Presentation is loading. Please wait.

Presentation is loading. Please wait.

History The worm was at first identified by the security company VirusBlokAda in mid-June 2010. Journalist Brian Krebs's blog posting on 15 July 2010.

Published byKimberly Dennis Modified over 8 years ago

Similar presentations

Presentation on theme: "History The worm was at first identified by the security company VirusBlokAda in mid-June 2010. Journalist Brian Krebs's blog posting on 15 July 2010."— Presentation transcript:

1

2 History The worm was at first identified by the security company VirusBlokAda in mid-June 2010. Journalist Brian Krebs's blog posting on 15 July 2010 was the first widely read report on the worm. The original name given by VirusBlokAda was "Rootkit.Tmphider"; Symantec however called it "W32.Temphid", later changing to "W32.Stuxnet"

3 16 January 2011

4 7 Juillet 2013

5 5MB StuXnet

6 Design and organization Stuxnet is typically introduced to the target environment via an infected USB flash drive. %DriveLetter%\~WTR4132.tmp %DriveLetter%\~WTR4141.tmp %DriveLetter%\Copy of Shortcut to.lnk %DriveLetter%\Copy of Copy of Shortcut to.lnk %DriveLetter%\Copy of Copy of Copy of Shortcut to.lnk %DriveLetter%\Copy of Copy of Copy of Copy of Shortcut to.lnk LNK CVE-2010-2568

7 DD MDD Nigilant32 KnTDD ‫‪Memoryze‬‬

8 Volatility

9 ‫‪Trojan Dropper ‫‪Win32/Stuxnet‬‬ ‫‪Trojan:WinNT/Stuxnet.A‬‬ ‫‪Trojan:WinNT/Stuxnet.B‬‬

10

11

12 807 - 1210 1410 2 1064

13 Microsoft Microsoft Windows 2000 Windows 95 Windows 98 Windows Me Windows NT Windows Server 2003 Windows Vista Windows XP Operating systems vulnerable

14 Target

15

16 Vacon based in Finland

17 Fararo Paya based in Iran

18

19 PLC-BLASTER

20 References

21

22

23 Mohammad Reza Foshtanghi Stuxnet Malware Analysis Islamic Azad University Of Sabzevar 1395/1/28

Download ppt "History The worm was at first identified by the security company VirusBlokAda in mid-June 2010. Journalist Brian Krebs's blog posting on 15 July 2010."

Similar presentations

Intel® RPIER 3.1 User Training Joe Schwendt Steve Mancini 7/31/2006.

Intel® RPIER 3.1 User Training Joe Schwendt Steve Mancini 7/31/2006.
Sam Skalicky Biru Cui.  Discovery  Architecture  Evaluation  Conclusion.

Sam Skalicky Biru Cui.  Discovery  Architecture  Evaluation  Conclusion.
Lecture 14 Program Flaws CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Csilla Farkas and Brandon Phillips.

Lecture 14 Program Flaws CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Csilla Farkas and Brandon Phillips.
HALDEBIQUE Geoffroy ROYER Johan  Crime motivated attacks  Hacktivism  Cyber Warfare.

HALDEBIQUE Geoffroy ROYER Johan  Crime motivated attacks  Hacktivism  Cyber Warfare.
Real world example: Stuxnet Worm. Stuxnet: Overview June 2010: A worm targeting Siemens WinCC industrial control system. Targets high speed variable-frequency.

Real world example: Stuxnet Worm. Stuxnet: Overview June 2010: A worm targeting Siemens WinCC industrial control system. Targets high speed variable-frequency.
Real world example: Stuxnet Worm. Overview Primary target: industrial control systems –Reprogram Industrial Control Systems (ICS) –On Programmable Logic.

Real world example: Stuxnet Worm. Overview Primary target: industrial control systems –Reprogram Industrial Control Systems (ICS) –On Programmable Logic.
 Population: N=100,000  Scan rate  = 4000/sec, Initially infected: I 0 =10  Monitored IP space 2 20, Monitoring interval:  = 1 second Infected hosts.

 Population: N=100,000  Scan rate  = 4000/sec, Initially infected: I 0 =10  Monitored IP space 2 20, Monitoring interval:  = 1 second Infected hosts.
Stuxnet Malware Attribution Mike Albright CS 591 Fall 2010.

Stuxnet Malware Attribution Mike Albright CS 591 Fall 2010.
Novel Information Attacks From “Carpet Bombings” to “Smart Bombs”

Novel Information Attacks From “Carpet Bombings” to “Smart Bombs”
STANFORD UNIVERSITY INFORMATION TECHNOLOGY SERVICES Windows Encryption File System (EFS) Tech Briefing July 18 th 2008

STANFORD UNIVERSITY INFORMATION TECHNOLOGY SERVICES Windows Encryption File System (EFS) Tech Briefing July 18 th 2008
HISTORY OF WINDOWS OS! BY JASON. ORIGINS OF WINDOWS OS. Windows started with Windows 1.0 1982-1985. Windows 1 had “windows” you can click out of with.

HISTORY OF WINDOWS OS! BY JASON. ORIGINS OF WINDOWS OS. Windows started with Windows Windows 1 had “windows” you can click out of with.
STUXNET. Summary What is Stuxnet? Industial Control Systems The target/s of Stuxnet. How Stuxnet spreads. The impact of Stuxnet on PLC’s.

STUXNET. Summary What is Stuxnet? Industial Control Systems The target/s of Stuxnet. How Stuxnet spreads. The impact of Stuxnet on PLC’s.
 Discovered in June/July 2010  Targeted Siemens software and equipment running Microsoft Windows  First malware for SCADA systems to spy and subvert.

 Discovered in June/July 2010  Targeted Siemens software and equipment running Microsoft Windows  First malware for SCADA systems to spy and subvert.
Evolution of Windows The most widely used OS in the world 1.

Evolution of Windows The most widely used OS in the world 1.
Security for Seniors SeniorNet Help Desk 631.629.5426

Security for Seniors SeniorNet Help Desk
How Stuxnet changed the landscape for plant engineers Richard Trout, Director for Client Solutions, Trout I.T.

How Stuxnet changed the landscape for plant engineers Richard Trout, Director for Client Solutions, Trout I.T.
Stuxnet The first cyber weapon.

Stuxnet The first cyber weapon.
 FILE S SYSTEM  DIFFERENT FILE SYSTEMS  FILE SYSTEM COMPONENTS  FILE OPERATIONS  LOG STRUCTERD FILE SYSTEM  FILE EXAMPLES.

 FILE S SYSTEM  DIFFERENT FILE SYSTEMS  FILE SYSTEM COMPONENTS  FILE OPERATIONS  LOG STRUCTERD FILE SYSTEM  FILE EXAMPLES.
INTRODUCTION TO OPERATING SYSTEMS. An operating system is a program that controls the overall activity of a computer. Like an orchestra conductor an operating.

INTRODUCTION TO OPERATING SYSTEMS. An operating system is a program that controls the overall activity of a computer. Like an orchestra conductor an operating.
A sophisticated Malware Arpit Singh CPSC 420

A sophisticated Malware Arpit Singh CPSC 420

Similar presentations

Ads by Google