Stuxnet Worm

2136 WordsMar 4, 20169 Pages
STUXNET Worm Webster University SECR-5080 Information Systems Security Author Note Certificate of Authorship: This paper was prepared by me for this specific course and is not a result of plagiarism or self-plagiarism. I have cited all sources from which I used data, ideas, or words either quoted or paraphrased. Abstract Discovered in June of 2010, a computer worm called Stuxnet was designed to attack programmable-logic controllers or PLCs that are used to control switches and values in industries that operate a specific type of on Siemens PLC device using Step7 software running on a Windows operating system. The worm was successful because it was able to exploit a of four zero-day flaw of Windows operating system. Stuxnet…show more content…
Figure 2: Flash Drive Then the virus hid itself and become dormant once it enters the host system using digital signatures, from trusted computer companies that are encrypted data bits that notify computers that the software is legitimate, allowing for free travel of the virus from computer system to computer system. Most viruses use hacked or forged digital signatures to gain access to computers. The digital signatures used in Stuxnet was unique in that it used real signatures obtained from Realtek, a trusted name in the semiconductor business, the new virus had unlimited access to any computer system it entered. Figure 3: Realtek Semiconductor Corp Logo (RealTek, n.d.). Figure 4: Realtek Certificate (Symantec, 2010). How Stuxnet Works Using Windows operating system the Stuxnet worm attacks computer systems by using four separate zero-day attacks via Windows. Stuxnet uses vulnerability in the way Windows handles shortcut files to spread to new systems. The worm was designed from the bottom up to attack Supervisory Control and Data Acquisition (SCADA) systems, or those used to manage complex industrial networks, such as systems at power plants and chemical manufacturing facilities (Broad, W., Markoff, J., & Sanger, D., 2011). Stuxnet is spread initially via removable flash drive to use exploits such as peer-to-peer RPC to infect and update other
Open Document