Analysis of the Stuxnet Worm
Rescheduled from November
On Wednesday, 8 February 2012, Liam O Murchu of Symantec will discuss the analysis of the Stuxnet Worm.
Abstract
Stuxnet has gained a lot of attention from researchers and media recently. There is good reason for this. Stuxnet is one of the most complex computer threats that have been discovered.
Stuxnet is a threat that was primarily written to target an industrial control system or set of similar systems. Industrial control systems are used in gas pipelines and power plants. Its final goal is to reprogram industrial control systems (ICS) by modifying code on programmable logic controllers (PLCs) to make them work in a manner the attacker intended and to hide those changes from the operator of the equipment. In order to achieve this goal the creators amassed a vast array of components to increase their chances of success. This includes zero-day exploits, a Windows rootkit, the first ever PLC rootkit, antivirus evasion.
The Symantec Stuxnet Dossier is available at:
http://www.symantec.com/connect/blogs/updated-w32stuxnet-dossier-available
About the Speaker
Liam O Murchu is the manager of Security Response Operations for North America with Symantec. In this role he leads the team of malware reverse engineers and is constantly combating the latest malware attacks and dealing with cutting edge threats of all sorts. Liam has analyzed the majority of the high profile threats that have emerged in the last number of years, both documenting their actions and working with both private parties and law enforcement agencies to counter these threats. His research has been presented before the US congress and the British and EU Parliaments. As part of his research he has been credited with discovering several zero day vulnerabilities. Recently Liam has analyzed the Stuxnet worm which targeted Uranium enrichment plants in Iran.
When
Wednesday, 8 Febrary 2012. 6:30 PM pizza/networking, 7 PM presentation, Q&A
Where
Richter Auditorium, Ahmanson Science Center, California Lutheran University