INCIDENT: Malware Targets Uranium Enrichment Facility

Stuxnet reportedly compromised Iranian PLCs, collecting information on from the industrial systems then downloaded a configuration to the controllers that caused the fast-spinning Uranium enriching centrifuges to tear themselves apart. Stuxnet has 3 major components; A worm module, A link file and a rootkit module. The worm propagates across the network, scanning for Siemens Step7 software on computers controlling a PLC. In the absence of either criterion, Stuxnet becomes dormant inside the computer. If both the conditions are fulfilled, Stuxnet introduces the infected rootkit onto the PLC and Step7 software, modifying the code and giving unexpected commands to the PLC while returning a loop of normal operation system values back to the users. Iranian sources confirmed that the Stuxnet malworm shut down uranium enrichment at Natanz for a week from Nov. 16 to 22, 2010.

Incident Date

March 18, 2010

Location

Iran

Estimated Cost

Unknown

Victims

Type of Malware:

Threat Source:

References:

  • Richard Clarke on Who Was Behind the Stuxnet Attack
  • Stuxnet Worm Attack on Iranian Nuclear Facilities
  • An Unprecedented Look at Stuxnet, the World’s First Digital Weapon

Pin It on Pinterest

Scroll to Top