Zero Days Page #3
and understand everything
that was inside of it.
And just to give you
some context,
we can go through and understand
every line of code
for the average threat
in minutes.
And here we are
one month into this threat
and we were just starting
to discover what we call
the payload
or its whole purpose.
When looking at
the stuxnet code,
it's 20 times the size
but contains almost
no bugs inside of it.
And that's extremely rare.
Malicious code always has
bugs inside of it.
This wasn't the case
with stuxnet.
of code does something
and does something right
in order to conduct its attack.
One of the things that
surprised us
was that stuxnet
utilized what's called
a zero-day exploit,
or basically,
a piece of code
that allows it to spread
without you having
to do anything.
You don't have to, for example,
download a file and run it.
A zero-day exploit
is an exploit that
nobody knows about
except the attacker.
So there's no protection
against it.
There's been
no patch released.
There's been zero days
protection,
you know, against it.
That's what attackers value,
because they know 100 percent
if they have
this zero-day exploit,
they can get in
wherever they want.
They're actually
very valuable.
You can sell these
on the underground
for hundreds
of thousands of dollars.
Chien:
Then we became more worried
because immediately we
discovered more zero days.
And again, these zero days
are extremely rare.
Inside stuxnet we had,
you know, four zero days,
and for the entire rest
of the year,
we only saw
12 zero days used.
It blows all... everything else
out of the water.
We've never seen this before.
Actually, we've never seen it
since, either.
Seeing one in a malware
you could understand
because, you know, the malware
authors are making money,
they're stealing people's credit
cards and making money,
to use it,
but seeing four zero days,
could be worth
half a million dollars
right there,
used in one piece
of malware,
this is not your ordinary
This is...
This is someone bigger.
It's definitely
not traditional crime,
not hacktivists.
Who else?
It was evident
on a very early stage
that just given
the sophistication
of this malware...
Suggested that
there must have been
a nation-state involved,
at least one nation-state
involved in the development.
When we look at code
that's coming from
what appears to be
a state attacker
or state-sponsored attacker,
usually they're scrubbed clean.
They don't... they don't leave
little bits behind.
They don't leave
little hints behind.
Translation
Translate and read this script in other languages:
Select another language:
- - Select -
- 简体中文 (Chinese - Simplified)
- 繁體中文 (Chinese - Traditional)
- Español (Spanish)
- Esperanto (Esperanto)
- 日本語 (Japanese)
- Português (Portuguese)
- Deutsch (German)
- العربية (Arabic)
- Français (French)
- Русский (Russian)
- ಕನ್ನಡ (Kannada)
- 한국어 (Korean)
- עברית (Hebrew)
- Gaeilge (Irish)
- Українська (Ukrainian)
- اردو (Urdu)
- Magyar (Hungarian)
- मानक हिन्दी (Hindi)
- Indonesia (Indonesian)
- Italiano (Italian)
- தமிழ் (Tamil)
- Türkçe (Turkish)
- తెలుగు (Telugu)
- ภาษาไทย (Thai)
- Tiếng Việt (Vietnamese)
- Čeština (Czech)
- Polski (Polish)
- Bahasa Indonesia (Indonesian)
- Românește (Romanian)
- Nederlands (Dutch)
- Ελληνικά (Greek)
- Latinum (Latin)
- Svenska (Swedish)
- Dansk (Danish)
- Suomi (Finnish)
- فارسی (Persian)
- ייִדיש (Yiddish)
- հայերեն (Armenian)
- Norsk (Norwegian)
- English (English)
Citation
Use the citation below to add this screenplay to your bibliography:
Style:MLAChicagoAPA
"Zero Days" Scripts.com. STANDS4 LLC, 2024. Web. 25 Apr. 2024. <https://www.scripts.com/script/zero_days_23977>.
Discuss this script with the community:
Report Comment
We're doing our best to make sure our content is useful, accurate and safe.
If by any chance you spot an inappropriate comment while navigating through our website please use this form to let us know, and we'll take care of it shortly.
Attachment
You need to be logged in to favorite.
Log In