The stuxnet attack constituted a serious threat to trust in software using legal digital signatures. Eight months passed before subsequent attacks were. The stuxnet software is designed to attack only designated targets and was thus. Stuxnet may have averted a nuclear conflagration by diminishing israels perception of a need for an imminent attack on iran. This paper describes the application of the attack tree methodology to analyze stuxnet attack on scada system. Securitree is not a derivative of some other tree drawing tool. The tool supports ranking of attack scenarios based on quantitative. Stuxnet was one of the most advanced malware attacks in history.
Software flaw that allowed stuxnet virus to spread was the. Duqu is a collection of computer malware discovered on 1 september 2011, thought to be related to the stuxnet worm and to have been created by unit 8200. Stuxnet is a worm sometimes referred to as the first cyber super weapon. Stuxnet is being described as the first cyberweapon, because of its ability to leverage it system vulnerabilities to produce physical damage to a targeted system. Discovering and exploiting all four vulnerabilities, which in this case are errors in code that allow access to the system or program for. The worm exploited a zeroday vulnerability in windows. The most comprehensive, publicly available report analyzing the stuxnet malware is published by symantec, and is the basis for this outline. First stuxnet victims were five iranian industrial. Stuxnet files moves the second dll file onto infected machine.
Stuxnet is a malicious computer worm, first uncovered in 2010, thought to have been in development since at least 2005. But then it was almost a week before the next company. The attack tree model gives a highlevel view of stuxnet. The laboratory of cryptography and system security of the budapest university of technology and economics in hungary discovered the threat, analysed the malware, and wrote a 60page report naming the threat duqu. Once the attack has been confirmed, all nonessential communication conduits should be filtered and closely monitoring to contain the attack while not negatively impacting plant operation. Recognition of such threats exploded in june 2010 with the discovery of stuxnet, a 500kilobyte computer worm that infected the software of at least 14 industrial sites in iran, including a. On a technical level, stuxnet uses four different vulnerabilities to gain access to windows systems and usb flash drives, identified independently by antivirus software makers symantec and kaspersky lab. Our work relies on attack trees as the modelling formalism and uses. Stuxnet delivered to iranian nuclear plant on thumb drive. A report expected this week from the international atomic energy agency iaea has israel abuzz with talk of the potential for a preemptive strike on irans nuclear facilities.
One of the most famous windows vulnerabilities in history a coding flaw that was originally discovered in 2010 and had a role in the elaborate u. Stuxnet is computer malware first discovered in july, 2010 that mainly targeted windows pcs and other industrial software and equipment. The history of stuxnet key takeaways for cyber decision makers 3 the tehran research reactor trr and consumed highly enriched uranium as a fuel source. If it doesnt find a target, stuxnet becomes dormant inside the computer. While it is not the first time that crackers have targeted industrial systems,it is the first discovered malware that spies on and subverts industrial systems,and the first to. Stuxnet is typically introduced to the target environment via an infected usb flash drive. This paper describes an example of a site following high security architecture best practices and then shows the ways that the worm could make its way through the defences of the site to take control of the. This creates a problem for whitelisting, where security software is based on the a priori assumption that a. We propose in this paper to model the stuxnet attack with bdmp boolean logic. It is both the first worm to spy on industrial as well as the first to reprogram them. Attacking approach of the malware, on control infrastructures, is a motivation for academic research. Also, we proposed using a hybrid method called the software, asset, vulnerability, threat, and attacker savtacentric method to support security analysis for.
Stuxnet was a 500kilobyte computer worm that infiltrated numerous computer systems. The stuxnet worm is a sophisticated piece of computer malware designed to sabotage industrial processes controlled by siemens simatic wincc and pcs 7 control systems. This research applies the national institute of science and technology nist ia controls to an attack tree modeled on a remote stuxnetlike cyber attack against the wpafb fuels operation. News about cyberattacks on iran stuxnet and flame, including commentary and archival articles published in the new york times. Harbinger of an emerging warfare capability congressional research service summary in september 2010, media reports emerged about a new form of cyber attack that appeared to target iran, although the actual target, if any, is unknown. Stuxnets later, and betterknown, attack tried to cause centrifuge rotors to spin too fast and at speeds that would cause them to break. This is the case with the attack mechanism used by the stuxnet worm. The contagious computer worm virus quickly spread outside of iran and it has since been recycled and reweaponized by various hackers.
Stuxnet specifically targets programmable logic controllers plcs, which allow the automation of electromechanical processes such as those used to control machinery and industrial processes including gas centrifuges for separating nuclear material. Such a destructive cyberterrorist attack could virtually paralyze the nation. In order to rank attack scenarios up to a given node in the tree, we ought to click that node in the domain for which we want to see the ranking. Amenazas securitree software was purpose built to perform attack tree analysis. Stuxnet simple english wikipedia, the free encyclopedia. Stuxnet is in essence a stealthy control system that can be used to disrupt a physical process that just so happens to be under the control of a particular siemens process control system. We know the stuxnet attack as a very highly attuned persistent virus spreading through two previously unknown security vulnerabilities. Although neither country has openly admitted responsibility, the worm is widely understood to be a cyberweapon built. It highlights the advantages of bdmp compared to attack trees often used in security assessment. It might be long over, but there are important things for cybersecurity pros to learn from its outbreak that could affect everyone.
However, classical attack tree analysis techniques lack support for. Construct graphical representations of measures designed to reduce the consequences of a successful attack with mitigation trees. Schneier was clearly involved in the development of attack tree concepts and was instrumental in publicizing them. Stuxnet is a 100percentdirected cyber attack aimed at destroying an industrial process in the physical world, says langner, who last week became the first to publicly detail stuxnets. The stuxnet outbreak has been concentrated in iran, which suggests that a nuclear facility in that country was the intended target. Based on high worm infection rate in iran and delay of nuclear plant there, one expert speculates that the. How good are attack trees for modelling advanced cyber threats. The stuxnet computer worm and the iranian nuclear program. While the attacks are in process stuxnet plays back normal readings to the siemens monitor software running on windows. It is believed that stuxnet spread through infected usb flash drives. Attacktree model system vulnerability, identify weakspots and improve security using threat analysis and attack trees. Stuxnet, a computer worm, discovered in june 2010, that was specifically written to take over certain programmable industrial control systems and cause the equipment run by those systems to malfunction, all the while feeding false data to the systems monitors indicating the equipment to be running as intended as analyzed by computer security experts around the world, stuxnet targeted certain. Stuxnet targets supervisory control and data acquisition systems and is believed to be responsible for causing substantial damage to the nuclear program of iran. Based on the log files in stuxnet, a company called foolad technic was the first victim.
An unprecedented look at stuxnet, the worlds first. It is the culmination of more than a decade of amenazas own research coupled with feedback from amenazas customers in aerospace, defense, intelligence and commercial fields. The software giant also fixed one of the two remaining zeroday flaws exploited by the stuxnet worm, a complex family of malware pegged by researchers as a weapon built to attack industrial. Attack tree software tool amenaza technologies limited. Infection by network cve20102729ms10061 windows print spooler. Richard clarke on who was behind the stuxnet attack. Iran accuses siemens of helping launch stuxnet cyberattack senior official says german engineering giant supplied us and israel with details of control system used by tehran published.
Winccstep 7 controller software connect to commandandcontrol servers. A more thorough analysis determines that stuxnet is actually designed to attack a physical process, and for that reason resides on the process controller. Model system vulnerability, identify weakspots and improve security using threat analysis and attack trees. Analyze threats according to standards such as iso 26262 and j3061. Hippo bingo features an attractive tropical island design.
In the middle of the light blue sea is a small island with the sites mascot sipping a. Cyberwar the meaning of stuxnet leaders the economist. Scada systems are used widely for industrial control systems, such as power. Doing so, the ranking view window will automatically update with a table containing optimal attacks with respect to the chosen attribute domain. Malware stuxnet scada control infrastructures attack trees attack goal attack sub goal. Stuxnet source code released online download now stuxnet is a microsoft windows computer worm discovered in july 2010 that targets industrial software and equipment. Attack trees have also been used to understand threats to physical systems. The stuxnet worm first emerged during the summer of 2010. Stuxnet attack on critical infrastructures is considered as paradigm shift in malware attack approach. There were previous attacks made on the same site by protostuxnet viruses whose job was to study the defenses. Dragonfish sites are usually a cookie cutter boring design so it is great to see that plenty of work has gone into the theming here at hippo bingo. Stuxnet infects plcs by subverting the step7 software application that is.
Stuxnet is the most recent intentional attack cited in the document, and is the first worm to specifically target such systems. Outline of the stuxnet software and its propagation history. It highlights the advantages of bdmp compared to attack trees often used in. The worm then spreads across the network, scanning for siemens step7 software on computers controlling a plc.
First reported by the new york times david sanger, cve20102568 links back to a secretive and powerful stuxnet cyberweapon developed by the u. Reactive plans should be in place, tested on a recurring basis, and updated in. Multi tree view of complex attack stuxnet springerlink. Stuxnet is a malicious computer worm, first uncovered in 2010, thought to have been in. And clearly it will have more things to worry about the problem is. As the story goes, the stuxnet worm was designed and released by a governmentthe u. Software updates might strengthen cybersecurity, but theyre hardly the full picture when it comes to digital hygiene. The stuxnet virus is installed when a new ser vices. Famous incidents and complex malicious software such as. Now that the stuxnet attack is public, the industrial control systems industry has come of age in an uncomfortable way. In the absence of either criterion, stuxnet becomes dormant inside the computer. The stuxnet worm is a rootkit exploit that targets supervisory control and data acquisition scada systems. And yet it might end up starting one someday soon, if its.
Stuxnet reportedly ruined almost onefifth of irans nuclear centrifuges. Langner, 2011 have shown that security of the critical infrastructure is. Some of the earliest descriptions of attack trees are found in papers and articles by bruce schneier, when he was cto of counterpane internet security. According to the report, stuxnets first attack against the five organizations occurred in june 2009, followed by a second attack in july 2009.
216 326 1080 77 390 757 1041 1433 1477 282 821 1240 1335 1321 935 1501 761 962 1390 331 439 297 1305 619 576 298 831 1435 297 984 457 110 1457 179 36 138 817 992 718 1277 1125 493 244 26 1026 1494 1070 1340 550