The Stuxnet worm has become a thing of interest among hackers. It has displayed immense potential and has hit a nation at its ultimate reserve- energy. An analysis of the worm by Tom Parker has revealed some interesting facts at the Black Hat DC conference on Tuesday. The most interesting facts are the two-phase nature of the development of Stuxnet and the unprotected and evident obviousness of its behavior.
The analysis by Parker reveals that an expert group of talents, who specialized in reverse-engineering platforms, proprietary file formats and developing kernel rootkits initially, designed the worm to be deployed. However, these talents were used as a third party in the development process and there was another team of less talented hackers responsible for implementing the worm. This is where the plan suffered a setback. The deployment was not of the same level of expertise of the development phase and probably could not make full use of the entire potential of Stuxnet.
Another fact that security experts are advocating is that the Stuxnet developers made minimal effort to hide the payload data and the data transmission could be better hidden. It was almost as if the developers of Stuxnet wanted it to be found and understood. Also, there was no anti-debugging code obfuscation involved in the development of Stuxnet. The only possible conclusion is that the developers of Stuxnet did not have enough time to incorporate these protections and were under pressure to deploy the code even before it was completely ready.