Stuxnet Worm Attacks Iran, Who is Behind It?
BY CHLOE ALBANESIUS , LARRY SELTZER SEPTEMBER 27, 2010
BY CHLOE ALBANESIUS , LARRY SELTZER SEPTEMBER 27, 2010
The Stuxnet worm has
already infected 30,000 IP addresses in Iran and is still mutating, according
to Monday press reports. "The attack is still ongoing and new versions of
this virus are spreading," Hamid Alipour, deputy head of Iran's
Information Technology Company, was quoted as saying by IRNA, Iran's official
news agency, AFP reported.
Stuxnet, a joint U.S.-Israel project, is known for reportedly destroying roughly a fifth of
Iran’s nuclear centrifuges by causing them to spin out of control. Stuxnet was
created for Siemens supervisory control and data acquisition (SCADA) systems,
which control water supplies, oil rigs, power plants, and other industrial
facilities. Iranian authorities have denied that the country's Bushehr nuclear
plant was targeted, AFP said, though Computerworld reported that while some
computers at the facility were infected, none were in control of crucial
control systems.
Stuxnet appears to be
more than just another malware attack or another targeted attack. Many believe
that it is a government-sponsored attack against Iran's nuclear facilities.
Stuxnet first came to our attention as the first attack using Microsoft Windows
Shortcut 'LNK/PIF' vulnerability. German security firm Langner called it the
"hack of the century." Roel Schouwenberg of Kaspersky also said it
was groundbreaking.
Source:
http://www.pcmag.com/article2/0,2817,2369745,00.asp
Answers of the case study questions:
- Actor: The "Actor" class is the entity that executes the attack and it has many class types, but the actor type in this case study is organized criminal group, which refers to criminal organizations that use hacking as an instrument for financial or other ill gain. Figured from this case study that it is the joint US-Israel project, is known a government-sponsored attack against Iran’s nuclear facilities.
By Maha AlShaghroud.
- Motivation: The "Motivation" class specifies reasons for an attack and the need to understand the motivations of cyber-attackers is great, given that cyber security risks pose some of the most serious economic and national security. In this case study the motivation is criminal because they used network hacking to supplement to their operations, which was “Stuxnet Worm”.
By Shroog AlBogami.
- Location: Foreign Location. The "Actor Location" refers to the country or state from where an attack is launched. In this case study, Stuxnet, was Israel project that attacked Iran’s system. Thus the attack was between two countries; Israel and Iran. Therefore, we chose the location type as foreign location because the attacker (Israel) is outside the target’s national board (Iran).
By Fatima Al-Garadi
- Goal: Destroy Data. The "Attack Goal" is a class that specifies the attacker’s goal. Destroy data is the process of destructing the data and information stored on any electronic deceive as tapes, hard disk, and/or any form of electronic media. In the case study, it is known that the Stuxnet worm is reportedly destroying roughly a fifth of Iran’s nuclear centrifuges by causing them to spin out of control.
By Haya Al-Shareef.
- Attack methodology: Data manipulation, Virus-based (worms). Attack methodology is how an attacker achieve the goal. In this case study, the attacker used data manipulation form which use data as an attack vector. In addition, the vector was virus based in form of worm. Worms are self-replicating programs that automatically spreads through vulnerabilities. According to Monday press reports "The Stuxnet worm has already infected 30,000 IP addresses in Iran and is still mutating". Therefore, we chose data manipulation, virus-based (worms) methodology because it is written in the case study that the Stuxnet is a worm attack.
beautifully written and described answers my dears. i liked your blog and your'e such talented designers. wish you all the best.
ReplyDeletesara bahagari