Infiltrating critical infrastructures with next-generation attacks

The W32.Stuxnet attack, which first gained widespread media attention in July 2010, highlights the dangers, complexity and technical sophistication of malware targeting societys critical infrastructures. Attacks of its nature have potentially wide-ranging implications for the operation of Industrial Control Systems (ICS), including Supervisory Control And Data Acquisition (SCADA) systems. After reviewing W32.Stuxnets architecture and functionality, we offer unique insights and best practice recommendations based on our expertise and competencies in the IT security domain. We discuss applicable technical and administrative implications for systems operators as well as lessons learned to prevent future compromises. This paper is intended for technical and non-technical audiences in terested in or responsible for the operation of ICS environments, and who may be vulnerable to attacks exploiting an inadequate IT security posture. We invite readers to contact SIT for site-specific guidance.