* The Stuxnet threat is significant because it’s the first time the world has seen a threat cross over from the cyber world to try and control the physical world.
* Stuxnet is able to infect Industrial Control Systems and change how they operate.
* The target could be anything from oil pipelines to water treatment plants to uranium enrichment facilities. It seems the authors are capable of monitoring inputs and changing outputs, which could mean this malware could lead to system shut-downs, explosions or the inability to control important Industrial Control Systems attributes like pressure and temperature.
* AV vendors are still seeing infected machines contacting the command and control server and have seen thousands of infections to date. About 60 percent of infected systems are in Iran.
* Stuxnet is highly sophisticated, leveraging four zero-day vulnerabilities.
Best practices:
o Identify critical infrastructure within your enterprise that may be at risk.
o Assess the state of infection/compromise on these systems and remediate.
o Audit current controls on possible means of infection of these system – meaning, look at all the various routes malware can take to infect a system and put proper controls in place to prevent infection.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment