Web Hosting Security

  Home arrow Web Hosting Security arrow Virus Alert: Stuxnet Worm a Cause for ...
Web Hosting Articles  
Web Hosting FAQs  
Web Hosting How-Tos  
Web Hosting News  
Web Hosting Reviews  
Web Hosting Security  
Weekly Newsletter 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Contact Us 
Site Map 
Privacy Policy 
  >>> SIGN UP!  
  Lost Password? 

Virus Alert: Stuxnet Worm a Cause for Concern Among Vital Industrial Companies
By: wubayou
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: 5 stars5 stars5 stars5 stars5 stars / 2

    Table of Contents:

    Rate this Article: Poor Best 
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article



    There is a worm making the rounds that has the potential to cause absolute chaos among companies that serve as the critical infrastructure for several nations across the globe. The name of the worm is Stuxnet, and so far it has executed attacks not only in the United States, but also way across the map in India and Iran. Keep reading to find out why this worm is particularly frightening in its potential impact.

    Although specifics on which exact companies have been attacked by the Stuxnet worm remain secret, it has been leaked that in the United States, companies within the energy industry have been targeted, according to representatives of Symantec Security Response.

    The Stuxnet worm can infect Windows machines in various forms. According to Microsoft, Stuxnet can spread via a Word document, a website, a remote network share, or through a USB drive. It specifically targets a vulnerability in the code that processes shortcut files with the .lnk suffix. This vulnerability can be found in all versions of Windows. 

    The worm is believed to have been created to extract design plans and code related to companies within the utilities and industrial manufacturing fields. This sensitive information is usually located in databases that run on the Siemens Simatic WinCC software, which is used to control the major systems primarily within the two aforementioned fields. 

    Programmable Logic Controllers are also among Stuxnet's targets. These systems are accessed by Windows computers and are responsible for automating several industrial processes. The worm attacks the PLCs and then uploads its own encrypted code.

    Although Symantec is not exactly sure what Stuxnet's code does, the company has listed possibilities as to what the worm's creators could use it for. The back door it leaves offers its users a plethora of options. Perhaps the most feared option is the possibility of using it to control actual operations within a plant, such as closing a valve. Other options include accessing the compromised computer to perform actions such as downloading or deleting files, as well as administering processes. 

    One detailed example was offered by Liam O'Murchu, Symantec Security Response's manager of operations: “For example, at an energy production plant, the attacker would be able to download the plans for how the physical machinery in the plant is operated and analyze them to see how they want to change how the plant operates, and then they could inject their own code into the machinery to change how it works.”

    Earlier this month, as a response to the vulnerability in the Windows code, Microsoft issued an emergency patch. The patch itself is not a complete solution, however, as the worm can remain hidden in the code and undetected. For further protection, representatives at Symantec urge affected companies to perform the arduous task of auditing their code to ensure that all of their systems are running properly.

    Although it is unknown who is behind the Stuxnet worm, it can be inferred that it is a group or entity with plenty of financial backing, capable of paying for extreme expertise in both the knowledge of programming and industrial systems.  When one considers the countries that have been targeted, terrorism definitely is one hypothesis that comes to mind.

    For more, visit: http://news.cnet.com/8301-27080_3-20013545-245.html

    DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.

    More Web Hosting Security Articles
    More By wubayou


    - For Online Security, Invest in People
    - World`s Third-Largest Botnet Bites the Dust
    - Yahoo Security Breach Highlights Poor Practi...
    - How to Prevent Mobile Malware
    - FBI Issues Internet Security for Travelers a...
    - More of the Top Internet Scams
    - How to Stop Phishing Scams
    - Social Networking Safety Tips
    - How to Avoid Financial Fraud Online
    - Android`s Most Notorious Trojans and Viruses
    - GFI Report Details Top 10 Threat Detections ...
    - Sophos Releases Security Threat Report 2012
    - Facebook Safety Tips for 2012
    - Email Scam Hits Apple Users
    - Tips for Mobile Security

    Developer Shed Affiliates


    © 2003-2019 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap