Stuxnet – The New Generation Control Systems Computer Worm

Stuxnet is a Windows-specific computer worm first discovered in June 2010 by VirusBlokAda, a security firm based in Belarus. It is the first discovered worm that spies on and reprograms industrial systems. It was specifically written to attack Supervisory Control And Data Acquisition (SCADA) systems used to control and monitor industrial processes.Stuxnet includes the capability to reprogram the programmable logic controllers (PLCs) and hide the changes. (Ref: Wikipedia)

It is the first-ever computer worm to include a PLC rootkit.It is also believed to be the first worm to target critical industrial infrastructure. Furthermore the worm’s probable target has been said to have been high value infrastructures in Iran using Siemens control systems. It has also been said that the infestation by this worm might have delayed the start up of Iran’s Bushehr nuclear power plant. (Ref: Wikipedia)

As of end September 2010 the virus has widely affected Iran, Indonesia and India (Source: Stuxnet Under the Microscope)

image

(Image Source: Stuxnet Under the Microscope)

A high volume of detections in a single region may mean that it is the major target of attackers. However, multiple targets may exist, and the promiscuous nature of the infective mechanism is likely to targeting detail.

With its ability to attack industrial control systems, Stuxnet is the first computer virus that causes real-life harm.

Being a control systems professional I can imagine how much damage these little piece of software can create. It is beyond the imagination of Hollywood movies. With its ability to modify the engineering done in Control or Safety systems it can defeat the very purpose it was built for by turning the Plant to a potential weapon of Mass Destruction (WMD). The disaster may not be a boom & fire as shown in movies. A poisonous gas leak or nuclear spill can be more dangerous, Bhopal Gas tragedy an example of it. Oops! this is more threatening than the Google Threat discussed in my earlier blog. And yes, there are new themes available for Die Hard, War Games, Enemy of State, Eagle Eye……

This also calls for nations to strengthen their Cyber Security. And soon cyber security will become a multi bullion dollar industry, multiple times its current volume. I feel the control systems should move back to proprietary operating systems. Gone are the days when these systems were designed and considered to be more secure. With these systems getting more open day by day with insecure implementation of Microsoft dominated OPC (OLE for Process Control) and integration with upper level solutions like ERP the probability of risk is even higher. The strength of the chain is as strong as the weakest link. With new versions of Windows coming up there has been no increased security. A better solution may be to design Windows operating systems catering to automation platforms.

While it is being claimed that there is remedy for Stuxnet, we really need to wait and see if it is yet to unfold. While this worm has been discovered for Siemens systems and if it is true that it is a nation state sponsored project there are many to come targeting all platforms taking a nation’s defense and economy to its control.

Share

Avatar Movie – A Common man’s review

AvatarPoster

I did not show much interest on this movie as I first saw the dubbed trailer on a Tamil channel expecting it to a be a below average movie promoted by the channel’s excellent marketing team. I really didn’t know till yesterday that it is a James Cameron movie. In fact I wanted to watch this movie just because of Cameron. With 3D tickets not available we chose to watch it 2D at Innovative Multiplex.

I should say I really did not have much expectations expect for Cameron. I already brushed up a bit of the storyline via Wikipedia. The story is simple -“Avatar is the story of an ex-Marine who finds himself thrust into hostilities on an alien planet filled with exotic life forms. As an Avatar, a human mind in an alien body, he finds himself torn between two worlds, in a desperate fight for his own survival and that of the indigenous people.” 

The Story does not do much to the movie. Its purely screenplay and the super cool visual effects (the graphics are designed with finite details) that drives the 3 hour long movie. Wow! One would really wonder the power of imagination and cannot resist the beautiful Pandora’s rainforests (They look so real I wish I was there!)

But the movie reminds of some earlier movies like Matrix while transporting between Human Mind & Avatar and Kamal Hassan when the heroine cries for her dead father.  One cannot expect logic or scientific reasoning in movies like this but some instances does prick your common sense.

Don’t expect a ‘Titanic’ but you can be sure assured of a three hour good time pass.

Overall Rating: image

Share

India – Top Websites

Below is the list of top websites (Top 20) in India as per Alexa as queried today.

All websites are known but what surprised me is the IRCTC website on number 19!

  1. Google India

    google.co.in

    Indian version of this popular search engine. Search the whole web or only webpages from India. Interfaces offered in English, Hindi, Bengali, Telugu, Marathi and Tamil.

  2. Google

    google.com

    Enables users to search the Web, Usenet, and images. Features include PageRank, caching and translation of results, and an option to find similar pages. The company’s focus is developing search technology.

  3. Yahoo!

    yahoo.com

    Personalized content and search options. Chatrooms, free e-mail, clubs, and pager.

  4. Facebook

    facebook.com

    A social utility that connects people, to keep up with friends, upload photos, share links and videos.

  5. Orkut.co.in

    orkut.co.in

    orkut.co.in

  6. Blogger.com

    blogger.com

    Free, automated weblog publishing tool that sends updates to a site via FTP.

  7. YouTube

    youtube.com

    YouTube is a way to get your videos to the people who matter to you. Upload, tag and share your videos worldwide!

  8. Rediff.com India Ltd.

    rediff.com

    Online portal with free e-mail and many other services.

  9. Wikipedia

    wikipedia.org

    An online collaborative encyclopedia.

  10. Indiatimes

    indiatimes.com

    Portal site; includes news stories under subject headings, and links to other information sources.

  11. Twitter

    twitter.com

    Social networking and microblogging service utilising instant messaging, SMS or a web interface.

  12. Windows Live

    live.com

    Search engine from Microsoft.

  13. WordPress.com

    wordpress.com

    Free blogs managed by the developers of the WordPress software. Includes custom design templates, integrated statistics, automatic spam protection and other features.

  14. Microsoft Corporation

    microsoft.com

    Main site for product information, support, and news.

  15. Microsoft Network (MSN)

    msn.com

    Dialup access and content provider.

  16. RapidShare

    rapidshare.com

    Users can upload up to 100 meg files for sharing. Provides downloads of 100 megs per hour on the free service. Premium service also available.

  17. LinkedIn

    linkedin.com

    A networking tool to find connections to recommended job candidates, industry experts and business partners. Allows registered users to maintain a list of contact details of people they know and trust in business.

  18. IN.com

    in.com

    IN.com gives you a short @in.com email address, and lets you find the best of News, Music, Videos and Games, from more than 16,000 websites.

  19. Indian Railway Catering and Tourism Corporation

    irctc.co.in

    Offers online rail ticket booking, and checking of ticket reservation status. Includes train schedules, availability of tickets, and a travel planner.

  20. Cricinfo

    cricinfo.com

    International cricket news, live scores, photos, columns and player profiles. Provides archive scorecards, statistics database, ratings and email newsletter. Part of ESPN International. UK.

Share