For several days makes "Stuxnet" headlines again: The computer worm had seen in the previous year for guesswork. First, it was speculated that he was directed exclusively against Iran's nuclear facilities, then feared that the problem could draw much larger circles.
Reason: Worldwide countless industrial plants (. Eg nuclear reprocessing plants, power plants generally, automotive, industrial manufacturing plants) are equipped with a special control system from Siemens, which runs on the Windows operating system. The evil computer "dragon" is to manipulate able to control and production processes, but at the same time to provide a false-positive feedback that everything was fine, when in fact such. As the centrifuge of a nuclear reprocessing plant just hot ran. Moreover, Stuxnet could go unnoticed steal data and information.
In November last year, tens of thousands of infections were already known. About the authorship of the virus was only rumored. Already on 24.9.2010 the platform had news.discovery.com News reported : "Stuxnet was for the 'Supervisory Control and Data Acquisition (SCADA) system' from Siemens, which is widely used for the management of water supplies, oil rigs, power plants and other industrial facilities tailored. [...] Once Stuxnet has entered into a computer system, it searches for any of the three Siemens SCADA controllers [Programmable Logic Controllers] (PLCs) that manage functions such as the control of the turbine speed [...] if there was a hit, took over Stuxnet automatic control of the PLC and hid all the changes to the workers who manage the system or work with. "
Since September last year, always as the Hamburg security expert argued Ralph Langner talk with his analysis of the worm attack on its own. Zdnet.de reported about on 22.9.2010: "The worm infects the computer with the Siemens software WinCC Scada, was established in July discovered. It can be used to remotely control industrial equipment. He enters through four vulnerabilities in Windows that Microsoft has been closed for two - one in the Windows shell and a Druckerwarteschlangendienst.Bei in his analysis Langner relies also upon a screenshot of a computer in the Bushehr plant, which Siemens running application. 'With the knowledge we have now, it is obvious and provable, that there is a direct sabotage attack with a lot of insider knowledge in Stuxnet', Langner writes on his company's website. The attack is based on a combination of multiple zero-day vulnerabilities and stolen certificates. 'This was created by a highly qualified team of experts who must have special experience with control systems. This is not a hacker sitting in the basement of his parents 'house.' In his view, the resources required for such an attack suggest that the initiator is a nation-state. "
In any case, an amazing discovery because of a photo of one Bushehr screen! Here the offer made by Langner photo. (more ...)