HomeworkLib
Question

For Stuxnet, the first malware aimed at Industrial Control systems, provide details on: The vulnerability (vulnerabilities)...

For Stuxnet, the first malware aimed at Industrial Control systems, provide details on:

  1. The vulnerability (vulnerabilities) it exploited
  2. The way it spread
  3. The effect it had on the systems
  4. How it was cleaned.
engineering   Computer-Science   
0 0
Add a comment Improve this question Transcribed image text
Next > < Previous
Sort answers by oldest

Homework Answers

Answer #1

`Hey,

Note: Brother in case of any queries, just comment in box I would be very happy to assist all your queries

Back in 2010, security researchers traced a series of hardware-specific infections to a piece of malware dubbed Stuxnet. This malware lay dormant on Windows machines unless there was also access to a SCADA system running Siemens Simatic WinCC and PCS 7 SCADA system. In particular, the targets most affected most by Stuxnet were centrifuges manufactured by Siemens and used in Iran to enrich uranium. Joining the Stuxnet vulnerability in the top ten were exploit kits, which allow novices to create their own malware leveraging known vulnerabilities. Among the most popular exploit kits, Angler took top spot followed by Sweet Orange. For example, the Angler exploit kit targets compromised runtimes and zero-day holes in Microsoft Silverlight, Adobe Flash, and Oracle’s Java with the Internet Explorer browser included.

Stuxnet spread from USB flash drives to Windows computers by exploiting a vulnerability with Windows autorun and shortcuts. It could spread even if users didn't intentionally execute a program on a flash drive. Early versions of the worm used an autorun file on infected USB drives to automatically execute malware when the drives were plugged into a computer.

Unlike most malware, Stuxnet does little harm to computers and networks that do not meet specific configuration requirements; "The attackers took great care to make sure that only their designated targets were hit... It was a marksman's job.

Siemens has released a detection and removal tool for Stuxnet. Siemens recommends contacting customer support if an infection is detected and advises installing Microsoft updates for security vulnerabilities and prohibiting the use of third-party USB flash drives. Siemens also advises immediately upgrading password access codes.

Kindly revert for any queries

Thanks.

0 0
Add a comment
Know the answer?
Add Answer to:
For Stuxnet, the first malware aimed at Industrial Control systems, provide details on: The vulnerability (vulnerabilities)...
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions

  • Describe a historic malware that impacted the world. Provide details of the impacts it had and...

    Describe a historic malware that impacted the world. Provide details of the impacts it had and how it worked.

  • Describe a historic malware that impacted the world. Provide details of the impacts it had and...

    Describe a historic malware that impacted the world. Provide details of the impacts it had and how it worked.

  • Which role has the PRIMARY responsibility for the documentation of control implementation? Systems security engineer Control...

    Which role has the PRIMARY responsibility for the documentation of control implementation? Systems security engineer Control assessor Information System Owner (ISO) Information Owner/Steward When making determinations regarding the adequacy of common controls for their respective systems, Information System Owner (ISO) refer to the Common Control Providers’ (CCP) Privacy Impact Assessment (PIA) Business Impact Analysis (BIA) Authorization Packages Vulnerability Scans An organization-wide approach to identifying common controls early in the Risk Management Framework (RMF) process does which of the following? Considers...

  • Questions to Ask Yourself 1. How can you control the spread of infection when you provide...

    Questions to Ask Yourself 1. How can you control the spread of infection when you provide care for a person with an open wound? 2. How can you spread infection if you have a cold? C 3. In the past, how have you possibly spread pathogens through direct and indirect contact? Think of three ways. 4. What will you do in the future to avoid spreading pathogens by direct and indirect contact? Think of three ways 5. Airborne precautions are...

  • A new version of the operating system is being planned for installation into your department’s production...

    A new version of the operating system is being planned for installation into your department’s production environment. What sort of testing would you recommend is done before your department goes live with the new version? Identify each type of testing and describe what is tested. Explain the rationale for performing each type of testing. [ your answer goes here ] Would the amount of testing and types of testing to be done be different if you were installing a security...

  • Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around...

    Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...

  • General Electric (GE), one of the world’s largest industrial companies with products ranging from turbines to...

    General Electric (GE), one of the world’s largest industrial companies with products ranging from turbines to jet engines to medical equipment, has been transitioning to a much more technology-centric business strategy and business model. Jeffrey Immelt, GE’s CEO from 2000 to 2017, wanted to turn GE into a top 10 software company by 2020. In 2015 GE set up GE Digital as its own business within the industrial conglomerate for this purpose. GE has been focusing on electric power generators,...

  • TRUE/FALSE QUESTIONS:  Foundations of Information Security and Assurance 1. There is a problem anticipating and testing for...

    TRUE/FALSE QUESTIONS:  Foundations of Information Security and Assurance 1. There is a problem anticipating and testing for all potential types of non-standard inputs that might be exploited by an attacker to subvert a program. 2. Without suitable synchronization of accesses it is possible that values may be corrupted, or changes lost, due to over-lapping access, use, and replacement of shared values. 3. The biggest change of the nature in Windows XP SP2 was to change all anonymous remote procedure call (RPC)...

  • IT's About Business 4.1 The Heartbleed Bug What Is Heartbleed? OpenSSL, an open-source software package, is...

    IT's About Business 4.1 The Heartbleed Bug What Is Heartbleed? OpenSSL, an open-source software package, is a popular type of transport layer security (TLS) software (discussed later in this chapter) that secures numerous websites around the world. Web servers use OpenSSL to encrypt sites. Such sites show up in browsers with a “lock” icon and the “https” prefix in the address bar. The encryption protects Internet sites offering banking, shopping, email, and other private communications. Roughly two out of three...

  • please read instructions on the first picture and follow it Discussion Board: Chapter 1 Due: Jun...

    please read instructions on the first picture and follow it Discussion Board: Chapter 1 Due: Jun 28, 2019 at 11:59 PM Please read the article titled Evolution of Operations Planning and Control: from production to supply chains In at least three paragraphs, describe how and why the focus of operations planning and control has changed over time. While one might argue that answers consisting of sentences quoted from articles do not represent plagiarism, I do not consider them acceptable, and...

ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT