What is the Deal with Stuxnet Anyway?

Really, what is the deal with Stuxnet anyway?  When it was detected back in June and Pallab at Techie-Buzz  covered it back in July, we hardly knew it would end up in so much of badassery. Throwing some light on the issue,

The  Shell Shortcut Parsing vulnerability is a particularly worrisome bug because there are not a lot of things a user can do to  protect himself. Even if autorun and autoplay is disabled, users can still get infected. All that the user is required to do is to open the compromised device, network share or WebDav.

From that time on and today, Stuxnet has grown to be the most sophisticated piece of attack and for the first time in the history of worms, is posing serious threat to a specific infrastructure type.

As reported at BBC, the worm attacks power plants, water plants and industrial units, proof being a high concentration of attacks in Iran and a possible attack on its nuclear power plant. Stuxnet is like one of those dark programs we see in sci-fi movies that eat into your infrastructure. It is rightfully termed as a weapon. It does not steal information but cripples the system as a whole. The vulnerability is so serious and put simply, hardwired that a simple software patch will not help at all.

The Stuxnet worm spreads by USB drives and has the ability of reprogramming the programmable logic controller or PLC. The PLC, essentially a digital computer is the main interface between the electrical signals from the computer and the mechanical actions from say, the assembly line and other actuators. It is used extensively for the automation of these mechanical tasks.

Currently, Stuxnet is being reverse engineered and  Langner Communications seems to be  the only expert on it. From their analysis, it is clear that this attack is too well engineered to be the work of hackers who do it for fun. Anyone who worked on this was serious about getting back at some industries.


Published by

Chinmoy Kanjilal

Chinmoy Kanjilal is a FOSS enthusiast and evangelist. He is passionate about Android. Security exploits turn him on and he loves to tinker with computer networks. You can connect with him on Twitter @ckandroid.