Stuxnet Virus

Case Study 1: Stuxnet

Student’s name

Professor’s name

Course title

Date

Stuxnet

Security vulnerabilities are common in both types of systems both industrial systems and consumer devices such as desktop computers. However the security treats for each of the systems may greatly vary in scope and mode of attack. Also a great point of difference could be the intent of these attacks to the different systems. A majority of the industrial functioning assets are commonly fixed purpose devices premeditated explicitly to accomplish a particular task.  A large number of these use a dedicated operating system for instance VxWorks, INTEGRITY and MQX. Others may use a certain type of Linux OS. For the installation of a novel software on the computer system in the field will moreover require a specialized elevation process or is basically not sustained (Zetter, K. 2011).  In a good number of instances, the devices are heightened to reduce the memory usage and processing cycles, they further do not have additional processing properties existing to support outmoded security mechanisms.

On the other hand, the simple consumer devices experience a number of hacks which occur since the users happen not to constitute or install their devices appropriately, such really is the fault of the manufacturer. These should be and are consumer devices, not dedicated paraphernalia for security experts. From the differences in configurations, the ordinary computer security solutions may not elucidate the challenges in security of industrial systems. Actually, considering the dedicated nature of industrial systems, consumer system security interventions may not even be able to run on a majority of the industrial systems.  

Using manifold layers in terms of protection has much been the key standard in the industrial systems’ security. Such solutions comprise firewalls, authentication and encryption, various security protocols and invasion detection and intrusion deterrence systems. All of these are well put out and proven security principles. Despite this, firewalls are fundamentally lacking in mainstream of the consumer systems, in its place depending on meek password verification and security procedures.  This is founded on traditions that consumer systems may not be striking objects to hackers, such rooted devices are not susceptible to cyber-attacks, or verification and encryption deliver adequate defense for such consumer devices.  However, such assumptions are not anymore valid; the instances and intricacy of attacks on the consumer systems stays to increase and better security procedures are needed. These security measure can never be similar in the industrial systems as in the consumer systems.

Anatomy of Stuxnet

Stuxnet was created to affect the Siemens industrial Supervisory Control and Data Acquisition (SCADA) systems. The highly sophisticated worm infected Iran's Bushehr nuclear reactor. In a claim by Iranian officials, it was stated that not an of the facility's critical control systems fell prey. In overall, Stuxnet did infect at least 30,000 computers in the country (Chen. M., & Abu-Nimeh, S. 2011). The worm, dubbed as the greatest sophisticated malware in history, targeted Windows computers that stood managing a greater scale of industrial-control systems in various engineering and utility companies. In most reviews, it is noted that the Stuxnet worm was established by a state supported team of programmers and was deliberate to cripple the Bushehr reactor.