How Stuxnet Work?
* Viruses are malicious software, or malware, which generally attack the industrial control system made by German company Siemens. Experts say the virus could be used to spy or sabotage.
* Siemens said the malware spread via a USB thumb drive storage device that is infected, take advantage of vulnerabilities in Microsoft Corp’s Windows operating system.
* Program attack Malware software through the Supervisory Control and Data Acquisition, or SCADA. The system used to monitor the power plant automatically – from food and chemical facilities to power plants.
* Analysts said the attackers would deploy Stuxnet via thumb drives because many SCADA systems are not connected to the Internet, but it has a USB port.
* Once the worm infects a system, quickly and establish communication with the server computer so that attackers can use to steal corporate data or control the SCADA system, said Randy Abrams, a researcher with ESET, a private security firm that has studied Stuxnet.
Who is the Creator?
* Siemens, Microsoft and security experts have been studying worms and have not determine who makes it.
* Mikka Hypponen, head of research at security software firm F-Secure in Finland believe it is an attack sponsored by a state. Stuxnet very complex and “apparently carried out by groups with financial and technological support seriously.”
* Ralph Langner, German experts say cyber attacks carried out by highly qualified experts, perhaps the nation state. “This is not a hacker who sits in the basement of his parents’ house. On its website, www.langner.com / en / index.htm, Langner said the investigation eventually “focus” on the attacker. “The attacker must know this. My conclusion is, they do not care, they are not afraid to go to jail. ”
A study of the spread of technology Stuxnet by U.S. companies Symnatec shows that countries affected by the primary on August 6, is Iran with 62,867 infected computers, Indonesia with 13,336, India with 6552, the United States by 2913, Australia in 2436, the United Kingdom by 1038 , Malaysia in 1013 and Pakistan with 993.
* Company Virusblokada Belarus is the first to identify the virus in mid-June. Commercial Director, Gennady Reznikov told Reuters the company has dealers in Iran, and one of the dealer’s client computer is infected with a virus that turns Stuxnet. Reznikov said Virusblokada itself has nothing to do with nuclear power plant in Bushehr.
* According to a spokesman for Siemens, Michael Krampe, Siemens has identified 15 customers who find Stuxnet on their system, and “each capable of detecting and removing viruses without endangering their operations.”