Stuxnet Malware Targets Uranium Enrichment Facility

March 19, 2021

INCIDENT

Stuxnet reportedly compromised Iranian PLCs, collecting information on from the industrial systems then downloaded a configuration to the controllers that caused the fast-spinning Uranium enriching centrifuges to tear themselves apart. Stuxnet has 3 major components; A worm module, A link file and a rootkit module. The worm propagates across the network, scanning for Siemens Step7 software on computers controlling a PLC. In the absence of either criterion, Stuxnet becomes dormant inside the computer. If both the conditions are fulfilled, Stuxnet introduces the infected rootkit onto the PLC and Step7 software, modifying the code and giving unexpected commands to the PLC while returning a loop of normal operation system values back to the users. Iranian sources confirmed that the Stuxnet malworm shut down uranium enrichment at Natanz for a week from Nov. 16 to 22, 2010.

Incident Date

June 1, 2010

Location

Iran

Estimated Cost

Unknown

Type of Malware

Threat Source