I was doing research not too long ago to talk about the Stuxnet worm as I find it an incredible piece of technology and wanted to pitch my two cents at it (I was writing the now defunct “Sucks to Stux” piece, but don’t cry for me Argentina! This is piece is better, that’s The NuclearFarmboy Guarantee ®.) when I came across a nifty little group called “Equation”. So I thought to myself, “ooh another hacker group! Let’s check it out!” Boy, did I jump down the rabbit hole.
First things first, let’s talk a little about Stuxnet. If you’re thinking that it is the system responsible for this:
Running Windows 1984
(Photo Credit: Wikipedia and Orion Pictures)
Then you are wrong. You are thinking of Skynet, not Stuxnet (as much as we all would love to listen to some 1980s synth music while being chased by a half-naked Austrian robot).
What is Stuxnet and what did it do? Well, I’m not here to point out any fingers to world governments or policies to curb/sabotage a third government’s nuclear program (even with thinly veiled references). That’s just not me. I’m a nerd, I love talking about code, science, and baseball so let’s talk about how Stuxnet does what it does and how it did what it did regardless of who made it. Stuxnet was a computer worm meant for cyber-sabotage (cue the Beastie Boys) by targeting programmable logic controllers, or PLCs.
What is a PLC? Well imagine your computer wants do do something in the real world (because yay automation!) and it wants to open doors, control factory processes, assembly lines, or…uranium enrichment centrifuges. These PLCs are essentially mechanisms that translate the code (011010000110100100100001) to physical movements. Just like a keyboard logs a physical action onto a digital code, these PLCs translate the commands from the CPU to do an action (such as speeding up or slowing down your centrifuges). Isn’t the future neat?
Continue reading “From Soft to Firm: New Cybersecurity Challenges Targeting Firmware”
nuclearfarmboy.com 