Organizations responsible for SCADA systems security should take Stuxnet seriously; it exploits multiple attack...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
vectors and clearly illustrates the vulnerabilities of SCADA systems. There are two things that make Stuxnet unique. One is the zero day it exploits in the LNK functionality (while many pieces of malware utilize zero days when initially identified, SCADA systems have never been exploited in this way before, and chances are it won't be the last time either). The other is that the malware was signed by Realtek as trusted software, meaning that part of the attack involved stealing a code-signing certificate from Realtek -- and the certificate used to sign the code wasn't revoked until news coverage prompted the revocation. Signed code is supposed to help protect systems from malware, but Stuxnet pointed out deficiencies in this type of protection.
The security community at large should take Stuxnet seriously as well because of the sophistication of the attack and the security vulnerabilities it was able to exploit. For home users or enterprises that don't manage SCADA systems, the risk is fairly low and patches have been released by Microsoft and other information security systems that include protections, like antimalware definitions.
Dig Deeper on Malware, Viruses, Trojans and Spyware
Related Q&A from Nick Lewis
Vonteera adware has the ability to disable antimalware software on endpoint devices. Expert Nick Lewis explains how enterprises can prevent this ...continue reading
ModPOS, a new POS malware, compromised millions of credit card accounts in 2015. Expert Nick Lewis explains how cybercriminals use this malware and ...continue reading
Amex cards have been discovered to be vulnerable to credit card hacking. Expert Nick Lewis explains how this happens, and what can be done about Chip...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.