Difference between revisions of "Stuxnet"
GKnibbeler (talk | contribs) (Created page with "== Summary == Stuxnet exploits several vulnerabilities including four zero-day exploits and targets a very specific software setup found at the Irani Uranium enrichment plan...") |
GKnibbeler (talk | contribs) |
||
| Line 11: | Line 11: | ||
== Description == | == Description == | ||
=== Zero Day Attacks === | |||
Zero Day Attacks target vulnerabilities that have not yet been found and therefore also not been patched giving attackers huge advantages. Finding these vulnerabilities and developing working exploits costs a lot of time, money and human resources. | |||
=== | === Historical background === | ||
In April 2006 Iran announced they have successfully enriched uranium refusing to give in to international demands to close its nuclear program. | |||
From February to November 2007 about 3000 new centrifuges were installed in Natanz, a uranium enrichment plant. In the same year the US Congress released $400 million for covert operations against Iran´s nuclear program as Israel and other Arab Countries have continuously asked for help against Iran. In 2008 they again approached the US hoping for help with an airstrike on Natanz but the US leaders feared this would lead to a wide-range war and also, as Natanz was situated mostly underground, they pointed out that an airstrike would probably not be very effective. | |||
Throughout 2009 the number of centrifuges at Natanz was increased to 8700 and on at least one occasion President Ahmadinejad proudly led a tour through the plant providing the world with videos and images of the control rooms and centrifuges. | |||
Early 2010 the IAEA (International Atomic Energy Agency) inspectors that periodically visited Natanz, noticed a huge number of centrifuges being replaced. | |||
Later that year Stuxnet was discovered and with it the cause for all the failing centrifuges. | |||
=== Next === | |||
== Used Hardware == | == Used Hardware == | ||
Revision as of 13:51, 20 December 2020
Summary
Stuxnet exploits several vulnerabilities including four zero-day exploits and targets a very specific software setup found at the Irani Uranium enrichment plants especially Natanz.
Targeted software setup
- Operating system: 32-bit Windows Operating System (2k, XP, 2003, Vista, Server 2008, 7, Server 2008 R2)
- SCADA Software: Siemens STEP7
- Hardware: S7-315-2/S7-417 PLCs with specific PROFIBUS VFD
Description
Zero Day Attacks
Zero Day Attacks target vulnerabilities that have not yet been found and therefore also not been patched giving attackers huge advantages. Finding these vulnerabilities and developing working exploits costs a lot of time, money and human resources.
Historical background
In April 2006 Iran announced they have successfully enriched uranium refusing to give in to international demands to close its nuclear program. From February to November 2007 about 3000 new centrifuges were installed in Natanz, a uranium enrichment plant. In the same year the US Congress released $400 million for covert operations against Iran´s nuclear program as Israel and other Arab Countries have continuously asked for help against Iran. In 2008 they again approached the US hoping for help with an airstrike on Natanz but the US leaders feared this would lead to a wide-range war and also, as Natanz was situated mostly underground, they pointed out that an airstrike would probably not be very effective.
Throughout 2009 the number of centrifuges at Natanz was increased to 8700 and on at least one occasion President Ahmadinejad proudly led a tour through the plant providing the world with videos and images of the control rooms and centrifuges.
Early 2010 the IAEA (International Atomic Energy Agency) inspectors that periodically visited Natanz, noticed a huge number of centrifuges being replaced. Later that year Stuxnet was discovered and with it the cause for all the failing centrifuges.
Next
Used Hardware
Device to be used with this documentation Maybe another device to be used with this documentation
Courses
- A course where this documentation was used (2017, 2018)
- Another one (2018)