...STUXNET Worm Webster University SECR-5080 Information Systems Security Author Note Certificate of Authorship: This paper was prepared by me for this specific course and is not a result of plagiarism or self-plagiarism. I have cited all sources from which I used data, ideas, or words either quoted or paraphrased. Abstract Discovered in June of 2010, a computer worm called Stuxnet was designed to attack programmable-logic controllers or PLCs that are used to control switches and values in industries that operate a specific type of on Siemens PLC device using Step7 software running on a Windows operating system. The worm was successful because it was able to exploit a of four zero-day flaw of Windows operating system. Stuxnet was a targeted attack by intelligence agencies to delay the enrichment of uranium by Iran. The Stuxnet worm was the first clear public evidence of sophisticated computer malware to sabotage control systems. The Stuxnet reportedly ruined almost one-fifth of Iran's nuclear centrifuges in 2010. Table of Contents Introduction 5 Stuxnet Worm 5 Stuxnet is a Computer Virus 5 How Stuxnet Works 7 Stuxnet and PLCs 9 Stuxnet: Cyber Warfare? 9 Zero-day flaws and Stuxnet 11 Summary 12 References 14 Table of Figures Figure 1: SIEMINS S7 family of PLC (SIEMINS, n.d) 5 Figure 2: Flash Drive 5 Figure 3: Realtek Semiconductor Corp Logo (RealTek, n.d.). 6 Figure 4: Realtek Certificate (Symantec, 2010). 6 Figure 5: How STUXNET...
Words: 2136 - Pages: 9
...Homeland Security’s Virtual Fence Project Failure Introduction After September 11 2001, the Department of Homeland Security (DHS) was created. Part of the mission of the DHS is the responsibility to secure all borders and points from illegal entry. During 2004 the immigration debate was heating up in America and DHS had advocates wanting the border fence to be extended another 1300 miles and some were calling for it to be removed completely. As a fully integrated, intelligence-driven agency, CBP has established programs and built a layered strategy designed to transform border security and other mission critical functions. CBP’s focus is to put enhanced security tools into the hands of its officers and agents so they can accomplish their missions better (Schied, 2009). The Secure Border Initiative Network (SBInet) program was originally intended to facilitate the construction of an integrated border surveillance system comprised of cameras,...
Words: 1255 - Pages: 6
...navigation system with enhanced voice control, eleven 600 watt speakers, eight inch widescreen DVD player, individual cup holders (with warming and cooling units), seat heaters, and any other accessories imaginable. Above all the most appealing thing about the car continues to be its exterior: the sleek, vibrant hue of your favorite color painted across the cars frame, accented by nice classic rims allow all to be spellbound with zealous adoration. This vehicle is the most esteemed possession and was well earned through hard work and dedication. The issue now becomes the price of gas for the car. When compared to non- hybrid cars, hybrid cars should be made mandatory in order to have a long-term supply of transportation fuel that is secure, clean, and in expensive as possible. Oil is the result of plant and animal remains layered beneath impermeable rock for millions of years. Petroleum has been around for more than a century. Since the discovery of oil, by Edwin Drake in 1859, financial and ecological disadvantages have been an issue. Gasoline and diesel powered vehicles emit greenhouse gases. These gases are made mostly of carbon dioxide and contribute to global climate change. Air pollutants are also emitted and contribute greatly to the smog in the air. The toxicity of oil and its harsh effects on the environment, as well as dependency on foreign oil, is the present issue. Energy security refers to the relationship between national security and the availability of natural resources...
Words: 1197 - Pages: 5
...CYBER SECURITY INTRODUCTION It is also known as “Computer Security or IT security”. It is applied to the security of computer, computer network and the data stored and transmitted over them. Today the computer system are used in wide variety of “smart devices, including Smartphone’s, televisions and tiny devices as part of the Internet of Things, and networks include not only the Internet and private data networks, but also Bluetooth, Wi-Fi and other networks. Computer security covers all the processes and mechanisms by which digital equipment, information and services are protected from unintended or unauthorized access, change or destruction and the process of applying security measures to ensure confidentiality, integrity, and availability of data both in transit and at rest. There are the various elements of the cyber security which are as: 1. Application Security 2. Information Security 3. Network Security 4. Mobile Security 5. Internet Security 6. Cyberwarfare One of the most problematic elements of cybersecurity is the quickly and constantly evolving nature of security risks. The traditional approach has been to focus most resources on the most crucial system components and protect against the biggest known threats, which necessitated leaving some less important system components undefended and some less dangerous risks not protected. "The threat is advancing quicker than we can keep up with it. The threat changes faster than our idea of the risk. It's no longer...
Words: 3559 - Pages: 15
...Security in the Smart Grid introduction Present and future battlefronts of electronic terrorism includes the state of readiness and resilience of the computer equipment protecting America's energy distribution networks and industrial control systems. According to a Pike research report [1] published March 1st of this year, it is projected that investments in smart grid cyber security will total $14 billion through 2018. First, what is a power grid? A power grid consists of several networks that carry electricity from the power plants where it is generated to consumers, and includes wires, substations, transformers, switches, software, and other hardware. The grid in the past used a centralized one-way communication distribution concept that consisted of limited automation, limited situational awareness, and did not provide the capability for consumers to manage their energy use. “Smart Grid” generally refers to a class of technology designed to upgrade the current utility grid infrastructure to improve the efficiency on the power network and in energy users’ homes and businesses. Much of the legacy power plant infrastructure is now over 30 years old with electrical transmission and distribution system components (i.e. power transformers) averaging over 40 years old and 70% of transmission lines being 25 years or older [2]. In December 2007, Title XIII of the Energy Independence and Security Act of 2007 became an official...
Words: 3081 - Pages: 13
...attacks of September 11 have exposed the vulnerability of the American homeland against terrorism. Terrorists have already expressed their intentions to continue their aggression towards United States. Their goal is to incur maximum economic damage, inflict mass casualty, spread unprecedented fear among citizens and thus destabilize the nation to further their agenda. Many critical sites lay across US maritime borders, all of which could be potential targets to accomplish these goals. All these sites are simple elements of a complex body where the vulnerability of the whole system is a function of the vulnerability of the weakest element against an adaptive adversary. Ports, nuclear facilities, LNG facilities, urban areas, bridges, chemical plants and other critical infrastructure are all elements of this complex system. In this paper, we review the current status of...
Words: 14868 - Pages: 60
...AIS Research Paper S1 Poly-Boats & Surfboards Inc. Wilmington University Table of Content List of Tables and Figures 3 Introduction 4 Benefits and Disadvantages 5-6 Holism vs. Reduction 7-8 System Development Life Cycle 8 Planning 9 Analysis 9 Design 10 Development 11 Testing 11 Implementation 11-12 Maintenance 12-13 Data Management – Data-back-up/Disaster Recovery 13-14 Impact of Implementation 14 Administrative procedures - human and process changes 15-18 Changes in organizational Policy 18-20 Training requirements 20 References 21-22 List of Figures Figure 1-A: Organizational Effectiveness 7 Figure 2-A: Design 9 Figure 3-A: Planning 9 Introduction The organization has been active for ten years and has five fulltime employees and is located in Rehoboth Beach, Delaware, near the outlet malls. They manufacture and sell lightweight boats, surfboards, and body boards in addition to a variety of accessory associated with the sports. The system used to manage the operation is three Dell OptiPlex computers on a wireless network. The Software used is Windows Office 10, specifically Microsoft Access, Excel and Word. The software provides an opportunity to maintain customer account data, address, as well as Suppliers...
Words: 3743 - Pages: 15
...reliability improved through the implementation of greater redundancy •Digital modems should replace the analog modems, improving reliability and connection speed •Wireless network standards need to be developed and implemented, and wireless access needs to be provided to several other locations •A new central directory needs to be created and developed as the authoritative source for identity information and authentication •A state-of-the-art backup system will be implemented for centralized backup of enterprise systems Upgrading IDI’s software is more than just an economic business decision. It is a matter of security, productivity, lower costs, and employee morale. The decision to upgrade software must be examined like any other decision. The longer a software package has been around and the more popular the software package is, the more the software represents a security risk. Over the useful...
Words: 3341 - Pages: 14
...project. According to Burd, S.D, et al (Systems Analysis and Design in a Changing World, 2004), there are several methods of information gathering and most widely used, and they are the following: Review existing reports, forms, and procedure descriptions; Conduct interviews and discussions with users; Observe and document business processes; Build prototypes; Distribute and collect questionnaires; Conduct joint application development (JAD) sessions; Research vendor solutions. Company Background Founded by a professor of Chemistry in the year 1991, Dr. Riordan’s company initially a research and development and licensing of its existing patents, obtained a venture capital in 1992 purchase a fan manufacturing plant in Pontiac, Mi. With the purchase of the manufacturing plant in Pontiac, Dr. Riordan change his company name from Riordan Plastic, Incorporated to Riordan Manufacturing, Incorporated. As the company grew on the production of plastic beverage containers in 1993, Riordan Manufacturing expanded in Albany, GA. Recent expansion of...
Words: 3386 - Pages: 14
...SC Response to Terrorism Project MIT Center for Transportation and Logistics “Supply Chain Response to Terrorism: Creating Resilient and Secure Supply Chains” Supply Chain Response to Terrorism Project Interim Report of Progress and Learnings August 8, 2003 This report was pre pared by James B. Rice, Jr. of the MIT Center for Transportation and Logistics (CTL) and Federico Caniato of Politecnico di Milano for the Supply Chain Response to Terrorism Project team with contributions from team members Jonathan Fleck, Deena Disraelly, Don Lowtan, Reshma Lensing and Chris Pickett. This work was conducted under the direction of Professor Yossi Sheffi, CTL Director. Please contact James B. Rice, Jr. of CTL (jrice@mit.edu or 617.258.8584) if you have any questions or if you would like to discuss this report. 08/12/2003 1 SC Response to Terrorism Project Supply Chain Response to Terrorism Project: Interim Report of Progress and Learnings 1 2 Executive summary........................................................................................................... 4 Research introduction and background ............................................................................. 6 2.1 Introduction................................................................................................................ 6 2.2 Background Research ................................................................................................ 6 2.3 Project...
Words: 28274 - Pages: 114
...International Review of Business Research Papers Vol.2. No.4. December 2006, Pp. 39-50 eBusiness-Process-Personalization using Neuro-Fuzzy Adaptive Control for Interactive Systems Zunaira Munir1 , Nie Gui Hua2 , Adeel Talib3 and Mudassir Ilyas4 ‘Personalization’, which was earlier recognized as the 5th ‘P’ of e-marketing , is now becoming a strategic success factor in the present customer-centric e-business environment. This paper proposes two changes in the current structure of personalization efforts in ebusinesses. Firstly, a move towards business-process personalization instead of only website-content personalization and secondly use of an interactive adaptive scheme instead of the commonly employed algorithmic filtering approaches. These can be achieved by applying a neuro-intelligence model to web based real time interactive systems and by integrating it with converging internal and external e-business processes. This paper presents a framework, showing how it is possible to personalize e-business processes by adapting the interactive system to customer preferences. The proposed model applies Neuro-Fuzzy Adaptive Control for Interactive Systems (NFACIS) model to converging business processes to get the desired results. Field of Research: Marketing, e-business 1. Introduction: As Kasanoff (2001) mentioned, the ability to treat different people differently is the most fundamental form of human intelligence. "You talk differently to your boss than to...
Words: 4114 - Pages: 17
...device. * Service/retail, a consumers are given the ability to place and pay for orders on-the-fly. * Information services, which include delivery of financial news, sports figures and traffic updates to a single mobile device. * M-commerce is also being used for the sale of mobile ringtones and games, ticketing, athough a 3G/UMTS services roll out it is increasingly used to enable payment for location based service such as maps, as well as video and audio content, including full length music tracks. IBM and other companies are experimenting with speech recognition software as a way to ensure security for m-commerce transactions ADVANTAGE OF M-COMMERCE * The benefits of M-commerce include customer satisfaction. Cost savings and new business opportunities. * Use M-commerce anytime. Anywhere with the light-weighted device * Single owner has control over data whereas the mobile device can be highly personalized. * M-commerce can bring the buyer and seller together more easily and facilitate greater profit and a closer customer relationship. Underlying Technologies of M-commerce The main technologies which made M-commerce as...
Words: 2662 - Pages: 11
...Tata Steel Tata Steel was set up by Sir Dorabji Tata in 1907 as a part of his father Jamshetji’s Tata Group. Jamshetji dreamed of setting up 4 institutions in India – a Modernized Steel Manufacturing Facility, a Power Plant, a World Class scientific educational institution and a Hotel at par or even better than the global standards. Out of these four, only the Hotel – Taj Mahal Hotel was established during his lifetime. Traditional paternalism; fair and honest management; business ethics and philanthropy are widely recognized as the Tata industrial ethos. Set up at Jamshedpur, in Eastern India, Tata Steel is currently among the global top 10 steel companies with crude steel capacity of over 28mt annually. It operates in 26 countries with commercial presence in over 50 countries, making it world’s most geographically-diversified steel producers. It believes that the principle of mutual benefit – between countries, corporations, customers, employees and communities - is the most effective route to profitable and sustainable growth. The company has a vibrant mechanism for two-way communication, participative management through joint consultation and a high degree of commitment towards its social responsibility. Renowned for its pioneering initiatives in labor welfare and exemplary industrial relations, the company has not lost a single day of work since 1928. Some of the major initiatives in labor welfare which were later converted to laws by government are listed below: Tata...
Words: 2883 - Pages: 12
...SYSTEM MODELING CONTEXT MODELS INTERACTION MODELS STRUCTURAL MODELS BEHAVIORAL MODELS MODEL-DRIVEN ENGINEERING ARCHITECTURAL DESIGN ARCHITECTURAL DESIGN DECISIONS ARCHITECTURAL VIEWS ARCHITECTURAL PATTERNS APPLICATION ARCHITECTURES DESIGN AND IMPLEMENTATION OBJECT-ORIENTED DESIGN USING THE UML DESIGN PATTERNS IMPLEMENTATION ISSUES OPEN SOURCE DEVELOPMENT SOFTWARE TESTING DEVELOPMENT TESTING TEST-DRIVEN DEVELOPMENT RELEASE TESTING download.benjaminsommer.com | 1 3 5 5 7 10 13 16 16 17 17 19 20 21 21 23 24 25 26 29 30 31 32 32 33 34 35 37 38 39 39 42 44 45 47 48 50 51 52 56 57 October 21, 2011 USER TESTING SOFTWARE EVOLUTION EVOLUTION PROCESSES PROGRAM EVOLUTION DYNAMICS SOFTWARE MAINTENANCE LEGACY SYSTEM MANAGEMENT DEPENDABILITY AND SECURITY [SOFTWARE ENGINEERING LECTURE NOTES] 58 59 60 61 62 65 67 67 68 70 71 72 73 74 74 75 76 77 77 77 78 80 81 82 83 83 SOCIOTECHNICAL SYSTEM COMPLEX SYSTEMS SYSTEMS ENGINEERING SYSTEM...
Words: 24348 - Pages: 98
...Al Ain Dairy: market expansion Melodena Stephens Balakrishnan Melodena Stephens Balakrishnan is an Associate Professor (Marketing) in the Faculty of Business and Management, University of Wollongong in Dubai, Dubai, United Arab Emirates. hashi Kumar Menon, the chief operating officer of Al Ain Dairy was at their launch of the new product Long Life Juice in Dubai on 16 July 2010. To a room full of media and interested stakeholders, he explained the company’s upcoming six month plan. Al Ain Diary was UAE’s largest dairy company by market share but now wanted to replicate their success in dairy in both the regional market and the fruit juice market. There were challenges: increasing production capabilities; product innovation (increasing shelf life); the supply chain management (dairy especially needs to be transported at a 48C condition and there is a need for access to a steady supply of fodder); and brand building in newer markets. Shashi needs to prioritise what new products they want to move into (options include related lines like cheese); assets they need to acquire (manufacturing); and what future skills they need to develop to meet the regional challenge. There is a three to four year time frame to prioritise these objectives as the markets are still in recession. Shashi says about their vision for the future: S We are very much a local company and would like to be seen as regional at least in the Khaleej [GCC Countries], if not beyond ....
Words: 3605 - Pages: 15
