Breakthrough in Stuxnet analysis and investigation, more

Thanks to some tips from a Dutch Profibus expert who responded our call for help, we’ve connected a critical piece of the puzzle.

Since our discovery that Stuxnet actually modifies code on PLCs in a potential act of sabotage, we have been unable to determine what the exact purpose of Stuxnet is and what its target was.

However, we can now confirm that Stuxnet requires the industrial control system to have frequency converter drives from at least one of two specific vendors, one headquartered in Finland and the other in Tehran, Iran. This is in addition to the previous requirements we discussed of a S7-300 CPU and a CP-342-5 Profibus communications module.

A frequency converter drive is a power supply that can change the frequency of the output, which controls the speed of a motor. The higher the frequency, the higher the speed of the motor.

More: http://www.symantec.com/connect/blogs/stuxnet-breakthrough?om_ext_cid=biz_socmed_twitter_facebook_marketwire_linkedin_2010Nov_worldwide_stuxnetdossier