomly affect different centrifuges at

More about CMIT 320 Network Security Paper Elizabeth Flaim

Open Document