I want someone to rephrase it and change the preferences.
The Stuxnet virus was emerged in 2010 and was first reported by a security company in Belarus (Kerr, Theohary and Rollins, 2010). Like many other computer virus, this worm also spreads arbitrarily from the one computer to another. However unlike other worms, this virus was designed to release its payload only into an industrial control system (ICS) such as Iran‘s nuclear enrichment facility at Natanz (Denning, 2012). This virus targeted a power plant and some other industries in Hormozgan province (FoxNews, 2012). It tampered the code of the programmable logic controller (PLC) which controls the centrifuges at Natanz, and ultimately destroyed about a thousand centrifuges and disrupted Iran‘s nuclear program (Denning, 2012). It is difficult to determine the geographic origin of the malware, as cyber attackers often employ sophisticated methods such as peer-to-peer networking or spoofing IP addresses to obviate attribution. Also it may contain no signature to identify its author. Some security analysts speculate that Stuxnet could have been developed by a Siemens insider who had direct access and knowledge of the system (Kerr, Theohary and Rollins, 2010) wheeras other speculated that it may be developed by United states and Islaeli officials to shut down the development of Iran's nuclear program (Albanesius, 2012).
This virus can spread through an “air-gapped” network using a removable device, such as a thumb drive, and possibly through computers connected to the Internet and has capability to remain hidden from detection (Kerr, Theohary and Rollins, 2010). It was reported that this virus was spread into the wild after an engineer hooked up his computer to the Natanz centrifuge and then later to the Web from home (Denning, 2012). Stuxnet damaged the centrifuges at Natanz by reprogramming the PLC and to do this, it compromised a Microsoft windows system, and then the Siemens WinCC/PCS 7 SCADA control software running on it. This was accomplished by exploiting several vulnerabilities, such as hardcoded WinCC/SCADA password posted on the Internet (Denning, 2012). Iranian officials claimed that Stuxnet caused only minor damage to the nuclear program, but the impact could be far-reaching (Kerr, Theohary and Rollins, 2010).
This is the first malicious software designed, particularly to attack a particular type of ICS that controls nuclear plants (Kerr, Theohary and Rollins, 2010). In general, this worm is very different from other previously reported malaware, in term of its precision targeting or physically damaging through ICS manipulation. This virus operates “autonomously with its commands and data wired into the code” but when connected to the internet, it can receive new code. Unlike other virus like Boden, Stuxnet‘s authors cannot adjust their tactics and try things, they needed to get it right the first time and much of its code had to be developed from scratch and craft carefully to recognize the intended target. In addition, this virus needs to be presence long enough to cause the desired damage, in case of Natanz, this virus hid its code and lead a false impression to network operator that centrifuges were operating normally in spite of being harmfully manipulated (Denning, 2012) which makes it more different from others.
Stuxnet worm is unique because the software code can infiltrate and attack an ICS that is used by critical infrastructure facilities and causes long-term physical damage. Even though the extent of the damage is unknown but the worm’s ability to identify specific ICSs and launch an attack at specific time could lead to catastrophic consequences on nations’ infrastructures (Kerr, Theohary and Rollins, 2010).
The observers of Stuxnet can easily use the code and develop the cyber-weapon of their own to attack a particular ICS device with particular goal or simply for the race. So the security of the country may be at risk by release of the virus like this. Stuxnet virus is out now and its object code is available, even though source code was not released but analyst are able to decompile or reverse the object code to discern Stuxnet‘s functionality, making it easier to develop new cyber-attack (Denning, 2012). So, one of the major risk of this virus is its ability to replicate as the code developers do not need to start from scratch.
The Stuxnet worm attempts to identify and exploit equipment that controls a nation’s critical infrastructure. So an attack by a virus such as the Stuxnet could result in manipulation of control system code leading to inoperability or long-term damage. This can impact many interconnected critical infrastructure facilities, government preparation and response plan depending on this system may be compromised threatening many aspect of life. Modern infrastructure facilities rely on computer hardware and software continuously to monitor and control equipment that supports numerous industrial processes (Kerr, Theohary and Rollins, 2010). Thus the damage to the nation’s critical infrastructure by the virus threatens many aspects of life, including the government’s ability to safeguard national security interests (Kerr, Theohary and Rollins, 2010).
The discovery of the this Stuxnet worm has raised several issues for Congress about its the impact on national security, government response to it, international treaty to control its use (Kerr, Theohary and Rollins, 2010). To date, numerous countries are known to have been affected by the Stuxnet worm to various degrees however, there is no public information on this which makes it difficult to determine the malware’s potency. To identify and slow progress of its spread to other ICSs, many researchers have speculated the identity of the software code’s developer, however no one has claimed it yet (Kerr, Theohary and Rollins, 2010). To resolve this issue and identify the vulnerabilities, the researcher are studying the Stuxnet and examining the ICS security (Denning, 2012).