watch the video Ralph Langner: Cracking Stuxnet, a 21st-century cyber weapon Duration: 10:41 User: n/a -...

1)

Stuxnet is a computer worm that spreads by infecting Windows computers. It was the first targeted and weaponized cyber-attack against an industrial control system. Its purpose was not just to infect the PCs but to cause real-world physical effects. It specifically targets centrifuges used to produce the enriched uranium that powers nuclear weapons and reactors. Stuxnet targets Windows operating system and networks, and then it seeks out PLC’s connected to the network. The gray box are real-time control systems that is programmed to control the equipment , essentially what runs factory floors. Stuxnet has three modules: a worm that executes all software and routines related to the main mission, a link file that finds and runs the propagated copies the original worm; and a special rootkit piece that hides all of the related Stuxnet worm components.

2)

Stuxnet is very dangerous because it can cause actual real-world physical harm to equipment, computers, energy grids, people, etc. It can even become a Weapon of Mass Destruction if it is implemented at singular site such as nuclear energy generating facilities, energy grid control facilities, traffic controls, or water and power facilities.

Stuxnet targeted an industrial control system in order to wreak physical damage, the impact of Stuxnet on various domains of action, including state-level conflict, terrorism, activism, crime, and pranks.

3)

The Stuxnet worm was originally designed to attack industrial Programmable Logic Controllers or PLC its one of the most critical pieces of technology they contain circuitry and software essential for modern life and operate machinery in various environments that run traffic lights, assembly lines, oil and gas pipelines, electric companies and nuclear power plants etc.

Till this time there is no anti-virus are there to catch and control Stuxnet once it’s in your network. So the best thing to do is avoid it, by implementing the following:

1. Set up a layered defense that addresses security throughout the entire ICS extended network. This defense must include security policies, training, component isolation, and enforced Methods and Procedures (M&P). This also requires isolating critical communications in a secure and segmented manner.
2. Maintain a proper physical and logical separation between different types of networks. For example, access to PLC and SCADA devices should not be available on corporate network.
3. Redundancy must be incorporated into network design to avoid single point of failure.