powered by TMCnet

Network Security

Network Security Channel Sponsored by Astaro
Network Security Featured Article Archive
Back to Network Security Channel
October 04, 2010

Stuxnet Worm Poses Threat to Network Security

By Erin Monda, TMCnet Contributor

The Stuxnet worm has been garnishing large amounts of media attention these days – and for good reason. The worm drops a malicious shortcut into removable drives, compromising network security wherever it goes. It is the first of its kind to feature an uploaded rootkit function that is able to hide injected code located in a Programmable Logic Controller (PLC).

Despite intense speculation about its creator and intended target, however, it has been difficult to analyze, and many questions still loom. That’s why I recently interviewed Andy Hayter, anti-malcode manager at ICSA Labs, a vendor-neutral testing and certification firm that works with hundreds of the world’s top vendors.

Erin: How did the Stuxnet Worm earn its monicker? It’s not a very nice-sounding name.

Andy: I do not have this answer at this time, but will do research to determine who/how it was named.

Erin: How sophisticated is this Malware – what is the most damage it can do?

Andy: Experts in the area of malware analysis are stating that Stuxnet is the most complicated piece of malware to be seen in at least the last 10 years. The malware involves at least 4 zero-day vulnerabilities, 2 signed code certificates and the first malware to infect PLCs.  Various levels of expertise were required to develop Stuxnet. It was not created by some wannabe hacker in his basement. Stuxnet can be used to modify the programming of PLCs that at used in a variety of manufacturing or process industry applications.  Any where a device needs to be programmatically controlled the worm can inject malicious code into the process.  Examples are opening or closing a valve, turning a pump on or off etc.

Erin: Who made this Worm? What are some of the leading theories?

Andy: The Stuxnet worm is so sophisticated and involves many new techniques that it would have required a team of developers with skills in many areas not the least is the specialized knowledge to modify PLC code.

Erin: How can we protect ourselves against it?

Andy: Stuxnet itself is not a major threat unless you are running PLC in the exact prerequisite scenario. However, the new techniques employed by Stuxnet will likely be copied and new variations are likely to be discovered.

**

I thanked Andy for his time and told him I am looking forward to featuring the results of his research into the vile Stuxnet worm.


Erin Monda recently graduated from W.C.S.U. with a degree in professional writing. She primarily writes about network technologies, including cloud computing, virtualization and network optimization, however she also has a focus on E911 technologies and legislation.

Edited by Erin Monda
Back to Network Security Channel

  Network Security Quick Links

Network Security
Products
Resources
Support
News & Events

  Astaro Press Corner

For more information on press releases, please contact your local Astaro media representative: Ms. Monika Schraft for the EMEA region on +49-721-255160; Ms. Jessica Lavery-Pozerski for the AMER region on +1-978-9742648 or Ms. Cheryl Tuquib for the Asia region on +65-622-72700. High resolution images and management team biographies and headshots are freely available for download on the right side of all press corner pages.
Astaro's Jack Daniel to Present at Canada's First Security BSides Event in Ottawa
Astaro Offers Wireless Without Compromises: New Access Points Fully Integrate With Existing Security Policies
Astaro's Jack Daniel to Present Secure Boston Event
View All

  Network Security Resources

  Featured Blogs

Astaro Security Perspectives blog
Astaro Up2Date blog
View All

  White Papers & eBooks

Reinventing branch office security
Dark side of cloud computing
Payment Card Industry Standards
Hidden Dangers of Spam
View All

 Stay Connected!