Stuxnet Worm: New threat targets Scada Systems and other industrial environments
These systems have a mainly industrial usage. They are being used to control pipelines’ pressure or motor work rates on industrial factory floors. Typical environments can be oil pipelines and power-plants, factories etc.
In order to gain access to the network, Stuxnet exploits a first zero-day vulnerability in the the Windows OS. Apparently there are 4 such vulnerabilities in Windows, the second one of which allows the worm to spread across the network. After locating a machine with Scada, the worm reports back to the attacker via a command-and-control system. The last two vulnerabilities are the ones used by the worm to acquire system level privileges.
It is rumored that the complexity of the worm may prove that state-sponsored hackers are behind this mall-ware, although no firm evidence of this can be found. Iran has been the main area of Stuxnet infestations so far.
Related Posts
New concerning clues in the “Stuxnet” case
How to Stop Conficker/Stuxnet in four easy steps – Advisory by CoSoSys- New variations of the Stuxnet worm expected to emerge in 2011
Stuxnet and cyber warfare – the future is now 
“there is always an idiot around who doesn’t think much about the thumb drive in their hand”
September 28th, 2010 at 7:31 pm
[...] Conficker/Stuxnet detects platforms with Scada systems installed on and uses Windows vulnerabilities to gain access and spread through the network. In the light of current events and the continuous spread of the worm through USB ports and USB portable devices, endpoint security and data loss prevention solution developer CoSoSys has created a four-step strategy against Stuxnet that’s extremely easy to implement: [...]