Jump to content

Breakthrough Brings Researchers Closer to Uncovering Stuxnet's Real Target


tipo

Recommended Posts

Security researchers from Symantec have uncovered new data suggesting that the infamous Stuxnet malware might have targeted uranium enrichment installations.

Ever since its discovery in June, the Stuxnet worm has been a constant subject of debate in the security community, due to its never-before-seen complexity and peculiar characteristics.

The vast majority of malware on today's threat landscape has some form of financial motivation behind it, but Stuxnet was built specifically for industrial espionage and sabotage.

It is capable of reprogramming Programmable Logic Controllers (PLCs) used by Supervisory Control and Data Acquisition (SCADA) systems.

Security researchers from Symantec previously found that Stuxnet targets systems using Siemens SIMATIC S7-300 CPUs and CP-342-5 Profibus (a communication standard) modules.

With the assistance of an unnamed Dutch Profibus expert, the Symantec researchers have now determined that the worm specifically looks for systems with frequency converter drives attached to them.

Frequency converters are used to control motors in industrial installations, with a higher frequency output translating to higher motor speeds.

The particular frequency converters targeted by Stuxnet are manufactured by only two companies, one based in Finland and one in Tehran. Furthermore their output must be between 807 Hz and 1210 Hz.

"While frequency converter drives are used in many industrial control applications, these speeds are used only in a limited number of applications," notes Symantec researcher Eric Chien.

Uranium enrichment centrifuges are one type of systems that make use of such high-speed frequency converters, but Symantec admits that this is not the only possible application.

Stuxnet begins its sabotage attacks by monitoring the frequency output for a period of time to make sure it is kept between 807 Hz and 1210 Hz.

It then interferes with normal operations by modifying this output to higher or lower values for short intervals over months at a time.

"Since we are far from experts in industrial control systems, we appreciate any feedback or further tips or explanation of some of the data," Mr. Chien writes.

link

Link to comment
Share on other sites


  • Views 513
  • Created
  • Last Reply

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...