Thursday, November 10

What is Stuxnet

"Stuxnet" is a computer worm designed to attack large-scale industrial facilities like power plants, dams, refineries or water treatment centers. It targets the computer systems used to monitor and control specific operations in those facilities, and most famously was used to destroy centrifuges in a uranium enrichment facility in Natanz, Iran.

In that case, the Stuxnet worm rewrote the code in a component that controlled the rotor speeds of the centrifuges. The code alteration resulted in slight variations in the rotor speeds, subtle enough not to cause attention but significant enough to cause physical damage to the centrifuges. The name "Stuxnet" comes from a combination of key file names hidden in the code.

Several features of the Stuxnet worm distinguished it as highly advanced. No previous computer virus had been used to physically sabotage industrial machinery. It is also unique in its ability to remain undetected for a long period of time, largely by sending fake messages that suggest processes are running normally. It has the ability to search for particular components, leaving others undisturbed. At least two U.S. computer systems in the United States were found to be "infected" by Stuxnet, but they were not "affected," according to Department of Homeland Security officials, because they did not match the Stuxnet requirements.

The sophistication and complexity of the Stuxnet worm has led researchers to believe that only a well-resourced nation-state could have developed it.

[Copyright 2011 National Public Radio. To see more, visit http://www.npr.org/]

No comments: