Back to Blog
Why Stuxnet (Still) Matters: How to Protect Embedded Systems from the World's Most Infamous Malware

blog image stuxnet

There is perhaps no cyberattack more infamous or dangerous than the 2009 Stuxnet attack. It was the first ever weaponized cyberattack. 

About Stuxnet, Michael Haden, Former Director of the NSA & CIA said “I understand the difference in destruction is dramatic, but this has a whiff of August 1945. Someone just used a weapon, and this weapon will not be put back into the box.”

So what exactly made Stuxnet so scary to so many people?

To better understand why Stuxnet was so alarming, and why we’re still talking about it over a decade later, it’s important to understand what exactly Stuxnet was. 

 

Cyberattacks are now a tool of modern warfare

Stuxnet is widely accepted as the work of the United States government, along with the State of Israel. What makes this attack notable is the fact that it was the first time on record that a nation-state developed and executed a cyberattack against another nation. As a result, this set a precedent for many governments to add cyberattacks to their warfare playbook.

We saw proof of this in 2015 when Russia executed an attack that successfully took down portions of Ukraine’s power grid, cutting power to almost 250,000 Ukranians. 

Most recently, four Chinese military officers linked to Chinese intelligence agencies were indicted for the 2017 Equifax breach. This led to speculation that the theft of the private data of 145 million Americans was an attempt to gain further knowledge about US intelligence agents and officials.

 

Stuxnet was the first to target industrial controls systems

The impact of Stuxnet reaches beyond just cyberwarfare, it was also the first attack to specifically target a critical infrastructure facility—in this case an Iranian nuclear power plant.  Delivered by a USB stick, Stuxnet began targeting windows machines and networks. Once the system was infected, Stuxnet began replicating itself and sought out the Siemens Step7 software, which controlled the nuclear centrifuges.

From there, the attackers were able to compromise the programmable logic controllers and take control of the centrifuges, forcing them to speed up to the point of destruction. All the while, the attackers were sending false feedback to the outside controllers, ensuring that there was no indication of anything being wrong until it was too late.

While Iranain officials never confirmed the extent of damage caused by Stuxnet, it is estimated that a total of 1,000 centrifuges were destroyed. And the financial impact reaches beyond just replacing centrifuges—plant downtime should also be taken into account. Without any official numbers out of Iran, it is hard to determine the financial loss incurred. However, it has been estimated that a similar attack executed against a critical infrastructure facility in the US would cost anywhere between $21 billion to $71 billion. 

 

Preventing cyberattacks like Stuxnet requires a new approach

Ten years later, the question still remains: how can we prevent another Stuxnet from happening? 

Answering this question is exactly how Dover Microsystems got its start. 

In 2010, the Pentagon compelled DARPA to fund its $100 million CRASH program—a program with a sole purpose of finding a solution that could defend against cyberattacks, like Stuxnet, that come across the network. Dover’s founding team led the largest prime contract in DARPA’s CRASH program, and over the last ten years we’ve developed our CoreGuard technology into a product fit for commercial use.

Although Stuxnet was a sophisticated piece of malware, it was executed by exploiting an extremely common software vulnerability: a buffer overflow. In fact, buffer overflows are the most common type of software vulnerability, with over 12,000 recorded in MITRE’s Common Vulnerability and Exposures (CVE) database. Of these, approximately 7,500 of them are classified as severe, meaning the complexity of the attack is low, there is no special privilege-level required, no user interaction is necessary, it adversely affects confidentiality, integrity, and/or availability, and there is no known workaround. In short, severe CVEs pose the biggest threat. 

CoreGuard is specifically designed to protect against entire classes of network-based attacks, not just known attacks. As a result, CoreGuard can stop 100% of buffer overflow attacks, including Stuxnet. CoreGuard can do this with our Heap micropolicy, which is included in our base set of micropolicies

Our Heap micropolicy protects memory on the heap by assigning a color to the buffer where the data resides, as well as the pointer to that buffer. The micropolicy dictates that an instruction cannot write data to a buffer with a color that doesn’t match the color of the pointer to the buffer. If an attacker tries to exploit a buffer overflow by writing data to a non-matching buffer and pointer, CoreGuard issues a violation and stops it from executing before any damage can be done.

In 2009, Stuxnet was pulled off using a USB stick. In 2020, as everything is becoming a part of the Internet of Things, these types of attacks are even easier to execute and potentially more destructive. In order to truly protect our embedded systems, cybersecurity requires a new approach—our systems need to be immunized against entire classes of attack, not just known vulnerabilities. 

There are over 67,000 CVEs which are categorized into 120 different classes of attack (or CWEs). CoreGuard can protect against the exploitation of 94% of these known vulnerabilities—including 100% of buffer overflow and code injection attacks (both known and unknown). This means, if there is a new, zero-day buffer overflow attack, CoreGuard will stop it in its tracks before any damage is done. 

To learn more about these vulnerabilities and how CoreGuard stacks up, request a copy of the Cybersecurity Scorecard here.



Share This Post

More from Dover

PublishedMay 12, 2020

There are three guarantees in life: death, taxes, and that software will have vulnerabilities. Through countless tests and studies, it has time and again been proven that for every thousand lines of code, there will be an average of between ...

Security CoreGuard Safety Privacy Defense-in-Depth