The Stuxnet malware is designed to be as stealthy as possible and targets mainly SCADA systems. The attack exploits a zero-day vulnerability in the way that all currently supported versions of Windows handle LNK files. The malware also exploits a vulnerability in Siemens WinCC SCADA control software, which runs on industrial control systems in utilities, power plants, manufacturing facilities and other key environments. The involvement of a nation-state is the most likely scenario, Kaspersky Lab’s Roel Schouwenberg said.
Source: https://threatpost.com/stuxnet-attack-shows-signs-nation-state-involvement-experts-say-080410/74291/

