Presentation is loading. Please wait.

Presentation is loading. Please wait.

Object Oriented Programming and Software Engineering CIS016-2

Published byValerie Gilbert Modified over 5 years ago

Similar presentations

Presentation on theme: "Object Oriented Programming and Software Engineering CIS016-2"— Presentation transcript:

1 Object Oriented Programming and Software Engineering CIS016-2
Week 3: Cybersecurity Case Study – STUXNET Worm Sue Brandreth 24/11/2018

2 24/11/2018

3 Cyber Warfare The STUXNET worm is computer malware which is specifically designed to target industrial control systems for equipment made by Siemens. These systems are used in Iran for uranium enrichment Enriched uranium is required to make a nuclear bomb The aim of the worm was to damage or destroy controlled equipment 24/11/2018

4 What is a Worm? Malware that can infect a computer-based system and autonomously spread to other systems without user intervention Unlike a virus, no need for a carrier or any explicit user actions to spread the worm 24/11/2018

5 The Target of the Worm? 24/11/2018

6 The STUXNET Worm Worm designed to affect SCADA systems and PLC controllers for uranium enrichment centrifuges Very specific targeting – only aimed at Siemens controllers for this type of equipment It can spread to but does not damage other control systems 24/11/2018

7 24/11/2018

8 Worm Actions Takes over operation of the centrifuge from the SCADA controller Sends control signals to PLCs managing the equipment Causes the spin speed of the centrifuges to vary wildly, very quickly, causing extreme vibrations and consequent damage Blocks signals and alarms to control centre from local PLCs 24/11/2018

9 Stuxnet Penetration Initially targets Windows systems used to configure the SCADA system Uses four different vulnerabilities to affect systems Three of these were previously unknown So if it encounters some systems where some vulnerabilities have been fixed, it still has the potential to infect them. Spread can’t be stopped by fixing a single vulnerability 24/11/2018

10 Stuxnet Technology Spreads to Siemens' WinCC/PCS 7 SCADA control software and takes over configuration of the system. Uses a vulnerability in the print system to spread from one machine to another Uses peer-to-peer transfer – there is no need for systems to be connected to the Internet 24/11/2018

11 The Myth of the Air Gap Centrifuge control systems were not connected to the internet Initial infection thought to be through infected USB drives taken into plant by unwitting system operators Beware of freebies! 24/11/2018

12 Damage Caused It is thought that between 900 and 1000 centrifuges were destroyed by the actions of STUXNET This is about 10% of the total so, if the intention was to destroy all centrifuges, then it was not successful Significant slowdown in nuclear enrichment programme because of (a) damage and (b) enrichment shutdown while the worms were cleared from equipment 24/11/2018

13 Unproven Speculations
Because of the complexity of the worm, the number of possible vulnerabilities that are exploited, the access to expensive centrifuges and the very specific targeting, it has been suggested that this is an instance of cyberwar by nation states against Iran 24/11/2018

14 Unproven Speculations
24/11/2018

15 Unproven Speculations
Because STUXNET did not only affect computers in nuclear facilities but spread beyond them by transfers of infected PCs, a mistake was made in its development There was no intention for the worm to spread beyond Iran Other countries with serious infections include India, Indonesia and Azerbaijan 24/11/2018

16 Unproven Speculations
The STUXNET worm is a multipurpose worm and there are a range of versions with different functionality in the wild These use the same vulnerabilities to infect systems but they behave in different ways One called Duqu has significantly affected computers, especially in Iran. This does not damage equipment but logs keystrokes and sends confidential information to outside servers. 24/11/2018

17 Summary STUXNET worm is an early instance of cyber warfare where SCADA controllers were targeted Intended to disrupt Iran’s uranium enrichment capability by varying rotation speeds to damage centrifuges Used a range of vulnerabilities to infect systems 24/11/2018

Download ppt "Object Oriented Programming and Software Engineering CIS016-2"

Similar presentations

Let’s Talk About Cyber Security

Let’s Talk About Cyber Security
Stuxnet Richard Renner. James Bond virus Facts Earliest copy recovered from June 2009 512 KB in size First public knowledge July 2010 60% of infected.

Stuxnet Richard Renner. James Bond virus Facts Earliest copy recovered from June KB in size First public knowledge July % of infected.
CONTROL SYSTEMS AND CYBER SECURITY 2600 MEETING JUNE 6,2014 MICHAEL TOECKER Mikhail Turcher, big fanci pantsie.

CONTROL SYSTEMS AND CYBER SECURITY 2600 MEETING JUNE 6,2014 MICHAEL TOECKER Mikhail Turcher, big fanci pantsie.
Rob Gaston 04/04/2013 CIS 150. Cyber Warfare  U.S. government security expert Richard A. Clarke, Cyber War (May 2010): cyber warfare is actions by.

Rob Gaston 04/04/2013 CIS 150. Cyber Warfare  U.S. government security expert Richard A. Clarke, Cyber War (May 2010): "cyber warfare" is "actions by.
HALDEBIQUE Geoffroy ROYER Johan  Crime motivated attacks  Hacktivism  Cyber Warfare.

HALDEBIQUE Geoffroy ROYER Johan  Crime motivated attacks  Hacktivism  Cyber Warfare.
Protecting our Cyber Space Staying Ahead of the Game Basel Alomair National Center for Cybersecurity Technology (C4C) King Abdulaziz City for Science and.

Protecting our Cyber Space Staying Ahead of the Game Basel Alomair National Center for Cybersecurity Technology (C4C) King Abdulaziz City for Science and.
Wars Games By: Chris Hill. What is a Cyberwar? Cyberwar is a type of warfare that is all electronic attach instead of a physical attack which involves.

Wars Games By: Chris Hill. What is a Cyberwar? Cyberwar is a type of warfare that is all electronic attach instead of a physical attack which involves.
Stuxnet Malware Attribution Mike Albright CS 591 Fall 2010.

Stuxnet Malware Attribution Mike Albright CS 591 Fall 2010.
Novel Information Attacks From “Carpet Bombings” to “Smart Bombs”

Novel Information Attacks From “Carpet Bombings” to “Smart Bombs”
Stuxnet – Getting to the target Liam O Murchu Operations Manager, Symantec Security Response 1 Feb 2011.

Stuxnet – Getting to the target Liam O Murchu Operations Manager, Symantec Security Response 1 Feb 2011.
SCADA – Are we self- sufficient? Presented by Jack McIntyre 15/05/2015Jack McIntyre2.

SCADA – Are we self- sufficient? Presented by Jack McIntyre 15/05/2015Jack McIntyre2.
Department of Mathematics Computer and Information Science1 Basics of Cyber Security and Computer Forensics Christopher I. G. Lanclos.

Department of Mathematics Computer and Information Science1 Basics of Cyber Security and Computer Forensics Christopher I. G. Lanclos.
STUXNET. Summary What is Stuxnet? Industial Control Systems The target/s of Stuxnet. How Stuxnet spreads. The impact of Stuxnet on PLC’s.

STUXNET. Summary What is Stuxnet? Industial Control Systems The target/s of Stuxnet. How Stuxnet spreads. The impact of Stuxnet on PLC’s.
 Discovered in June/July 2010  Targeted Siemens software and equipment running Microsoft Windows  First malware for SCADA systems to spy and subvert.

 Discovered in June/July 2010  Targeted Siemens software and equipment running Microsoft Windows  First malware for SCADA systems to spy and subvert.
How Stuxnet changed the landscape for plant engineers Richard Trout, Director for Client Solutions, Trout I.T.

How Stuxnet changed the landscape for plant engineers Richard Trout, Director for Client Solutions, Trout I.T.
Instilling rigor and imagination in analysis Countering the Iranian Nuclear Threat Stuxnet and its Broader Implications Randolph H. Pherson Mary C. Boardman.

Instilling rigor and imagination in analysis Countering the Iranian Nuclear Threat Stuxnet and its Broader Implications Randolph H. Pherson Mary C. Boardman.
Viruses.

Viruses.
A sophisticated Malware Arpit Singh CPSC 420

A sophisticated Malware Arpit Singh CPSC 420
By: Sharad Sharma, Somya Verma, and Taranjit Pabla.

By: Sharad Sharma, Somya Verma, and Taranjit Pabla.
Jonathan Baulch  A worm that spreads via USB drives  Exploits a previously unknown vulnerability in Windows  Trojan backdoor that looks for a specific.

Jonathan Baulch  A worm that spreads via USB drives  Exploits a previously unknown vulnerability in Windows  Trojan backdoor that looks for a specific.

Similar presentations

Ads by Google