TUM Logo

Infiltrating critical infrastructures with next-generation attacks: W32.Stuxnet as a showcase threat

The W32.Stuxnet attack, which first gained widespread media attention in July 2010, highlights the dangers, complexity and technical sophistication of malware targeting societys critical infrastructures. Attacks of its nature have potentially wide-ranging implications for the operation of Industrial Control Systems (ICS), including Supervisory Control And Data Acquisition (SCADA) systems. After reviewing W32.Stuxnets architecture and functionality, we offer unique insights and best practice recommendations based on our expertise and competencies in the IT security domain. We discuss applicable technical and administrative implications for systems operators as well as lessons learned to prevent future compromises. This paper is intended for technical and non-technical audiences in terested in or responsible for the operation of ICS environments, and who may be vulnerable to attacks exploiting an inadequate IT security posture. We invite readers to contact SIT for site-specific guidance.

Infiltrating critical infrastructures with next-generation attacks: W32.Stuxnet as a showcase threat

Fraunhofer SIT, Darmstadt

Authors: Martin Brunner, Hans Hofinger, Christoph Krauß, Christopher Roblee, Peter Schoo, and Sascha Todt
Year/month: 2010/12
Fulltext: click here

Abstract

The W32.Stuxnet attack, which first gained widespread media attention in July 2010, highlights the dangers, complexity and technical sophistication of malware targeting societys critical infrastructures. Attacks of its nature have potentially wide-ranging implications for the operation of Industrial Control Systems (ICS), including Supervisory Control And Data Acquisition (SCADA) systems. After reviewing W32.Stuxnets architecture and functionality, we offer unique insights and best practice recommendations based on our expertise and competencies in the IT security domain. We discuss applicable technical and administrative implications for systems operators as well as lessons learned to prevent future compromises. This paper is intended for technical and non-technical audiences in terested in or responsible for the operation of ICS environments, and who may be vulnerable to attacks exploiting an inadequate IT security posture. We invite readers to contact SIT for site-specific guidance.

Bibtex:

@article { N-151330,
author = { Martin Brunner and Hans Hofinger and Christoph Krauß and Christopher Roblee and Peter Schoo and Sascha Todt},
title = { Infiltrating critical infrastructures with next-generation attacks: W32.Stuxnet as a showcase threat },
journal = { Fraunhofer SIT, Darmstadt },
year = { 2010 },
month = { December },
url = { http://publica.fraunhofer.de/documents/N-151330.html },

}