Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Response

Stuxnet: Target Still Unknown

Created: 03 Nov 2010 16:44:57 GMT • Updated: 23 Jan 2014 18:24:03 GMT • Translations available: 日本語
Eric Chien's picture
0 0 Votes
Login to vote

Since we still haven’t had much success in determining the likely target of Stuxnet, we have decided to release at a high level the behavior of the PLC code. However, we suspect this level of detail while interesting probably still is not enough to identify the potential target.  You can find the additional information starting on page 38 of the latest revision of our paper.

Our previous call for verifiable experts in STL coding that have worked in multiple critical infrastructure industries and coded large STL programs for large industrial control systems in those multiple industries was unsuccessful.  If anyone still wishes to help, they can contact me by clicking on my name at the top to send me a private message.  

Originally this revision would have also described in more detail the remaining Task Scheduler privilege escalation vulnerability, but the vulnerability still remains unpatched.

Here is the link to version 1.2 of the Stuxnet Dossier.