The writer is very fast, professional and responded to the review request fast also. Thank you.
****** ***** # ** ********* ********** *** ******** ******** PlanningMonday 6 ** ** pmProfessor: Dr ****** U Nwatu PhD *** BSBA **** *** **** MCP+I *** *** ********* ********* * ********** TorresTable ** ******** **** ******* Explain *** ******** ********* ******** *********** ******** ** ***** ** receive *** ******* sent by Stuxnet-infected ********* *** describe **** their ******** ************************* * **** ******** **** *********** were ********* ** ******** with *********** ********* DLL **** ****** **** *********** ******** of ******* *** **** ********* dangers ** could present in the ********************************************************************************************************** * **** ********* *** ******* ****** **** ******** *************** *** **** to ******* ***** *** *** seem ******** just * ****** ** ******* earlier…………………………………………page * ***** ****** whether ** *** ** *********** **** *** **** made in ***** Stuxnet was ****** * ******** ****** on an Iranian ******* ******** ***** ** the ******** *** *********** of *** *********** Provide **** rationale **** your response…………………………………page # 14 References………………………………………………………………………………page * ************************************************************************************************************* # ********************************************************** ***** ** ********* ************* the ******* titled ****** ******* Detectives Deciphered ******* the **** ******** Malware ** ********** ******* at *** ***** **** *********************************************************************************************** Explain the ******** ********* ******** *********** ******** ** order to ******* *** ******* sent ** **************** ********* *** ******** **** their analysis *********** * culture we’ve ****** ** ********** ** *** *************************** ** cyber-threats **** ****** ********* ***** after * ****** ********* or *** **** tricky new ****** *********** ****** **** ****** ***** **** **** ***** **** **** ******* Neverthelessapersistentthreatintended ** ****** ******* power ******** ** ** ***** *** **** ***** ******* in **** ** all places ****** ****** *** ******** **** ********* ********* *** **** ofEvery *** and then *** it ***** ** * ****** ***** to ***** *** ***** world to * ****** ** happened ** **** 2010 That *** **** *** ******* computer ***** made headlines for ****** ******* ****** enrichment plants *** ***** ******** the regulator of ********* ********** *** damagedfilters **** for uranium development ** a **** stroke *** ******* ****** *** ********** **** adisturbing ***** Even *************************************** and ******** ************** like ***** ****** *** *********** to ****** ********* ******* *** ***************** ********** ************* ***** ****** *** defendthe ********** ********** against ******* and ****** *** become * ****** ** ******* ******* ** *** nuclear industry ******* was * ******* **** *** the entire ********** ****** ********* David ****** marketing ******* *** Industrial ******** ** ********** he ******** ****** digital ***** wasn’t an ******** **** ** **** ******** experts discovered *** **** ********* The **** **** ******** information ** **** attacks ***** the ***** Trojan ***** spied selectively ** companies ** *** ******** ******** *** *** ****** and ******* search ******* **** ****** *** ******* ********* ******* right ** *** ********** ***** ******** ******* *** ******** ***** date ********* ** ************* *** ******* ********** ******* ******* 14 *** domain ************ information for *** *** **** **** ******* Stuxnet **** ** might **** **** *** ***** ** ****** its ********** ** around ******** 2005 *** *** ******* ******* was develop ** **** the ********* ******** ** * ******** ** **** * ******** ** **** ** days ***** to *** ******** **** ** the version * Therefore ******* ** ** *** ****** ******** ** ******* that have been ************* **** **** *** *********** **** the ******* and control ** & ** serversand stopped ** ******* 11 2009 **** ******************** ******* **** * ****** and **** ***** 2011]Picture * * **** *********** W32Stuxnet ******* Version 14Stuxnet 1101 *** ******** ** **** **** *** ********** ** ** ******* **** ******* ** Stuxnet for ** least *** **** ******* *** ******** **** ****** *** ******** ** ********** were found ** **** Stuxnet enclosescountless structures **** ****************** through removable drives ************ * weakness ********** ******************* ** *** ********* Windows ******** ***** when *** ********* ***** is ********* to *** PC **** spreads ** * *** through *** Windows print ******* service ****** **** ********** *** ********* ******* ****** ******* (RPC) ******** ****** code execution **** copies *** executes itself on ****** ********* ******* network shares ******* ***** ******** servers ****** ***** copies of *** ***** ** **** * *** **** automatically ******** when the step ***** ******* ** ****** then ******* ****** through * ************ ********* within * *** then ******** a command and ******* ****** **** allows *** ****** to ******** *** execute **** to ****** ******** ********* ******* ******** **** contain *** Windows ******* **** hide *** binaries **** *** *** ******** *** bypassing *** ***** ******** ******** ******* ** the ******** *** ******* ************** *** ******* system and ********* the **** **** ***** the Siemens **** *** ** potentially ******** *** ****** and ** *** *** ***** the ******** **** ** the ******* for PLCs[Falliere ******* **** * Murchu and **** ***** ************ * 2 **** *********** W32Stuxnet ******* ******* ********* **** uses ******* ***** ** ******* *** chances **** ** **** ** ******** ******* * * ***** *** the **** run ******** **** off **** **** *** **** add * *** ******* ** the ******* **** The command that is ***** ** found ** ********************************* This ** ******** *** “Open” ****** *** **** viewing the ******* **** *** *** ********* ****** *** **** will actually *** *** ********** ******** One of ***** Open ******** ** *** legitimate *** and one ** *** ******* ***** ** Stuxnet ** * **** ******* to **** *** drive *** **** menu ******* will ******* ***** Stuxnet **** ***** the drive ** **** that anything ********** has ***************** Nicolas Liam O ****** *** **** Chien ************ * * **** Global ********* ******************** substantial ******* ******** ********** ** the US **** ******* * * shows *** the conditions in Europe ** entirely similar ** *** ** **** Global Infection ** ************* ***** *** ** ********* ******** ** ******* ***** Thomas ***** a ****** ********** at *** ARC ******** ******** ***** **** ***** *** *** ****** attacks **** ***** ***** ***** *** **** ***** serious ********* damage *** ***** ******** ******** people *** the environment *** example ** ******* ********** the controls of * drinking ***** purification ********* The **** **** ******** like ***** *** ******** ** *** ** ********** **** *** ********* computer ******* trends ** *** **** few years *********** **** ** be worry [Thabet Amr ******* the ******* virus ****** is ** obvious ******* Israel ********* a nuclear **** to ** * nonstop *********** danger But ***** *** ********* ** **** ******** that ****** who really ****** **** **** This Stuxnet **** ** * dynamic **** library **** loads **** *** ******** *********** *** initiatesimplementing ** ********* *** a ******* ***** “stub” There are some theories ********* **** the ********* ** Israel as *** ********** ********* *** ***** *** ******* that ********** from ****** the malware **** ** the ******** **** *** ********** control ******* ***** Siemens that ******** ***** the rumor **** **** *** **** been *** goal ** ********* ***** target and ****** *** have been involved ** the ******** of ******* ***** ** ******* by the *** York ***** warnedthat Stuxnet *** * ***** ********** *** **** *** ****** ** Israel’s on ********** ******* ******* ** *** ****** ******* complex ****** **** ***** ** *** ******* * **** ***** **** ****** **** **** *** worm ****** ******* ** ****** until * **** later ********** **** *** all *** ******** ************ the **** *** ********* at escaping detection ** compromised ******* *** ***** evidences aren’t **** ********* ** *** ***** *** *** ******** ***** a ******* ***** ******* Amr ************ * * **** *********** W32Stuxnet ******* Version ************* industrial ******* systems ********** *** more *** more *************** networked **** ***** *** **** *** **** of * *********** ** systeminternetIndustrializedspying ** more and **** ***** of ******* ** ***** ********** ********** With * ********** ******************** *** state-of-the-artcomputerization ********* **** ******** IT ******** ********* **** ***** ********** for **** kind ** virus such as ******* ***** **** targets ******** industrial ******* system **** in ******* ********* ** power ****** The ******** **** ** ******* ** to ******** that ******** ** reprogramming logic *********** ******** ***** from * remote area which ******** as *** ******************* ******* *** ******** ** ***** ******* ** *** *********************** Nicolas **** * Murchu and **** ***** ******* of ********* ** **** *** **** *** shown that ***** *** ************* 100000 infected ***** *** ********* *** ******** **** Global Infection byWin32/Stuxnet ***** *** number ** ****** ******** hosts ** country and *** ****** ******** ***** on WAN ** ****************** Nicolas Liam * ****** and **** ***** 2011]Picture * * *** * **** Global ********* byWin32/Stuxnet2 ******** **** *********** were surprised ** discover **** *********** malicious *** **** ****** **** *********** ******** ** ******* and what potential dangers ** ***** ******* ** the ************* ** a ****** **** was ****** ******* ** ****** an industrial control ****** or ******* organizations ********** ******* systems *** **** ** gas ********* *** ***** ****** Its ***** goal was ** reprogram *** machines **** **** *** ********** ******* systems ***** *** ********* the **** ** *** programmable ***** controllers ****** ** **** this ******* **** ** * *** *** ******** intended therefore ****** *** ** ***** ******* from the people **** operate theseequipment ** ***** ** ********** **** ********* the ******************* * **** ********** ** ********** ** ******** their chances ** success **** includes zero-day ******** at *** ******* ********** ** *** ** the first **** *** rootkit ******* antivirus ******* ********** witha ******************** injection ** ******* rootkit **** ** **** *** programing ***** ******* ** **** ******** *** ************ ******* ** *** ************ ********* ** the ********************* ** the ******** *** ************ ******* *** the command ******* ********* intranet ** ********** *** *** ******* ****** ***** only ******* ******** equipment ***** **** ** ****** **** ***** *** ****** *** **** complexity ** the ******** ** **** **** *** *** ** when it *** ******* ********* ******* **** * ****** and Eric ***** *********** ****** *** ***** companies ** ********** to **** network ******** ********* *** *** ******** ** *** ** that *** ******* connectionsfrom employees that are ********* ********* **** ***** **** **** ** ***** ** ****** ******** *** ****** ******** ** **** ******* ** assembly *** ***** ********* * better overview ** *** procedures *** slashes *** **** ** *********** *** production *** ********* * ******** **** ********** ******* *** ******** ****** *** ******* *** *** ****** **** their fragile ****** *** ***** ********* *** ********* **************** for ******* *** espionageCorporationsdepend ** **** ********* ********* **** *** ******** and *** ****** ******** **** ** **** ***** **** the Internet ** **** ** standardized ******** **** ** ******* These ******* enable ********* ** **************** *** stages ** their ************ from ********** ** top ********** ***** ***** **** data can ** *** in * straight **** from ********** ** the *********** ERP *************** ******* Liam * ****** and Eric ***** 2011]Stuxnet ** *** **** a *** ***** ** **** *** ****** * *** *** ** ************* malware **** ***** ******* *** ******* ** ******* and ***** goals *** hear about a ***** ******** ****** or ******** banks or ****** cards but ******** the ***** **** you **** ***** ***** ******* buildings ******** ******** ** kills people *** ******** Stuxnet ******* has ********* a *** ** attention **** ******* investigators *** media ** *** **** year It’s generated ** ******* ****** ******* programThis multifaceted ****** uses up ** **** ******** *************** in ******* ** *** containscountlessbehaviors ** elude ***** identified ** *** *********** antivirus blocking ******** ** ******* *** ******* ******* reactor *** *** ******** ** infecting *** Programmable ***** ********** (PLC) **** controls *** ******** and ********* *** code **** worn was ******* mainly ** sabotage *** ******* ******* ******* It ******** *** ******* programs ***** ******* *** behavior of the machine ******* *** ************ * * Stuxnet Live ***** ** ******* OSsStuxnet ******** ** *** ****** ***** ********* according to Symantec ******** ******** ********** **** O’Murchu ******** ** ******* configuration *********** ***** *** ******* ****** ** a ******************* ****** **** *** ********* *** **** to **** * ****** *** actually ********* *** *** ** ******** ***** ****** *** they **** the **** ** **** *** **** and **** they **** code ** *** ******** machines that **** ****** how the **** ***** ******** **** ****** *** **** ***** ******* ** ****** facilities **** ** Iran’s ************* ******* ******* before ************* control ******* to spin ** ********** centrifuges *** **** **** **** **** ********* on * ** ******* uses ******** default passwords ** gain ****** to the ******* that *** *** WinCC *** *** * programs ***** regulatethe ************ ***** Controls(PLC) for the ******* ***** plant ** **** in ******* * * **** ***** ** *** Windows ********* ******* ******* *** 2010]The ************* **** ** ******* ***** is ********* to ********** how *** ********* *** ******** ********* *** **** other ****** ************* ******* **** ********* ** ***** ******* *** **** ** * ******* **** ********* a ****** buffer *** the *** **** ** ** loaded **** ** patches * ntdlldll **** **** ***** names: ZwMapViewOfSectionZwCreateSectionZwOpenFileZwCloseZwQueryAttributesFile *** ************** ******* ***** APIs ** **** ********* ************* *** ***** ****** ** **** ZwOpenFileand read *** **** ******** on the **** ***** *** ********* *** patches that ******************* **** the *** ******** **** ** * ****** location *** **** from the hard ******** it ***** for function #15 ** the Main ******* *** **** ** show ** ******** ** *** * ******* *** ************ * * *** 9 **** symanteccom ********** ******* ******* 14 3 ********* *** primary ****** **** critical infrastructures *** **** to ******* which *** *** **** possible just * ****** ** ******* ********** ** the ******* ******* *** critical infrastructure to ***** is that **** ********* **** continuously **** *** **** ******* **** enclosing *** ***** physical ********* **** ********* about ******** malware but with the ********** ******** ********** software ******* design *** ******* ************** **** ****** ****** management capabilities and ********* ******** ************ therefore *** ******* ** **** ******* **** ******* and the ****** ** ******** **** * ******* ***** ***** ********** or damaging the ***** ********* from behind * ******** ****** ******* ****** *** ***** *** changed from the ***** ** ************ to be for **** **** **** ****** ***** security ********** ************* ************************* ** establish *** *** ********** and ******** ******* Possibleentries *** ****** *** **** **** by *** ******** ** ******** programming code *** it ** ******** possible ** ***** ***** **** ****** **** ********* *********** ****** *** ********** code development[Thabet Amr ************ ******* reason *** *** ******** ******************* ** be protected ** ** ************* ********** ************ ******* ******* for ***** ***** ********* disabling ****************** ********** ** can no longer ** **** *** ******* ** *** ****** As of ***** Stuxnet ********** **** *** *** ** *** ****** ** **** ***** Heinze ********* ******* *** ********** ******** at ******* says ************* products are ************ **** secure now”“But ***** ********** automation ********* ** **** one part ** ********** security” ****** best ******** ******** **** ***** **** multiple ****** of ******* **** ******* * **** ********** ****** **** all sides *** ****** ** ****** *********************************** **** to keep *** ****** system *** *** network ****** *** ********* *** ********* * ***** ******** plan **** ******** all of *** ******** protective measures like ****** turnstiles ******* *** ********** **** readers ** **** ** ************** ******** **** * security ********** ******* ******* ******** ******* **** ********** networks are ******** **** unauthorized ****** *** potential gateway **** ******* ** *** ****** ****** points that ********* ************* use ** maintain ***** ********* remotely[Thabet *** ************ # 10 ****** ********* ****************** ******************* ********** ************ Thomas ***** ** *** ******** ******** ***** ***** “Anyone *** gains ****** ******* ***** ****** *** ** things like ****** ****** ** or off or *********** ******** **************** ********* are ********************** **** **** ******** **** ******* and prohibits ***** of entry ** ******* ******* # ** **** ****** ********* ******* ***** how ******* virus broadcasts throughout *** whole ****** Even ****** security resistancesoriginate from segmenting the ********** ******** could not ****** ******* virus A ****** *** **** ****** ********** for networks ** to ****** ** **** **** ****** network ***** ******** **** ********* monitoring *** ********** ******* **** **** ******* **** to the ******* ********* IT intranet ******** ***** ** also * ******* ****** for ******* For ******** ************** ** particular experts ********* ***** ******* private ******** ********** completely ********* **** transmission ******** ******* ****** or ** ****** ** **** ****** ** **** **** of *********** ******* *** ************** ******* **** O ****** **** ***** ************ # ************ Dossier ******* 14This File is * ******* link library **** ***** into the ******* Explorerexe **** it ****** *** ********* ** searching for * ******* ***** ********** ** searches *** that ******* ** *** task ******* to ****** ****** ******** **** *** ********* ** *** ****** *********** it also *********** ********* system *** ********* *** ******* ******* ** ****** ****** XP ***** and ** ** ** *** ***** the process in *** ********* ****** ***** ** needs ** ****** it moves ** ******* ****** **** a ********* ********* ******** ** different ********* ****** ************ ****** ** the configuration data ** ******* *** current **** ****** for ************* ***** ****** ** ****** *** running ** ************* ***** ** **** *** ** *** zero-day ********* ** ******** *** ********** *** run ** *** ************* ***** *** ********* ****** by ********* *** an ********* *********** ********* ** the ******* ********* on *** antivirus *********** **** or ****** or what?) Stuxnet chooses *** process to inject ****** into ** ********* no ********* program ** **** ***** to the *********** *** ******** ** inject specific ***** **** would **** **** *** virus programs such ** ** picture * 11shows ******* *** ******** ********** ** the Defense ** Depth ***** ** *** ********* ** ********** ******* and *** safety of ************ property **** ******** protecting ********** systems ******* ********** *** ************ ********** ***** systems ** ***** words *** ********** **** ***** ****** communicate with machines *** ******* ** ** ****** **** ********* ******** **** factor ** *** primarily solution for *** protection of infrastructure ** ******* facilities that *** ********* **** ************ *** ********** ** *** ******* ***** scanners *** **** **** ** protect against hackers in ********** ** ********* ******* ****** *** ****** *** addition ** ***** ** a ******* **** **** ******* *** processes and ******** that * ******** ** ******* to *** in *** ** *** ***** it’s ********* ** make **** **** costs and ******** are **** in ********** that maximum ******** ******** ******* *** ** making products ************* complex [Hines **** ************** ******* Liam * ****** *** **** Chien ****** ****** ******* ** *** ** *********** **** *** **** **** ** which ******* was indeed * ******** attack ** ** ******* nuclear ******** ***** ** *** ******** *** *********** ** *** *********** ******* **** ********* **** **** response The ******* ***** ********* just ******* ** away *** *** ********** ***** of ******** of it ****** ** *** **** **** ** *** **** ** the **** ************* characteristics ** any ****** that we’ve ****** seen ********* these **** **** ***** ***** *** it’s honestly **** ** ******** the last major ******* ****** ** hostile **** ** ****** **** *** ***** ** ** ******** **** *** ******* *********** ** allLet’s *** **** **** Stuxnet ** only the **** ** ********** **** ****** *** two sides ******** ** *** ******* ***** doing ** good a *** ** ******** in ******** such ******* ****** *** ****** ** outIn *********** thinks **** ******* ** something **** **** Iran’s *** ** ** worried with ************* **** are ********* mistaken Not **** **** US **** structures *** **** ** ***** kinds ** battles most ******* seem ** ***** **** ***** ****** ********* *** ***** *** ******** *************** *** ***** unprepared ** ward *** **** ************** **** 2010][Falliere ******* **** * ****** Eric ***** ******** no ****** what ********* *************** are ***** ******** *** ***** ** sealed ********** can only attempt ** **** *** ********* ** hackers as high ** ********** *** ************ ******* their defensive proceduresup-to-date ****** ********** ************ ****** ***** ** *** ******** ******** group **** ********* **** ********* **** *** just ********** *** *** entire ***** ******* ** ********* ** *** ********** ***** *** *** ****** from ******* ********* keep companies **** ********************** **** ************** ****** *** **** ** cyber-attacks ** **** *** ******* ***** ***** get just what they want to ** ************ ** ********** **** ** this **** ** going *** long *** ************ **** 2010][Falliere Nicolas **** O Murchu Eric ***** ********* ** *** problem *** **** **** ********* **** ***** been ***** as *** *** **** partstate-of-the-art ** ******* *** **** ** assess ***** ** security ********* ** general *** **** very *** have ***** ********** ** hands-onactions ** ***************** ***** *** **** ***** **** **** ********* ***************** was to ** ********* ********** oversightinspections *** dome ** ******* ***** *********** ******* ********** ** test the ******** efficiency of these ******* ****** ************** ** *********** *** **** ***** to ********** ************** ********** *** that **** determinations ** ****** **** *** ******** ****** along by standards such ** *** NERC CIP mandate ***** requires **** ********* ** **** *** ******** **** ** ***** security ******** and prove ***** ************* to ******* ******** ******* even **** ******** seems ******************** *** ********************* ** **** companies *** * ****** **** *** ** ******** ***** procedures **** ***** ******** compromised;nevertheless ****** infrastructures *** ******************* *** imminent ***************** **** **** *** *** ************ ** *********** security ********* within **** ** *** software *** ******** ********** ********* ** ******* power **** with lies at *** ***** ** the problem[Hines Matt ************** Nicolas **** O Murchu **** Chien **************************************************************************** ******** ******* **** * ****** *** Eric Chien ************* ******* Version 14” February **** ************************************************************************************************************ ****** ***** marketing ******* ******* ********** ******** ** * **** * siemenscom/future-of-manufacturing ****** ****** *** ************ for decision ****** ** ***************************************************************************************************************************************************************************** Hines Matt ******** ** ********** ****** **** Providers ******** *** ****** Assaults?” ******** ** **** ******** **** Network 4 Symantec ******** ******** Stuxnet *** ****** ****** ** *** ********************* *** ******************************************************* ******** ***** ********* ***** ** *** ******* ** ********** 071111 10:55 ***** *** ********* ******* ****** ******************************************************************************* Thabet *** ********** ******* ******** ******** Freelancer ******* Researcher ****** ** Pokasx86 ******** http://wwwcodeprojectcom/Articles/246545/Stuxnet-Malware-Analysis-Paper 8 ********** Dossier Version 14 ** *********************** Picture * * * * * 9 *** ** **** symanteccom W32Stuxnet ******* Version ********* * * 5 6 *** ** **** Global ********* ********************** * 7 ******* Live ***** ** ******* *******
Click here to download attached files:
Analyzing Stuxnet case study 3 FINAL DRAFT.docx
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.
Read moreEach paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.
Read moreThanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.
Read moreYour email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.
Read moreBy sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.
Read more