Regis University; CN301
The virus I choose is the Stuxnet virus. I chose this virus almost completely on accident as I stumbled across information about it while researching a paper about the dangers of Wi-Fi hotspots. Stuxnet gets its name from Microsoft, who named the virus after some file names in the code, .stub and MrxNet.sys. What makes Stuxnet so different are a couple of things; first off, it is an extremely complex code for a virus, according to Symantec, it took nearly three months to crack the code! Secondly, it appears to be designed to actually do physical damage to equipment the infected computer was meant to monitor. The first was rare in and of its self; the second was a first for viruses.
The Stuxnet virus was initially introduced in June of 2009. Two more variations were released in March and April of 2010. This is known by the date stamp placed in each virus variant when it compiled. How it was initially introduced is not known for certain, although it is suspected that it was introduced into the computers via removable media. Unless someone comes forward with verifiable information regarding this, the true method may never be known for certain.
The virus, while fairly widespread, was designed to only affect the centrifuge turbines at the Natanz enrichment plant in Iran. This is known from the code within the virus. Before activating its malicious intent it performed a thorough check of the infected system to make sure it only attempted to damage a specific facility. The virus checked for OS, date, anti-virus, Step 7 (Siemens’ software) version, number of centrifuges, number of PLC’s, and model number of frequency controller; if any of these pre-set conditions were not met(as outlined in the code of the virus), the virus exited and did not execute its intent. If all the conditions were met however, the virus would change the rotational speed of rotor turbines within the affected centrifuges in an attempt...