MALWARE : STUXNET CPSC 420 : COMPUTER SECURITY PRINCIPLES Somya Verma Sharad Sharma Somya Verma Sharad Sharma.

Slides:

Advertisements

Similar presentations

James D. Brown Chief Engineer and Senior Fellow Information Resource Management L-3 Communications.

Advertisements

SCADA Security, DNS Phishing

1 Computer and Internet Security JCCAA Presentation 03/14/2009 Yu-Min (Phillip) Hsieh Sr. System Administrator Information Technology Rice University.

By Hiranmayi Pai Neeraj Jain

PAGE 1 | Gradient colors RGBRGB Diagrams RGBRGB RGBRGB 166.

7 Effective Habits when using the Internet Philip O’Kane 1.

Targeted Cyberattacks: A Superset of Advanced Persistent Threats Published in: Security & Privacy, IEEE (Volume:11, Issue: 1 ), Jan.-Feb. 2013,

CONTROL SYSTEMS AND CYBER SECURITY 2600 MEETING JUNE 6,2014 MICHAEL TOECKER Mikhail Turcher, big fanci pantsie.

Rob Gaston 04/04/2013 CIS 150. Cyber Warfare  U.S. government security expert Richard A. Clarke, Cyber War (May 2010): "cyber warfare" is "actions by.

HALDEBIQUE Geoffroy ROYER Johan  Crime motivated attacks  Hacktivism  Cyber Warfare.

McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.

Stuxnet Malware Attribution Mike Albright CS 591 Fall 2010.

Novel Information Attacks From “Carpet Bombings” to “Smart Bombs”

STUXNET. Summary What is Stuxnet? Industial Control Systems The target/s of Stuxnet. How Stuxnet spreads. The impact of Stuxnet on PLC’s.

 Discovered in June/July 2010  Targeted Siemens software and equipment running Microsoft Windows  First malware for SCADA systems to spy and subvert.

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.

Tyler’s Malware Jeopardy $100 VirusWormSpyware Trojan Horses Ransomware /Rootkits $200 $300 $400 $500 $400 $300 $200 $100 $500 $400 $300 $200 $100 $500.

How Stuxnet changed the landscape for plant engineers Richard Trout, Director for Client Solutions, Trout I.T.

Instilling rigor and imagination in analysis Countering the Iranian Nuclear Threat Stuxnet and its Broader Implications Randolph H. Pherson Mary C. Boardman.

1 Internet Security Threat Report X Internet Security Threat Report VI Figure 1.Distribution Of Attacks Targeting Web Browsers.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

A sophisticated Malware Arpit Singh CPSC 420

Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.

By: Sharad Sharma, Somya Verma, and Taranjit Pabla.

Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,

Jonathan Baulch  A worm that spreads via USB drives  Exploits a previously unknown vulnerability in Windows  Trojan backdoor that looks for a specific.

By Ksenia Primizenkina 8K

11 CONFIGURING TCP/IP ADDRESSING AND SECURITY Chapter 11.

Lessons from Stuxnet Matthew McNeill. Quick Overview Discovered in July 2011 Sophisticated worm - many zero-day exploits, Siemens programmable logic controller.

Denial of Service (DoS) DoS attacks are aggressive attacks on an individual computer or groups of computers with the intent to deny services to intended.

Recent Internet Viruses & Worms By Doppalapudi Raghu.

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.

Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.

Malicious Software.

Copyright © 2015 Cyberlight Global Associates Cyberlight GEORGIAN CYBER SECURITY & ICT INNOVATION EVENT 2015 Tbilisi, Georgia19-20 November 2015 Hardware.

Flame: Modern Warfare Matthew Stratton. What is Flame? How it was found What are its capabilities How it is similar to Stuxnet and Duqu Implications.

Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

NEXT GENERATION ATTACKS & EXPLOIT MITIGATIONS TECHNIQUES ID No: 1071 Name: Karthik GK ID: College: Sathyabama university.

Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.

PCs ENVIRONMENT and PERIPHERALS Lecture 10. Computer Threats: - Computer threats: - It means anything that has the potential to cause serious harm to.

BY: AUSTIN NEIGH. WHAT IS CYBER WARFARE? Hacking that is politically motivated to conduct sabotage or espionage Form of information warfare Typically.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

Zero Day Attacks Jason Kephart. Purpose The purpose of this presentation is to describe Zero-Day attacks, stress the danger they pose for computer security.

Travis Deyarmin. In This Presentation  What is Stuxnet  What is Flame  Compare/Contrast  Who is Responsible  Possible Repercussions.

How a presumably military grade malware sabotaged the Iranian nuclear program W32.Stuxnet Presenter: Dolev Farhi |

Unit 3 Section 6.4: Internet Security

WannaCry/WannaCrypt Ransomware

WannaCry/WannaCrypt Ransomware

Three steps to prevent Malware infection

International Conflict & Cyber Security

W32.Stuxnet How a presumably military grade malware sabotaged the Iranian nuclear program Presenter: Dolev Farhi |

How Secure Is Our Power Grid?

Securing Network Servers

Ilija Jovičić Sophos Consultant.

Stuxnet By Shane Serafin.

STUXNET A Worm With A Purpose.

A lustrum of malware network communication: Evolution & insights

Secure Software Confidentiality Integrity Data Security Authentication

Cybersecurity Case Study STUXNET worm

Cyber Security By: Pratik Gandhi.

CIS 560Competitive Success/tutorialrank.com

CIS 560 Education for Service-- tutorialrank.com.

Propagation, behavior, and countermeasures

Object Oriented Programming and Software Engineering CIS016-2

Test 3 review FTP & Cybersecurity

Cleaning Up the Internet of Evil Things

Presentation transcript:

MALWARE : STUXNET CPSC 420 : COMPUTER SECURITY PRINCIPLES Somya Verma Sharad Sharma Somya Verma Sharad Sharma

STUXNET A highly sophisticated computer worm that has spread through Iran, Indonesia and India was built to destroy operations at one target: possibly Iran's Bushehr nuclear reactor

Prototype encountered in June 2009 Identified correctly in July 2010 The world’s first known cyber super weapon designed specifically to destroy a real-world target A study of the spread of Stuxnet by Symantec showed that the main affected countries were: China6,000,000 (unconfirmed) Iran62,867 Indonesia13,336 India6,552 United States2,913 Australia2,436 Britain1,038 Malaysia1,013 Pakistan993 Finland7 Germany5

Stuxnet: It is BIG! Exploited four zero day vulnerabilities of Windows(3/4 are now patched) Large Size Written in different programming languages Digitally signed Can update itself Possibly took India's INSAT-4B Satellite out of action Target oriented weapon Nation-State Behind Stuxnet!

Operations: Targets Siemens Software Systems (SCADA) Finds out the PLC device Injects Code

Removal & Precautionary Measures: Siemens has released a detection and removal tool for Stuxnet. Be up to date and vigilante for patches. Other recommendations should also be standard fare for securing any IT environment: Don’t allow people to use servers and mission-critical systems for web browsing, , etc. Enforce a high level of security for contractors and support vendors, both locally and remotely. Remove or restrict access to shared network folders. Only allow secure remote access methods, do not allow credentials to be transmitted in clear text. Segment your network, separate systems from each other and use ACL’s to restrict traffic between zones.

Israel Behind Stuxnet ?  “MYRTUS”: Refers to Myrtle tree, or Hadassah in Hebrew (Jewish Queen) OR "My RTUs" — a management feature of SCADA  Number : refers to 19 May 09, the execution date of Habib Elghanian

With over 30,000 IP Addresses affected (and increasing) Iran is baffled and bluntly blames The United States Of America and Israel Moreover, three new versions of the virus have been recorded when attempts to clean the infected computers failed Iranian reaction

Cold War Doctrines Needed for Cyber Warfare (October 15th) At the recent RSA Europe conference held in London, former US Homeland Security secretary Michael Chertoff has called on countries to develop doctrines to deal with cyber warfare in the same way cold war doctrines were developed for nuclear conflict. He told delegates at the conference that over 100 countries are now actively involved in cyber espionage and cyber attacks and that clear rules of engagement need to be defined. While stating that countries should be able to respond to cyber attacks "with overwhelming force," he added countries need not "respond to virtual attacks with real attacks but I do think it's important to define when and how it might be appropriate to respond. Everyone needs to understand to rules of the game." Acknowledging that attribution of attacks is difficult Mr Chertoff posited that countries that are victims of persistent attacks against their critical infrastructure should be permitted to incapacitate the platform used as the source of the attack, regardless of who is controlling the attack. Cyber Warfare:

Questions? Why use Windows OS for Nuclear Power Plants? Why hook these plants to the internet? Who can be behind the Stuxnet Virus?