Just a quick grouping of resources relating to Stuxnet resources and analysis after the targeted infections of the frequency converters of the Vaasa, Finland based Vacon (though Vacon publicly denies this) and Iranian company Fararo Paya.
The bottomline takeaway – never use default passwords (partical attack vector of the PLCs and SCADAs), and keep systems patched (4 zero-day Windows-based attacks). And don’t allow USB devices on a production network (the entry point of the 0.5Mb virus written in C and C++)…
- Security analysis of Stuxnet
- Stuxnet: A Breakthrough – Symantec Connect
- Stuxnet Under the Microscope, an analysis of Stuxnet white paper
- Stuxnet briefing
- The Stuxnet Dossier
- Siemens – Industry Automation and Drive Technologies – Service& Support – SIMATIC WinCC / SIMATIC PCS 7: Information concerning Malware / Virus / Trojan
- Exploring Stuxnet’s PLC Infection Process
- Super Nuclear Worm Invades Kazakhstan – Hollywood Salivates
- Stuxnet Questions and Answers
- Stuxnet: Fact vs. theory by Elinor Mills for CNET News October 5, 2010
- Stuxnet: Cyber Attack on Iran
- Siemens – Totally Integrated Automation – “Building a Cyber Secure Plant”
- Siemens – Totally Integrated Automation – “Safeguard Networks from Cyber Security Breaches”
