AIM’s Post

Day 27/100 #100daysofcybersecurity challenge #Stuxnet - What is Stuxnet? By the time it first became public in 2010, Stuxnet had enabled the destruction of nearly a thousand, or about a fifth, of the centrifuges at Iran’s Natanz nuclear enrichment facility, setting back that nation’s nuclear program by 18 months or more. Obviously, that became international news that lasted not just months but years. After tiptoeing around the attribution issue for a while, most reports settled on saying it was “widely accepted” that Stuxnet was a cyber weapon created by Israeli and U.S. intelligence agencies.  Stuxnet was also significant because the attackers got the worm into the Natanz computers even though the systems were “air-gapped”—not connected to the internet. They gained access by using USB thumb drives to plant the malware on the systems of third-party companies that had a connection to the Iranian nuclear program. Stuxnet was highly targeted, designed to scan only for Siemens STEP 7 software on computers controlling a PLC (programmable logic controller). If either was missing, Stuxnet would go dormant inside the computer. But if both were present, it would modify the codes and give malicious commands to the PLC while returning feedback that made it look like everything was normal. Those commands caused the centrifuges to spin out of control and destroy themselves before anyone monitoring the system knew something was wrong. Reportedly, Stuxnet was never intended to spread beyond Natanz. However, the malware did end up on internet-connected computers and began to spread in the wild, thanks to an extremely sophisticated and aggressive design.

The Nuclear Threat In this essay we ask ourselves, prompted by the actuality of an ongoing conflict with uncertain outcomes, what would happen if a country, or non-state actor, decided to conduct an attack against an adversary equipped with nuclear capabilities and how to avoid such an event. After addressing in the first part of the article the topic of nuclear deterrence as it has evolved since the Cold War, in the second part we focus on possible responses and solutions to probable cyber-attacks on a nuclear facility or weapon system. Keywords: nuclear threat, nuclear deterrence, cyber age, cyberattack, public-private partnership.

🔒 🔒As more countries embrace the peaceful uses of nuclear technology & use advanced technologies such #AI & digital instrumentation, we help them to develop their computer security programmes in response to cyberthreats. #NuclearSecurity 

Stuxnet the most sophisticated malware that ever exists. The main purpose of this malware is to attack iran's nuclear project. #stuxnet Must Watch : https://lnkd.in/dDxnm4pp

𝗦𝗲𝗹𝗹𝗮𝗳𝗶𝗲𝗹𝗱 𝗗𝗲𝗻𝗶𝗲𝘀 𝗘𝘃𝗶𝗱𝗲𝗻𝗰𝗲 𝗼𝗳 𝗡𝘂𝗰𝗹𝗲𝗮𝗿 𝗦𝗶𝘁𝗲 𝗖𝘆𝗯𝗲𝗿𝗮𝘁𝘁𝗮𝗰𝗸 ☢ Sellafield Ltd rebuts The Guardian's claims of a #cyberattack linked to Russia and China, asserting robust #cybersecurity measures in place. The Guardian reported an alleged cyberattack on Sellafield, which the company strongly denies. Sellafield's spokesperson emphasised the strength of their monitoring systems, challenging the validity of these claims. What's your take on the evolving landscape of cybersecurity in critical sectors? How can businesses better prepare against such allegations and threats? Read more at https://lnkd.in/gPnk6BQe #technews #nuclear

Addressing Cyber Threats to Ensure Nuclear Security and Safety: IAEA Conference on Computer Security Begins | IAEA - International Atomic Energy Agency: Addressing Cyber Threats to Ensure Nuclear Security and Safety: IAEA Conference on Computer Security Begins | IAEA  International Atomic Energy Agency #CyberSecurity #InfoSec #SecurityInsights

Hackers claim to have breached Israeli nuclear facility’s computer network. Why it matters: 1. The alleged breach of a sensitive Israeli nuclear installation by an Iran-linked hacking group underscores the rising cyberthreat to critical infrastructures globally. The incident indicates a potential escalation of the cyber warfare landscape, where state-backed actors target nation's capacity to protect their core interests. 2. The theft and publishing of thousands of documents not only expose potential vulnerabilities of the facility but may also provide an inadvertent roadmap for other malicious attackers, thereby creating avenues for future threats. 3. The uncertainty over the authenticity of the released documents, and the claim of having breached the facility, elevates the need for cybersecurity measures to detect and counter deceptive elements that aim to sow confusion and fuel tensions. Learn more by visiting The Record from Recorded Future News: https://lnkd.in/eATcuzGB

Critical Infrastructure Threatened: Cyber Attacks Target Nuclear Plants - The Urgent Need for Enhanced Security Measures! https://lnkd.in/dqMKUvYe #NuclearPlantAttacks #CybersecurityThreats #criticalinfrastructure #IndustrialSecurity #databreach

The Nuclear AMRC has received £295K from the EPSRC in support of their new international project to protect critical infrastructure, such as power stations and water systems, from cyber attacks. The Nuclear AMRC has received £295K from the EPSRC in support of their new international project to protect critical infrastructure, such as power stations and water systems, from cyber attacks. AdobeStock Troci (Towards Resilient Operation of Critical Infrastructure) will focus on protecting the monitoring and control systems which make or inform operational decisions about infrastructure based on data from many sensors. With increasingly complex and autonomous control systems, cyber attacks on the sensors can have serious consequences. At the least, operators can lose data on the state of the system - at worst, decisions are made on false data, with potentially disastrous consequences. #cybersecurity #infrastructure #nuclear