This, without a doubt, was one of the top incidents of the year. At first glance Stuxnet was a worm that spread through USB devices like many others. But there was something special — simply by viewing the content of the USB drive, for example, using Windows Explorer, your computer would be infected. This was achieved through a 0-Day implemented in the worm, exploiting a previously unknown Windows vulnerability.
To ensure that it went undetected, it installed a driver to implement rootkit techniques, a driver that was signed with legitimate — but stolen — digital signatures. Yet it didn’t take any action on infected computers, other than self-propagating. Unless, that is, there was a Siemens PLC (Programmable Logic Controller) installed on the system. In this case it would use another unknown vulnerability, in the PLC, to read and write information.
The complexity of Stuxnet suggests that it is the work of a team of highly specialized technicians, with considerable financial support (we’re talking about millions of dollars), equipment and the ability to purchase 0-Day exploits on the black market. This has led to speculation that a country could be behind the attack. What we do know for sure is that the Bushehr nuclear plant was infected, or at least it was confirmed by the Iranian authorities.