Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Infiltrating critical infrastructures with next-generation attacks

W32.Stuxnet as a showcase threat; Version 1.4
: Brunner, M.; Hofinger, H.; Krauß, C.; Roblee, C.; Schoo, P.; Todt, S.

Fulltext urn:nbn:de:0011-n-1513303 (2.5 MByte PDF)
MD5 Fingerprint: 532fda5e508b32fe86fcede5ab13c9a8
Created on: 28.1.2011

Darmstadt: Fraunhofer SIT, 2010, 30 pp.
Report, Electronic Publication
Fraunhofer SIT ()

The W32.Stuxnet attack, which first gained widespread media attention in July 2010, highlights the dangers, complexity and technical sophistication of malware targeting societys critical infrastructures. Attacks of its nature have potentially wide-ranging implications for the operation of Industrial Control Systems (ICS), including Supervisory Control And Data Acquisition (SCADA) systems. After reviewing W32.Stuxnets architecture and functionality, we offer unique insights and best practice recommendations based on our expertise and competencies in the IT security domain. We discuss applicable technical and administrative implications for systems operators as well as lessons learned to prevent future compromises. This paper is intended for technical and non-technical audiences in terested in or responsible for the operation of ICS environments, and who may be vulnerable to attacks exploiting an inadequate IT security posture. We invite readers to contact SIT for site-specific guidance.