Stuxnet is a virus that was specifically designed to attack supervisory control and data acquisition systems manufactured by German industrial giant Siemens. These systems are often utilized to manage water supplies, power plants and other industrial facilities, making the worm especially dangerous for governments.
The only advice that seems to make any sense as far as this virus goes is to have back-up plans ready if your system is impacted.
Who Wrote this Program
Experts in the cyber security field have speculated that Stuxnet may have been created by a government or a well-financed group of investors, as the worm is too complex to have been developed by a single hacker. The fact that the virus has done much of its damage in Iran has caused many experts to question whether Stuxnet was designed to sabotage the country's nuclear facilities.Cyber-Attacks Getting More Sophisticated
Even if Stuxnet wasn't targeting U.S. infrastructure, its creation signifies a new wave of cyberattacks, viruses and malware that are designed to attack infrastructure, such as power-generating facilities. This is no longer a world where malicious defacement of Web pages is what we are focused on as a department or government. We need to become worried about more sophisticated attacks; we are worried about migration to things of value.Can Stuxnet Get Into Home Computers
"Aurora had a zero-day, but it was a zero-day against [Internet Explorer version 6]," he said. "Here you have a vulnerability, which is effective against every version of Windows since Windows 2000." Recall, Microsoft no longer supports Windows 2000 and other older versions still heavily used in ICS applications. Stuxnet can use MS08-067, the same vulnerability used by Downadup (a.k.a. Conficker) to spread. MS08-067 is a critical vulnerability in the Windows Server Service on Windows 2008/Vista/2003/XP/2000 computers, which allows hackers to gain remote control of the affected computer with the same privileges as a logged on user.Patches, Fixes, Antivirus Available
Stuxnet is an attack on physical processes, which means it is not "patchable." Given a sophisticated cyber attack targeted at ICSs, there is little chance the ICS community will be able to detect it. IT malware researchers have the best chance of finding it. The ICS community needs to meet them and work with them. For Stuxnet, the ICS community needs to understand how to detect the infection so as to know whether to trust the control systems.The only advice that seems to make any sense as far as this virus goes is to have back-up plans ready if your system is impacted.
