Ten Years Later, EclecticIQ Examines Evolution of Stuxnet-like Attacks

EclecticIQ
6 min readNov 9, 2020

Stuxnet malware was reportedly a US-Israel joint enterprise against a critical infrastructure target. The main payload was allegedly introduced on a USB device by an insider threat working for the AVID, via supply-chain compromise. Stuxnet was an original malware tailored to cause ICS (Industrial Control System) connected systems to malfunction, contributing to physical destruction. The malware was code-signed and had worm capabilities. The current implications that similar threats have to public safety and geopolitics warrant further examination and review.

EclecticIQ analysts examined Stuxnet ten years after its discovery to address:

  • Similar threats to ICS demonstrated in attacks since Stuxnet.
  • Changes in threat actor capability and motivation.
  • Vulnerability assessment of ICS environments
Stuxnet, 10 years after.

ICS Attacks Are Still Resource Intensive to Develop and Are Likely to Remain Within the Realm of Nation-State Actors

EclecticIQ analysts conclude targeted destructive ICS attacks remain tailored, often requiring physical facility access, with low probability of widespread adoption by unsophisticated threat actors. At the same time, ICS attacks are of greater concern because of expanded adoption of ICS…

--

--

EclecticIQ
EclecticIQ

Written by EclecticIQ

EclecticIQ is a global provider of threat intelligence technology and services. Our clients are some of the most targeted organizations, globally.