Zero Days Page #4
But in stuxnet
there were actually
a few hints left behind.
One was that, in order to
get low-level access
to Microsoft windows,
stuxnet needed to use
a digital certificate,
which certifies that
this piece of code
came from
a particular company.
Now, those attackers obviously
couldn't go to Microsoft
and say,
"hey, test our code out for us.
And give us
a digital certificate."
So they essentially
stole them...
From two companies
in Taiwan.
nothing to do with each other
except for
their close proximity
in the exact same
business park.
Digital certificates
are guarded very, very closely
behind multiple doors
and they require multiple
people to unlock.
Security:
...To the camera.Chien:
And they need to provideboth biometrics
- and, as well, pass phrases.
It wasn't like
those certificates were
just sitting on some machine
connected to the Internet.
Some human assets
had to be involved, spies.
O'murchu:
Like a cleaner whocomes in at night
and has stolen
these certificates
from these companies.
It did feel like walking
onto the set
of this James Bond movie
and you...
You've been embroiled
in this thing that,
you know, you...
You never expected.
We continued to search,
and we continued
to search in code,
and eventually we found some
we were able to follow.
It was doing something
with Siemens,
Siemens software,
possibly Siemens hardware.
We'd never ever seen that
in any malware before,
something targeting Siemens.
We didn't even know why
But after googling,
very quickly we understood
it was targeting
Siemens plcs.
Stuxnet was targeting
a very specific hardware device,
something called a plc or
a programmable logic controller.
Langner:
The plc is kind ofa very small computer
attached to
physical equipment,
like pumps,
like valves, like motors.
So this little box is
running a digital program
and the actions
of this program
turns that motor on, off,
or sets a specific speed.
Chien:
Those programmodule controllers
control things like
power plants, power grids.
O'murchu:
This is used in factories,
it's used in
critical infrastructure.
Critical infrastructure,
it's everywhere around us,
transportation,
telecommunications,
financial services,
health care.
So the payload of stuxnet
was designed
to attack some
very important part
of our world.
important.
very dangerous.
Langner:
The nextvery big surprise came
when it infected
our lab system.
We figured out that
the malware was probing
for controllers.
Translation
Translate and read this script in other languages:
Select another language:
- - Select -
- 简体中文 (Chinese - Simplified)
- 繁體中文 (Chinese - Traditional)
- Español (Spanish)
- Esperanto (Esperanto)
- 日本語 (Japanese)
- Português (Portuguese)
- Deutsch (German)
- العربية (Arabic)
- Français (French)
- Русский (Russian)
- ಕನ್ನಡ (Kannada)
- 한국어 (Korean)
- עברית (Hebrew)
- Gaeilge (Irish)
- Українська (Ukrainian)
- اردو (Urdu)
- Magyar (Hungarian)
- मानक हिन्दी (Hindi)
- Indonesia (Indonesian)
- Italiano (Italian)
- தமிழ் (Tamil)
- Türkçe (Turkish)
- తెలుగు (Telugu)
- ภาษาไทย (Thai)
- Tiếng Việt (Vietnamese)
- Čeština (Czech)
- Polski (Polish)
- Bahasa Indonesia (Indonesian)
- Românește (Romanian)
- Nederlands (Dutch)
- Ελληνικά (Greek)
- Latinum (Latin)
- Svenska (Swedish)
- Dansk (Danish)
- Suomi (Finnish)
- فارسی (Persian)
- ייִדיש (Yiddish)
- հայերեն (Armenian)
- Norsk (Norwegian)
- English (English)
Citation
Use the citation below to add this screenplay to your bibliography:
Style:MLAChicagoAPA
"Zero Days" Scripts.com. STANDS4 LLC, 2024. Web. 4 May 2024. <https://www.scripts.com/script/zero_days_23977>.
Discuss this script with the community:
Report Comment
We're doing our best to make sure our content is useful, accurate and safe.
If by any chance you spot an inappropriate comment while navigating through our website please use this form to let us know, and we'll take care of it shortly.
Attachment
You need to be logged in to favorite.
Log In