Friday, 15 October 2010

Stuxnet paper updated

Stuxnet Paper

The single most visited page in the Read-out Blogs is that written by Nick Denbow last month (Sept 2010) which we entitled: Stuxnet – not from a bored schoolboy prankster! (21/9/2010). We have endevoured to add links from other sources to this from time to time. This one will also be added to it.

Now Byres Security has issued the latest version of their Stuxnet White Paper and we consider it important enough to add it as a separate blog.

Basically they have massively updated the original paper, published at the start of the Stuxnet event (back in July - see Security threat to the control system world!) to focus on specific mitigations that are recommended for all control systems, regardless of whether Siemens product is used or not.
  • A new summary of what Stuxnet is, what its consequences are, and how it is spreading

  • A revision of the list of vulnerable systems

  • An expanded analysis of the available Detection and Removal tools

  • A new Prevention/Mitigation section that covers both patchable and non-patchable systems

The paper, which is Version 3.0 of this Stuxnet White Paper has been renamed to: 'Analysis of the Siemens WinCC / PCS7 “Stuxnet” Malware for Industrial Control System Professionals' and may be downloaded from their Tofino Website.

No comments:

Post a comment