Operation Troy (Dark Seoul): Previous Cyber Attacks and Response

In this post I compare previous major cyber attacks prior to Operation Troy and present my thoughts on the responsiveness of the authorities.

Stuxnet

Stuxnet was discovered in July 2010, but the earliest known variant is confirmed to have existed since 2007 [11]. Stuxnet caught many security researchers and professionals by surprise, being the first advanced malware of its kind. According to Symantec’s report [12], Stuxnet is a complex threat that was primarily written to target an industrial control system (ICS) or set of similar systems. A vast array of components was implemented in the malware including four Zero-Day exploits, a windows rootkit, antivirus evasion techniques, complex process injection and hooking code, network infection routines, peer-to-peer updates, a command and control interface, as well as the first ever PLC rootkit. Stuxnet’s main payload has the main purpose of modifying code on Siemens industrial PLCs in order to sabotage the system. It is widely believed that Iran’s Natanz nuclear Fuel Enrichment Plant (FEP) was the intended target. (more…)