Symantec has finally understood Stuxnet

Security firm Symantec says it has discovered that the Stuxnet worm targeted specific motors used, for instance, in uranium enrichment processes. With the support of a Dutch Profibus expert, Symantec says, in a blog posting, that it has now managed to fully interpret the purpose of the Stuxnet code. Apparently, Stuxnet is designed to manipulate frequency converters which determine motor speed.

Symantec’s findings indicate that Stuxnet targeted industrial plants with a specific combination of components and characteristics: The target computer must have a type S7-300 CPU and is designed to control up to six type CP-342-5 Profibus communications modules that can each connect to up to 31 frequency converters. Symantec said Stuxnet only attacks converter drives made by two specific vendors, one in Finland and the other in the Iranian capital of Tehran. The malware reportedly requires the frequency converter drives to be operating between 807 Hz and 1210 Hz. By changing the output frequency, and with it the working speed, of the motors for short intervals over periods of months, Stuxnet reportedly sabotages the industrial control process the motors are used for.

( Please click here to read the full article on Stuxnet )

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: