What is Stuxnet ? - Definition from WhatIs.com

Definition

Stuxnet

The Stuxnet worm is a rootkit exploit that targets Supervisory Control and Data Acquisition (SCADA) systems. SCADA systems are used in power, water and sewage plants, as well as in telecommunications and oil and gas refining. 

Stuxnet contains code that can identify Siemens' SCADA software and then inject itself into the programmable logic controllers. Logic controllers automate the most critical parts of an industrial facility's processes, such as temperature, pressure, and the flow of water, chemicals and gasses. 

Stuxnet initially exploited Windows LNK files and was spread through removable storage devices, such as USB sticks. It used four previously unknown Microsoft zero-day flaws to gain access to laptops and other machines with the goal of gaining access to the network. In response, Microsoft issued two patches and experts in SCADA security created a list of formal recommendations for facilities that use SCADA systems. 

Like the Zeus banking Trojan, Stuxnet code included stolen digital certificates so the malware appeared legitimate and could avoid detection by traditional intrusion detection systems (IDS). After Stuxnet surfaced, researchers quickly began to reverse engineer the malware. It is generally believed that Stuxnet was not designed for espionage, but rather to cripple a facility's infrastructure.

This was last updated in November 2010
Posted by: Margaret Rouse

Email Alerts

Register now to receive SearchSecurity.in-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

More News and Tutorials

Do you have something to add to this definition? Let us know.

Send your comments to techterms@whatis.com