Stuxnet is a malicious computer worm first uncovered in 2010 and thought to have been in development since at least 2005. Stuxnet targets supervisory control and data acquisition (SCADA) systems and is believed to be responsible for causing substantial damage to the nuclear program of Iran.[2] Although neither country has openly admitted responsibility, multiple independent news organizations recognize Stuxnet to be a cyberweapon built jointly by the United States and Israel in a collaborative effort known as Operation Olympic Games.[3][4][5] The program, started during the Bush administration, was rapidly expanded within the first months of Barack Obama's presidency.[6]
Stuxnet specifically targets programmable logic controllers (PLCs), which allow the automation of electromechanical processes such as those used to control machinery and industrial processes including gas centrifuges for separating nuclear material. Exploiting four zero-day flaws,[7] Stuxnet functions by targeting machines using the Microsoft Windows operating system and networks, then seeking out Siemens Step7 software. Stuxnet reportedly compromised Iranian PLCs, collecting information on industrial systems and causing the fast-spinning centrifuges to tear themselves apart.[2] Stuxnet's design and architecture are not domain-specific and it could be tailored as a platform for attacking modern SCADA and PLC systems (e.g., in factory assembly lines or power plants), most of which are in Europe, Japan, and the United States.[8] Stuxnet reportedly ruined almost one-fifth of Iran's nuclear centrifuges.[9] Targeting industrial control systems, the worm infected over 200,000 computers and caused 1,000 machines to physically degrade.[10]
Stuxnet has three modules: a worm that executes all routines related to the main payload of the attack; a link file that automatically executes the propagated copies of the worm; and a rootkit component responsible for hiding all malicious files and processes, to prevent detection of Stuxnet.[11] It is typically introduced to the target environment via an infected USB flash drive, thus crossing any air gap. The worm then propagates across the network, scanning for Siemens Step7 software on computers controlling a PLC. In the absence of either criterion, Stuxnet becomes dormant inside the computer. If both the conditions are fulfilled, Stuxnet introduces the infected rootkit onto the PLC and Step7 software, modifying the code and giving unexpected commands to the PLC while returning a loop of normal operation system values back to the users.[12][13]
^"W32.Stuxnet Dossier" (PDF). Symantec. November 2010. Archived from the original (PDF) on 4 November 2019.
^ abKushner, David (26 February 2013). "The Real Story of Stuxnet". IEEE Spectrum. 50 (3): 48–53. doi:10.1109/MSPEC.2013.6471059. S2CID 29782870. Archived from the original on 7 February 2022. Retrieved 13 November 2021.
^"Confirmed: US and Israel created Stuxnet, lost control of it". Ars Technica. June 2012. Archived from the original on 6 May 2019. Retrieved 15 June 2017.
^Ellen Nakashima (2 June 2012). "Stuxnet was work of U.S. and Israeli experts, officials say". The Washington Post. Archived from the original on 4 May 2019. Retrieved 8 September 2015.
^Bergman, Ronen; Mazzetti, Mark (4 September 2019). "The Secret History of the Push to Strike Iran". The New York Times. ProQuest 2283858753. Archived from the original on 15 March 2023. Retrieved 23 March 2023.
^Sanger, David E. (1 June 2012). "Obama Order Sped Up Wave of Cyberattacks Against Iran". The New York Times. ISSN 0362-4331. Archived from the original on 1 June 2012. Retrieved 3 October 2022.
^Naraine, Ryan (14 September 2010). "Stuxnet attackers used 4 Windows zero-day exploits". ZDNet. Archived from the original on 25 November 2014. Retrieved 12 April 2014.
^Karnouskos, Stamatis (November 2011). "Stuxnet worm impact on industrial cyber-physical system security" (PDF). IECON 2011 - 37th Annual Conference of the IEEE Industrial Electronics Society. pp. 4490–4494. doi:10.1109/IECON.2011.6120048. ISBN 978-1-61284-972-0. S2CID 1980890. Retrieved 23 March 2023.
^Kelley, Michael (20 November 2013). "The Stuxnet Attack on Iran's Nuclear Plant Was 'Far More Dangerous' Than Previously Thought". Business Insider. Archived from the original on 9 May 2014. Retrieved 8 February 2014.
^"Sheep dip your removable storage devices to reduce the threat of cyber attacks". www.mac-solutions.net. Archived from the original on 4 September 2017. Retrieved 26 July 2017.
^"STUXNET Malware Targets SCADA Systems". Trend Micro. January 2012. Archived from the original on 13 April 2014. Retrieved 12 April 2014.
^Gross, Michael Joseph (April 2011). "A Declaration of Cyber-War". Vanity Fair. Archived from the original on 31 August 2021. Retrieved 31 December 2015.
^"Exploring Stuxnet's PLC Infection Process". Symantec. 23 January 2014. Archived from the original on 21 June 2021. Retrieved 22 September 2010.
Stuxnet is a malicious computer worm first uncovered in 2010 and thought to have been in development since at least 2005. Stuxnet targets supervisory...
most advanced (...) we have seen", operating alongside the creators of Stuxnet and Flame. Most of their targets have been in Iran, Russia, Pakistan, Afghanistan...
the absence of either criterion, Stuxnet becomes dormant inside the computer. If both conditions are fulfilled, Stuxnet introduces the infected rootkit...
discovered on 1 September 2011, thought by Kaspersky Labs to be related to the Stuxnet worm and to have been created by Unit 8200.[better source needed] Duqu...
espionage platforms conducted by nations, such as Equation Group and the Stuxnet worm. Various covert government-sponsored cyber-espionage efforts were...
attacks. Some special worms attack industrial systems in a targeted manner. Stuxnet was primarily transmitted through LANs and infected thumb-drives, as its...
centrifuge infrastructure at the Natanz nuclear enrichment lab in Iran with the Stuxnet malware in 2007. Although he completed the covert mission successfully...
may have been an infection by the sophisticated Stuxnet worm. He attributed the development of Stuxnet worm most likely to Government of China which had...
Aramco. Storm Worm - A Windows trojan horse that forms the Storm botnet Stuxnet First destructive ICS-targeting Trojan which destroyed part of Iran's nuclear...
computer virus created by the two countries became known as "the bug," and Stuxnet by the IT community once it became public. The malicious software temporarily...
plan created as a mitigation strategy after the Stuxnet malware campaign and its aftermath. Unlike Stuxnet, that was loaded onto a system after the design...
Duqu Flame (malware) Great Cannon Mirai (malware) Stuxnet Wiper (malware) Pegasus (spyware) Stuxnet was among the first and one of the most influential...
access the operating system) - These can only be executed in STL. The Stuxnet computer worm specifically targets SIMATIC S7 PLCs via its STEP 7 programming...
first known SCADA systems to be specifically targeted by malware. The Stuxnet worm can spy on and even reprogram infected systems. "SCADA System SIMATIC...
2010, VirusBlokAda reported detection of zero-day attack malware called Stuxnet that exploited the vulnerability to install a rootkit that snooped Siemens'...
to believe it is probably the same thing as the Duqu virus, part of the Stuxnet attack on Iran. The Stars virus was studied in a laboratory in Iran – that...
end. The NSA is also alleged to have been behind such attack software as Stuxnet, which severely damaged Iran's nuclear program. The NSA, alongside the...
American, Dutch and Israeli intelligence organizations. The attack used a Stuxnet worm which hampered the operation of plant's centrifuges and caused damage...
the comprehensive analysis released by Symantec in 2011 regarding the Stuxnet virus, Realtek's digital certificate for Windows was compromised, allowing...
report to investors. Believed to be an American-Israeli cyber weapon, Stuxnet is a malicious computer worm. The worm specifically targets systems that...
Internet is a potential attack vector for such machines if connected, but the Stuxnet worm demonstrated that even equipment controlled by computers not connected...
money-making, malware can be used for sabotage, often for political motives. Stuxnet, for example, was designed to disrupt very specific industrial equipment...
uranium-enrichment plant. Although the official authors of Stuxnet haven't been officially identified, Stuxnet is believed to be developed and deployed by the United...
Global Information