Stuxnet Was Not Well Written, But Required Diverse Coding Skills
By on January 20th, 2011

The Stuxnet worm has become a thing of interest among hackers. It has displayed immense potential and has hit a nation at its ultimate reserve- energy. An analysis of the worm by Tom Parker has revealed some interesting facts at the Black Hat DC conference on Tuesday. The most interesting facts are the two-phase nature of the development of Stuxnet and the unprotected and evident obviousness of its behavior.

The analysis by Parker reveals that an expert group of talents, who specialized in reverse-engineering platforms, proprietary file formats and developing kernel rootkits initially, designed the worm to be deployed. However, these talents were used as a third party in the development process and there was another team of less talented hackers responsible for implementing the worm. This is where the plan suffered a setback. The deployment was not of the same level of expertise of the development phase and probably could not make full use of the entire potential of Stuxnet.

Another fact that security experts are advocating is that the Stuxnet developers made minimal effort to hide the payload data and the data transmission could be better hidden. It was almost as if the developers of Stuxnet wanted it to be found and understood. Also, there was no anti-debugging code obfuscation involved in the development of Stuxnet. The only possible conclusion is that the developers of Stuxnet did not have enough time to incorporate these protections and were under pressure to deploy the code even before it was completely ready.

Tags: ,
Author: Chinmoy Kanjilal Google Profile for Chinmoy Kanjilal
Chinmoy Kanjilal is a FOSS enthusiast and evangelist. He is passionate about Android. Security exploits turn him on and he loves to tinker with computer networks. He rants occasionally at Techarraz.com. You can connect with him on Twitter @ckandroid.

Chinmoy Kanjilal has written and can be contacted at chinmoy@techie-buzz.com.
 
Copyright 2006-2012 Techie Buzz. All Rights Reserved. Our content may not be reproduced on other websites. Content Delivery by MaxCDN