Stuxnet
Definition: Stuxnet, a computer worm, was among one of the first computer malware programs actually used as a weapon. It was capable of attacking and compromising selected industrial control systems that use SCADA. This specific malware was reportedly used against Iranian nuclear processing facilities at Nantanz in 2010 The Stuxnet worm attacked programmable logical units using SCADA that operated and controlled centrifuges (running under a popular operating system). Electrical motors that caused the centrifuges to spin were forced by the malicious software to speed up and slow down in a manner that exceeded safe operating parameters. That caused excessive vibrations, which caused malfunctions and large numbers of the equipment being damaged or destroyed.
Computer worms are self-replicating and usually contain some type of “payload”. That is a worm is designed or programmed to perform specific tasks. Worms can also install “back doors” within critical operating systems that make it even easier for malicious users to attack and control systems.
Its Relevance: Industrial control systems, SCADA for example, are widely used and being increasingly administered over the Internet using TCP/IP protocols. The Internet is notoriously vulnerable. This fact, coupled with specific knowledge of industrial control systems makes it possible to penetrate and compromise key industrial infrastructure components and to damage or destroy them.
The sophistication of the Stuxnet attack prompted the speculation that only a nation state(s) possessed the resources to launch such an attack. A number of entities have pointed the finger at nations who would specifically be threatened by Iran obtaining a nuclear weapon.
The future is likely to bring more sophisticated and destructive malware.
SCADA controls are widely deployed through the world’s critical infrastructure. Crackers and hackers who can discover a vulnerability within a system can exploit it with relative ease. Companies that own and operate SCADA industrial systems that are controlled over the Internet must take special care. Owners and operators must be aware that industrial controls systems are interface with the Internet are subject to attack.
