Organizations responsible for SCADA systems security should take Stuxnet seriously; it exploits multiple attack...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
vectors and clearly illustrates the vulnerabilities of SCADA systems. There are two things that make Stuxnet unique. One is the zero day it exploits in the LNK functionality (while many pieces of malware utilize zero days when initially identified, SCADA systems have never been exploited in this way before, and chances are it won't be the last time either). The other is that the malware was signed by Realtek as trusted software, meaning that part of the attack involved stealing a code-signing certificate from Realtek -- and the certificate used to sign the code wasn't revoked until news coverage prompted the revocation. Signed code is supposed to help protect systems from malware, but Stuxnet pointed out deficiencies in this type of protection.
The security community at large should take Stuxnet seriously as well because of the sophistication of the attack and the security vulnerabilities it was able to exploit. For home users or enterprises that don't manage SCADA systems, the risk is fairly low and patches have been released by Microsoft and other information security systems that include protections, like antimalware definitions.
Dig Deeper on Malware, virus, Trojan and spyware protection and removal
Related Q&A from Nick Lewis
USB Killer devices, with the ability to destroy systems via a USB input, are available and inexpensive. Expert Nick Lewis explains how they work and ...continue reading
Exaspy spyware, which can access messages, video chats and more, was found on Android devices owned by executives. Expert Nick Lewis explains how ...continue reading
The Nemucod downloader malware is being spread through Facebook Messenger disguised as an image file. Expert Nick Lewis explains the available ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.