SCADA/ ICS security

Stuxnet Worm Revealed – Installation, Injection and Mitigation

December 16, 2010 by Joel Langill

In the videos below, Joel Langill deconstructs each part of the worm to show it in action. In the second video you’ll see the best practices that InfoSec Institute uses (we have a training course dedicated to SCADA control systems which includes a robust Stuxnet lab) to mitigate this type of infection and security breach.

Part 1: Introduction, Installation, and Injection

Part 2: Mitigation & Prevention

The Stuxnet worm has generated a lot of media attention and coverage for some of it’s features as well as targets. The complexity not normal for malware that we’ve witnessed, and consists of attacks against three different systems:

  • Windows Infection
  • Step7 Infection
  • PLC Infection

If you’d like to know more about Stuxnet & SCADA security, attend our SCADA Security Boot Camp. Leave a comment below if you have a specific instruction or ideas of what you’d like to learn in any follow-up or explanations of this video.

Posted: December 16, 2010
Articles Author
Joel Langill
View Profile

Joel Langill is a security researcher for InfoSec Institute and has over 25 years of control systems experience. He possess an in-depth knowledge and experience in industrial control systems architectures, product development, system implementation, system upgrades and migrations in a variety of roles covering manufacturing of consumer products, oil and gas including petroleum refining, automation solution sales and development, and system engineering.
His employers have included major companies such as General Electric, Shell Oil Company, Honeywell Process Solutions, and ENGlobal Automation. Langill, through his previous employers, gained rare and insightful expertise in the risks and mitigation of cyber vulnerabilities in industrial control systems.

Langill’s unique approach to security emphasizes the processes and people used to implement security programs, rather than relying solely on technology or “products”. The best strategy for comprehensive security balances People, Processes and Products.

His perspective has been sought and cited by numerous industry publications focused on both industrial automation and information security. Most recently he has played a central role in the analysis and implications of the Stuxnet worm, including new methods of mitigating current and future attacks on critical infrastructure.


Notice: Undefined index: visitor_id12882 in /www/resourcesinfosecinstitute_601/public/wp-content/plugins/infosec-user-info/infosec-user-info.php on line 117