Stuxnet Network Worm Computer Science Essay

Stuxnet Network Worm Computer Science Essay Stuxnet, a network worm that, during the early part of 2010, began to infect Industrial Control Systems (ICS) and programmable logic controllers (PLCs) becoming the first rootkit for PLCs. PLCs are usually not connected to the Internet, or the internal network, so the creators had to devise a method to get the worm onto these systems. The worm would use 4 zero-day vulnerabilities to propagate through internal networks, and would load itself onto flash drives. Once the flash drive was plugged into an ICS, it would copy itself onto the system, and begin to check to see if there was a PLC attached to the system. The worm would first gather information of its victim to determine if it was its target, and if it found it, the worm would began to alter the code of the PLCs which were believed to sabotage the systems. In the end it is undetermined if Stuxnet reached its goal. Stuxnet Stuxnet is a worm that is said to be an incredibly large and complex threat. It was primarily written to target a specific ICS or a set of similar systems, likely somewhere in Iran. The final goal of Stuxnet is to reprogram an ICS by modifying the code on the PLCs to make them work in the manner the attacker intended, such as operate outside normal boundaries, and to hid these changes from the operators of the machine. The creators, in order to achieve their goal, amassed a variety of components to increase the chance of success. These components included: zero-day exploits, anti-virus evasion techniques, windows rootkit, the first ever PLC Stuxnet 4 rootkit, hooking code, process injection, network infection routines, peer-to-peer updates, and a command and control interface. The worm was found in July of 2010, and is confirmed to have existed a year prior to that, and likely it has existed before that, with a majority of the infections being based in Iran. June 2009 was the earliest Stuxnet sample seen. It did not exploit an auto-run function of a removable storage, and did not contain signed drivers to install itself. In January of 2010, Stuxnet reappeared, this time it had signed certificate from Realtek, and could install itself without any problems. July of 2010 Microsoft revokes the stolen Realtek driver used by Stuxnet, and the very next day, Stuxnet reemerges with a signed JMicron Technology Corp certificate. By September of 2010, the wormà ¢Ã¢â€š ¬Ã¢â€ž ¢s exploits have been patched by Microsoft, and all stolen signed certificates revoked. Stuxnet had many features included into it to make sure it reached its goal. Some of these features included a self-replication through removable storage, spreading with a vulnerability in Windows Print Spooler, making itself execute with the Step 7 project, updating through peer-to-peer, command and control server for updates by a hacker, bypasses security features, and hides all modified code on PLCs. Stuxnet is capable of more, far more, but these are the most noticeable features about this worm that make it a large and complex threat. Stuxnet 5 Injection The injection method used by Stuxnet was complex, due to the fact that it had to make sure it would infect its target machine, and so it could bypass any security encountered. In order to load any .dll, including itself, Stuxnet would call the LoadLibrary with a specially crafted name that does not exist on the disk and normally cause LoadLibrary to fail. However, W32.Stuxnet has hooked Ntdll.dll to monitor for requests to load specifically crafted file names. These specially crafted file names are mapped to another location instead that is specified by W32.Stuxnet. Once a .dll file has been loaded by this method, GetProcAddress is then used to find the address of a specific export from the .dll file and that export is called, handing control to the new .dll file. If Stuxnet detects any security software, it will get the main version of it and rerun itself in a new process to bypass the scanning of the software. The process of injecting itself into a process is located in Export 15. First it checks the configuration data of the system, and then it will check to see if the system is 64-bit, which if it is it will exit the system. Once it has determined it is running on a 32-bit system it will check the OS, and then check to see if it has admin rights. If it does not it will check the os once more and determine if it is on XP of Vista. If it is on XP used a zero-day vulnerability in Win32k.sys, and use an escalation of privilege to restart itself in csrss.exe. If it is on Vista is uses a zero-day vulnerability in Task Scheduler, to escalate its privilege, and restart as any new task. Once it has the highest admin rights, Stuxnet will then call Export 16. Stuxnet 6 Export 16 installs Stuxnet onto the system and will also check the configuration data of the system. It will then check the registry value of NTVDM Trace, and if it is 19790509, it will not proceed. This is thought to be an infection marker, or a do not infect marker. If it is not set to this it will continue installation. Stuxnet then checks the date, if it is past 06/24/2012, it will exit and not install, this is Stuxnetà ¢Ã¢â€š ¬Ã¢â€ž ¢s kill switch date. It will then see if it is on XP or Vista. If on XP it will set the DACL, if on Vista it will set the SACL. It will then create its files, including its main payload file Oem7a.pnf. It then checks the date one more time, before decrypting its files and loading itself onto the disk, and then calling export 6 to get its version. It will then compare its version number with one on the disk, and then install its rootkit files, Mrxcls.sys and Mrxnet.sys. It will then hide all its malicious files, and infect any removable storage devic e, and then finally infects Step 7 projects. Attack ICS are operated by specialized code on PLCs, which are often programmed from Windows computers that are not connected to any network. The creator would have needed the schematics of the ICS, to know which ones the worm should go after, so it is believed an insider, or an early version of Stuxnet, retrieved them. They would then create the latest version of Stuxnet, which each feature of it was implemented for a reason and for the final goal of the worm. The worm would then need to be tested on a mirrored environment to make sure the program worked correctly. The hackers needed signed certificates to allow Stuxnetà ¢Ã¢â€š ¬Ã¢â€ž ¢s drivers to be installed and to get them they would have had to physically go into the companies and take Stuxnet 7 them. Once this was accomplished the worm would needed to be introduced into the environment of infection, and was done so by a willing or un-willing third party, such as a contractor of the systems, which was most likely done with a flash drive. Once injected into the systems, Stuxnet would begin to spread in search of Windows computers used to program PLCs, which are called field PGs. Since these computers are not networked, Stuxnet would spread through LAN using a zero-day vulnerability, infecting Step 7 projects, and through removable storage. Once Stuxnet found a computer running Step 7, it would begin to check values from the ICS, determining if it was on the correct system. It would do this for 13 days to 3 months, and then wait two hours, before sending a network burst to the connected devices. These burst were the newly modified PLC code that contained instructs to change the frequency at which the devices operated on, making them operate outside of normal boundaries. Victims would not see the modified code, as Stuxnet hides its modifications by intercepting read and write commands. If someone sent a read command to the PLC, Stuxnet would intercept it, and if it was to read an infected section, Stuxnet would pull an unedited copy from itself, and send it to the person. If it was a write command, Stuxnet would make it seem like it went through. Though the attack caused more damage due to it spreading beyond the target onto outside computers, it is likely this was necessary to achieve their goal. It is believed the attackers accomplished their goal before they were discovered. Due to all this, Stuxnet is believed to be one of the most complex malicious software written to date. Stuxnet 8

Managing AIDS

Introduction In the situation with Frank Deloisio, a middle manager who had AIDS, Jean Langone Smith had one of the greatest tests of her career. She was encountered a case of the type which so many managers can come across, as one in every 250 Americans has been diagnosed with the plague of the twentieth century, yet the situation is so delicate that few books can help a person in managing position to sort out the ethical issues that relate to it. Managing AIDS: Issues To Confront In a sense, managing a person diagnosed with AIDS is similar to managing any other person who has been diagnosed with a different terminal illness like cancer or tuberculosis in the final stages. However, AIDS is a special social phenomenon due to the stigma associated with this contagious disease. It has come to symbolize the bohemian lifestyle of the homosexuals and prostitutes, and many people feel that a person is to blame for having incurred such a condition. Besides, despite the medical professionals’ assurances, there are still fears that a person with this condition may infect somebody in the environment, which makes the removal of such a person from the group desirable for some. One more issue that was associated with AIDS in Frank’s case was his frequent absences. He in some ways had to use Jean and others to be able to pay for his disease. The employees at DEC had to put in extra time and carry the extra workload to compensate for his frequent treatments. Besides, people were not even informed about the reason of his absences, and thus had a reason to believe that he was merely using them to take time off work to attend to his personal matters. Utilitarian Perspective If Jean had viewed the happenings from a utilitarian perspective, she would merely be concerned with the consequences of her decisions, and in evaluating those consequences, her primary focus would be the amount of happiness or unhappiness of the people that would result from it. Thus, dismissal of Frank Deloisio seems a plausible option. If he had been fired for his illness, the company would have to replace him with a different person who would most likely be able to handle the responsibilities, devoting more time to them. Then all the employees would be happy, as they would be relieved of their extra responsibility. As for Frank, he would be less important, as his troubles are those of a single person. Deontological Perspective From a deontological view, it is necessary to do what is right regardless of the consequences. The view taken and the practical steps depend on the stance adopted towards what is right or wrong. Thus, if the right thing is standing by the sick person, then the right thing is to help Frank in his predicament, sharing his responsibilities. One could say that a sick person is not able to care for oneself, and thus it is correct from the ethical standpoint to share the benefits available to other people to help the sick one. On the other hand, if one adopts the view that the ultimate good is efficiency, then Frank’s dismissal is a viable option as he is clearly in the way of the company’s success. His replacement with a different person would contribute to the efficient functioning of the company as a whole. Fairness to AIDS-Infected Person Fairness means dealing with people honestly and in accordance with principles. In this sense, the manager’s obligation consists in dealing with employees fairly, without bias or prejudice. Thus, a person suffering from AIDS should be dealt with in the same manner as any other person who is suffering from a serious health disorder. This also means that the manager should induce all the employees to treat the one infected with AIDS in the same manner. Thinking about Rights Maintaining the rights of a person requires the adherence to a certain set of principles. For instance, the sick person has the right to confidentiality, and this is what Jean has been trying to do for Frank. Besides, Frank was also entitled to company’s medical insurance, and the full coverage of the costs associated with his illness. Regarding a case from this perspective involves the maintenance of a number of basic principles, but there is always the danger that something might fall through the cracks. For instance, if the person is not entitled to a change in job responsibilities, this will not be pursued by the manager as it is not part of the sick employee’s specified rights. How Jean Did Jean, although unprepared to deal with a situation like that, lived up to the challenge of solving organizational problems in her department. She was not reached by the AIDS programs to the extent that she could derive her knowledge of what she could do from that source, and thus she was acting based on her own ethical judgement. Jean went far beyond what was necessary according to the formalities at the company. She assisted Frank in adjusting his responsibilities to suit his current health conditions, and even had an idea to coin a new position designed for him where he could emphasize his technical skills, without putting pressure on him that he could not handle. When his health deteriorated, she relaxed his responsibilities even further. This raised her authority with the personnel, allowing people at the company to see that she was ready to go beyond what was prescribed by the rules to accommodate her employees. In a way, her own ethical perspective was changed: if previously she looked at the people as professionals, restricting her relationship with them as a purely business one, now she could show that she was ready to see them as unique individuals that are important not only as cogs in the machine. Perhaps the clear-cut nature of the case that involved helping a sick person helped Jean to make a leap from a strict and formal manager to a life-and-blood personality. If Jean had been confronted with a more ethically ambiguous case like accommodating the frustration of person in the middle of a divorce, she would be more tempted to think along the lines, â€Å"They have to cope with their problems on their own†. Facing a situation of someone hopelessly ill changed her behaviour and views. Conclusion Jean did well as she preserved the rights of a sick person, acted fairly, and was good at maintaining the basic principle of helping a sick person. Jean’s actions were also right from the utilitarian perspective in a sense. Supporting an employee in need helped her to uphold her image in the eyes of others, as well as the image of the company. The employees at DEC were able to draw the conclusion that if they fall ill with AIDS, they can probably expect the same sensitive and insightful treatment. This idea is going to boost their morale in the long run, and increase their loyalty for the company. The case made headlines, which is going to serve as positive publicity for DEC, elevating the corporate image. It is perhaps unfair to suspect Jean of such a motivation being her primary driver, but this serves to show that her actions gain support from both deontological and utilitarian perspective.

Characteristics of Online Writing Paper

Characteristics of Online Writing Paper The Basic Facts of Online Writing Paper The last text will looking nothing like the very first draft. Then compose a thesis or focus statement, which must reveal your own perspective. Utilizing a writing service is the best means to have a well-written essay to use as a guideline to make sure the essays you write are hitting all the crucial points and are at the appropriate depth necessary for your academic grade. A 1 hour essay deadline may be true problem, if you're not good enough at writing and expressing your ideas on a topic you aren't really interested in. What About Online Writing Paper? Mastering the art of choosing writing service There's a variety of essay generators readily available online. No one could ever know whether you used our expert services. Essay writing is contained in the programs of the majority of institutions. Hence, if you believe banking essays are boring just like your company studies are, then you're probably wrong here. Writing College research papers College courses demand many different sorts of writing that employ a number of strategies for various audiences. When it has to do with academic papers, at times it can not be possible to fulfill all deadlines and stick to high academic standards. Online Writing Paper Secrets That No One Else Knows About As soon as your essay is completed, online writer will paper you the last draft. It is possible to buy essays online from various companies nowadays, so please be conscious of the simple fact that a number of them have already pre-written essays or maintain a database of the completed papers. Tell yourself which you can write articles. If you would like to compose articles but can't appear to begin, I'd love to show you an effortless method to compose articles without stressing out. You should make certain that you select a topic from a location that interests you or which you are conversant with. Some students don't need to purchase essays written from scratch, but simply require an editor who will be in a position to create all necessary modifications to a paper of 1500, 2000, or words to allow it to be perfect. If you're thinking that you will need someone to compose my essay at this time, you can merely rely on our honest reviews. You should also understand how to compose a persuasive essay, namely how to organize elements of the persuasive essay in how that will get the job done best. You are going to be surrounded by writing professionals throughout the plan of order placement, and the moment you opt to purchase essay and select an allocated writer, things are likely to get even more exciting. Often there are many article writers within the timeframe of many years. Your article also needs to be in a position to catch and hold the reader's interest. That means you can remain certain that you locate an individual in our essay writing service which could be trusted. Review your own term paper to discover whether the paper meets all the requirements. The papers should also be shown in an acceptable structure. You've got to compose several academic papers over the span of a year. Writing fantastic biology papers should generally start by selecting an excellent topic for your paper. If you are in possession of a special or rare writing need which may not be listed below, please speak to us we know we can assist you. Thus, you should be certain that you're able to order an article anytime you need and get it done a few hours. If you don't feel just like you have enough time to compose essays all on your own, we will give you a hand, any instance of the day, seven days weekly. If you do decide to compose a novel in 30 days, remember that you're writing a very first draft. Consequently from using our services, you will be given a custom-written paper you may use for your own purposes. You have to spend a certain sum of time sitting in the library or surfing the internet to be able to discover some helpful data for your academic paper. Completely free revisions The service contains the feature that will save your money if you should change the paper. However urgent service is, we will create an incredible paper for you. Our customized essay writing service involves lots of completely free bonuses like free cover page, totally free outline, and totally free bibliography page. Annotated bibliographies of internet sources can be especially useful due to the multitude of pages associated with one website. APA style utilizes an author-date citation. MLA style doesn't require URLs in bibliographic citations, but for an annotated bibliography, you may want to include it so you can readily find the website again. Briefly following that, you're likely to be provided a link that's download e-mail. The duration of the totally free trial rides on the provider. The service is usually not free in the future, but you can benefit from the free trial, which saves you money and enables you gauge its efficiency. It's possible that you find a reliable summarize tool online to help you do it.

Definition and Examples of Assemblage Errors in English