Stuxnet was pretty wild. Used four zero-day Windows exploits to pretty much guarantee infection, propagated itself onto other computers on the network, and then did nothing unless it detected its host was running Siemens Step7 software connected to a PLC driving centrifuges within a specific range of frequencies specific to uranium enrichment, at which point it would start fucking with the centrifuge speeds to impede enrichment and drastically increase wear while displaying normal readings on operator stations. It was estimated to have destroyed as much as one fifth of Iran’s uranium centrifuges.
Didn’t it also have to detect the specific PLCs installed in the facility? So if it escaped and got into say a french enrichment facility it did nothing.
I recall somewhere a researcher saying that somewhere.
Stuxnet was pretty wild. Used four zero-day Windows exploits to pretty much guarantee infection, propagated itself onto other computers on the network, and then did nothing unless it detected its host was running Siemens Step7 software connected to a PLC driving centrifuges within a specific range of frequencies specific to uranium enrichment, at which point it would start fucking with the centrifuge speeds to impede enrichment and drastically increase wear while displaying normal readings on operator stations. It was estimated to have destroyed as much as one fifth of Iran’s uranium centrifuges.
Didn’t it also have to detect the specific PLCs installed in the facility? So if it escaped and got into say a french enrichment facility it did nothing.
I recall somewhere a researcher saying that somewhere.
Wild indeed