Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Go to Internet and find the following question’s answer about a virus called Stu

ID: 664352 • Letter: G

Question

Go to Internet and find the following question’s answer about a virus called Stuxnet. For example, this source is a relevant one (http://www.eset.com/us/resources/white-papers/Stuxnet_Under_the_Microscope.pdf), but you are welcome to bring your own source of information (cite in your answer as appropriate).

i) In layman sentences, briefly explain how stuxnex virus operates and can performs malicious activities. What kind of computers are the target of this virus?

ii) What types of reverse engineering tools can be used to discover stuxnet operation?

iii) What protections are available to defend against infection of stuxnet virus?

iv) Do you think stuxnet might attack your personal computer? Explain why.

Explanation / Answer

1.Stuxnet is a computer work and is designed to attack industrial Programmable Logic Controllers(PLC are used for automation of electrochemical process such as those digital computer used for controlling machinery). It ranges from exploiting the multiple zero-day vulnerabilities, modifying system libraries, attacking RPC server, to installing signed drivers on operating systems(Wndows). It is capable of auto updating and renew itself from earlier versions automatically. It communicates with command servers to provide information to its creators and conceals its presence. It has three modules

i>Worm- It executes all the routines related to the main payload of the attack.

ii> Link File- It automatically executes the propagated copies of the worm.

iii>Rootkit- It is responsible for hiding and concealing Struxnet.

The main target of Struxnet virus are Industrial PLC’s that control the centrifuges. They are special computers controlling electronic devices and industrial system.They are connected to the computer that control and monitor them. They uses third party vectors for their injection like USB flash drives. It can only infect three computers from a given flash drives.

3 The protection available for defending against struxnet are:

i>Need to isolate command and control networks from shared public networks.

ii>Proper password and access control to be maintained

iii>More rigrous methods of patching and compliance should be there.

iv>Latest anti virus and timely updation of it.

v> Integrity checks of the core operating system software and libraries that run on the PCs and the PLC logic on the controller.

4. Stuxnet generally attacks PLC’s and high value assets controlling such as machinery, etc. But, it can also attack window based operating system and can auto update itself. It can easily be infected through USB flash drives and thus can affect our personal computers as well.

Related Questions

Go Green is a business selling worm farm start-up kit for $12 each. This year, G
Question #2485878
Go Hard has total fixed costs of $2,160 per day. The firm manufactures Go Hard a
Question #1249160
Go Program Please I need to write a program that import and uses the following p
Question #3744560
Go Program Please help. I need to write a GO program that will import the follow
Question #3744549
Go Systems had the following payroll data for wages for the week ended February
Question #2421056
Go Tools Window Help 6 Diversity Assignments-2.pdf (page 10 CASE Marion Shaub wa
Question #348123
Go Tools Window Help B Bri 100% , EC1102.2015midterm.pdf (page 3 of 9) a Search
Question #3064203
Go Tools Window Help CSE30leb.pdf (page 1 of 3)- Q Search Getting started Create
Question #3678642
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Go to HYPERLINK \"http://www.bea.gov/\" http://www.bea.gov/ Find the information
Next
Go to MSN Money. (http://investing.money.msn.com/investments/key-ratios) and typ

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.