Real world example Stuxnet Worm.ppt

Modifying PLC’s What was the target? Bushehr Nuclear Plant in Iran 60% Infections in Iran No other commercial gain Stuxnet complexity Stuxnet self destruct date Siemens specific PLC’s Who did it? Best guess Israel A safe code that prevents infection Where is this code already in ICS coded? May 9,1979: Habib Elghanian was executed by a firing squad in Tehran He was the first Jew and one of the first civilians to be executed by the new Islamic government USA Russia UK China Propaganda Iran Iran blames Stuxnet worm on Western plot (Ministry of Foreign Affairs) Western states are trying to stop Irans (nuclear) activities by embarking on psychological warfare and aggrandizing, but Iran would by no means give up its rights by such measures,“ Nothing would cause a delay in Irans nuclear activities“ enemy spy services were responsible for Stuxnet (Minister of intelligence) Propaganda (2) Israel (DEBKA file) An alarmed Iran asks for outside help to stop rampaging Stuxnet malworm Not only have their own attempts to defeat the invading worm failed, but they made matters worse: The malworm became more aggressive and returned to the attack on parts of the systems damaged in the initial attack. One expert said: The Iranians have been forced to realize that they would be better off not irritating the invader because it hits back with a bigger punch.“ These statements were copied verbatim by mayor news services Conclusion Stuxnet represents the first of many milestones in malicious code history It is the first to exploit multiple 0-day vulnerabilities, Compromise two digital certificates, And inject code into industrial control systems and hide the code from the operator. Stuxnet is of such great complexity Requiring significant resources to develop That few attackers will be capable of producing a similar threat Stuxnet has highlighted direct-attack attempts on critical infrastructure are possible and not just theory or movie plotlines. Real world example: S