History The worm was at first identified by the security company VirusBlokAda in mid-June 2010. Journalist Brian Krebs's blog posting on 15 July 2010.

Slides:

Advertisements

Similar presentations

Intel® RPIER 3.1 User Training Joe Schwendt Steve Mancini 7/31/2006.

Advertisements

Sam Skalicky Biru Cui.  Discovery  Architecture  Evaluation  Conclusion.

Lecture 14 Program Flaws CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Csilla Farkas and Brandon Phillips.

HALDEBIQUE Geoffroy ROYER Johan  Crime motivated attacks  Hacktivism  Cyber Warfare.

Real world example: Stuxnet Worm. Stuxnet: Overview June 2010: A worm targeting Siemens WinCC industrial control system. Targets high speed variable-frequency.

Real world example: Stuxnet Worm. Overview Primary target: industrial control systems –Reprogram Industrial Control Systems (ICS) –On Programmable Logic.

 Population: N=100,000  Scan rate  = 4000/sec, Initially infected: I 0 =10  Monitored IP space 2 20, Monitoring interval:  = 1 second Infected hosts.

Stuxnet Malware Attribution Mike Albright CS 591 Fall 2010.

Novel Information Attacks From “Carpet Bombings” to “Smart Bombs”

STANFORD UNIVERSITY INFORMATION TECHNOLOGY SERVICES Windows Encryption File System (EFS) Tech Briefing July 18 th 2008

HISTORY OF WINDOWS OS! BY JASON. ORIGINS OF WINDOWS OS. Windows started with Windows Windows 1 had “windows” you can click out of with.

STUXNET. Summary What is Stuxnet? Industial Control Systems The target/s of Stuxnet. How Stuxnet spreads. The impact of Stuxnet on PLC’s.

 Discovered in June/July 2010  Targeted Siemens software and equipment running Microsoft Windows  First malware for SCADA systems to spy and subvert.

Evolution of Windows The most widely used OS in the world 1.

Security for Seniors SeniorNet Help Desk

How Stuxnet changed the landscape for plant engineers Richard Trout, Director for Client Solutions, Trout I.T.

Stuxnet The first cyber weapon.

 FILE S SYSTEM  DIFFERENT FILE SYSTEMS  FILE SYSTEM COMPONENTS  FILE OPERATIONS  LOG STRUCTERD FILE SYSTEM  FILE EXAMPLES.

INTRODUCTION TO OPERATING SYSTEMS. An operating system is a program that controls the overall activity of a computer. Like an orchestra conductor an operating.

A sophisticated Malware Arpit Singh CPSC 420

By: Sharad Sharma, Somya Verma, and Taranjit Pabla.

To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

Jonathan Baulch  A worm that spreads via USB drives  Exploits a previously unknown vulnerability in Windows  Trojan backdoor that looks for a specific.

February 2013 Prof. Abdul Hameed

Operating Systems. The foundation for operating system software and application software. Source:

Lecture 2 “Structure of computer” Informatics. Computer is  general purpose device that can be programmed to carry out a set of arithmetic or logical.

Active Worms CSE 4471: Information Security 1. Active Worm vs. Virus Active Worm –A program that propagates itself over a network, reproducing itself.

Lecture 14 Overview. Program Flaws Taxonomy of flaws: – how (genesis) – when (time) – where (location) the flaw was introduced into the system 2 CS 450/650.

Copyright © 2008 Pearson Prentice Hall. All rights reserved. 11 Committed to Shaping the Next Generation of IT Experts. Windows XP Robert Grauer, Lynn.

Lessons from Stuxnet Matthew McNeill. Quick Overview Discovered in July 2011 Sophisticated worm - many zero-day exploits, Siemens programmable logic controller.

VirusesViruses HackingHacking Back upsBack ups Stuxnet Stuxnet.

Return to the PC Security web page Lesson 5: Dealing with Malware.

 Stuxnet: The Future of Malware? Stephan Freeman.

Windows Operating system

Computer Applications تطبيقات الحاسب الآلي Emad Salem.

®® Microsoft Windows 7 for Power Users Tutorial 1 Exploring the Windows 7 Operating System.

Operating Systems Security Engr. Wajahat Abbas. Overview Layers of Security 10 Immutable Laws of Security Malware Defenses Passwords Application Security:

 This is a very good software for Only £39.99 from curry's I recommend this website because you need very little requirements for it. REQUIREMENTS Operating.

©2012 Microsoft Corporation. All rights reserved. Content based on SharePoint 15 Technical Preview and published July 2012.

Flame: Modern Warfare Matthew Stratton. What is Flame? How it was found What are its capabilities How it is similar to Stuxnet and Duqu Implications.

FILE MANAGEMENT Computer Basics 1.3. FILE EXTENSIONS.txt.pdf.jpg.bmp.png.zip.wav.mp3.doc.docx.xls.xlsx.ppt.pptx.accdb.

Under The Hood By: Angeles Meirik 1* February 2013.

People Of Color Against AIDS Network Aziz Kurt Poom Visitnorapat Welly Chandrawan.

NETWORK SECURITY Definitions and Preventions Toby Wilson.

Under the hood Tawny Gutierrez 2. Where to save files  Flash drive it to yourself Mac or PC Mac or PC Mac or PC Mac or PC  CD’s Student file Mac.

Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

2015 г. ФГБУ «Федеральный центр тестирования» Афанасьев Станислав Алексеевич Техническое оснащение и подготовка ППЭ при проведении единого государственного.

NEXT GENERATION ATTACKS & EXPLOIT MITIGATIONS TECHNIQUES ID No: 1071 Name: Karthik GK ID: College: Sathyabama university.

Sniper Corporation. Sniper Corporation is an IT security solution company that has introduced security products for the comprehensive protection related.

BY: AUSTIN NEIGH. WHAT IS CYBER WARFARE? Hacking that is politically motivated to conduct sabotage or espionage Form of information warfare Typically.

Travis Deyarmin. In This Presentation  What is Stuxnet  What is Flame  Compare/Contrast  Who is Responsible  Possible Repercussions.

How a presumably military grade malware sabotaged the Iranian nuclear program W32.Stuxnet Presenter: Dolev Farhi |

IN THIS Slide show YOU WILL LEARN ABOUT ALL VERSIONS OF "MS OFFICE"

WannaCrypt Ransomeware Customer Guidance

W32.Stuxnet How a presumably military grade malware sabotaged the Iranian nuclear program Presenter: Dolev Farhi |

Stuxnet By Shane Serafin.

STUXNET A Worm With A Purpose.

Cybersecurity Case Study STUXNET worm

Tips To Completely Remove Norton Internet Security.

Forensic Analysis : using TSK and Volatility

Microsoft Windows Technical Support Setup,Install,Activate

Ransomware: What is it, How to avoid it and How to protect your data

New Tools For Your Office

Propagation, behavior, and countermeasures

The Internet of Unsecure Things

ثقافة التعامل مع الفايروسات طرق فعالة لتجنب الفيروسات الرقمية

Object Oriented Programming and Software Engineering CIS016-2

Презентация құру тәсілдері

Presentation transcript:

History The worm was at first identified by the security company VirusBlokAda in mid-June Journalist Brian Krebs's blog posting on 15 July 2010 was the first widely read report on the worm. The original name given by VirusBlokAda was "Rootkit.Tmphider"; Symantec however called it "W32.Temphid", later changing to "W32.Stuxnet"

16 January 2011

7 Juillet 2013

5MB StuXnet

Design and organization Stuxnet is typically introduced to the target environment via an infected USB flash drive. %DriveLetter%\~WTR4132.tmp %DriveLetter%\~WTR4141.tmp %DriveLetter%\Copy of Shortcut to.lnk %DriveLetter%\Copy of Copy of Shortcut to.lnk %DriveLetter%\Copy of Copy of Copy of Shortcut to.lnk %DriveLetter%\Copy of Copy of Copy of Copy of Shortcut to.lnk LNK CVE

DD MDD Nigilant32 KnTDD ‫‪Memoryze‬‬

Volatility

‫‪Trojan Dropper ‫‪Win32/Stuxnet‬‬ ‫‪Trojan:WinNT/Stuxnet.A‬‬ ‫‪Trojan:WinNT/Stuxnet.B‬‬

Microsoft Microsoft Windows 2000 Windows 95 Windows 98 Windows Me Windows NT Windows Server 2003 Windows Vista Windows XP Operating systems vulnerable

Target

Vacon based in Finland

Fararo Paya based in Iran

PLC-BLASTER

References

Mohammad Reza Foshtanghi Stuxnet Malware Analysis Islamic Azad University Of Sabzevar 1395/1/28