Cracking the profiles

Cracking the profiles

When you think long enough about the cascade shape and have all the numerical values available, it gets easy to determine how the attack profiles mentioned earlier are constructed. Profile one is simply the cascade shape. Profile four is the cumulative number of...
Applying Aqazadeh’s revelations to Stuxnet forensic analysis

Applying Aqazadeh’s revelations to Stuxnet forensic analysis

A good strategy in cyber forensics is to not only look at the code, but also, and predominantly, at the data. Data structures may reveal much more about a cyber attack than code. Just remember the thing with the 6×31 drives in the 315 forensics: It was data and...

Technical Stuxnet article in Control magazine

Ralph has written a short technical article on Stuxnet for control system engineers that was printed in Control magazine (January 2011 edition) and is also available online.

What Stuxnet is all about

Once upon a time, some organization which follows the nuclear situation in Iran closely determined that international sanctions and sabotage would not be sufficient to stop the growing enrichment capability in Natanz. Iran was installing new centrifuges at a speed...
Cascade cluster performance manipuation

Cascade cluster performance manipuation

This cascade cluster performs poorly. The black line gives an idea why. Black line corresponds to the right vertical axis, cascade lines to the left. (Data extracted from actual 417 attack...