Top tips to guard against Stuxnet

There is much that security professionals can learn from Stuxnet, says Adrian Davis, principal research analyst at ISF for the Stuxnet Think Tank. The malware should have sounded a call to action on several fronts.

There is much that security professionals can learn from Stuxnet, says Adrian Davis, principal research analyst at ISF for the Stuxnet Think Tank. The malware should have sounded a call to action on several fronts.

First, says Davis, IT managers should ensure all laptops, servers, desktops, multifunction devices and process control systems are configured correctly and securely.

Second, never allow anything on the network to connect directly to the internet. “Route all traffic through your firewalls and demilitarised zone [DMZ],” says Davis.

“If there are devices that need to connect directly, don’t put them on your network or put them behind a firewall. Control connections to devices using VPN access, and consider physical or logical segregation of your networks.”

Third, where possible, disable the use of USB devices, says Davis. “If you have to use USB sticks to transfer data or updates, consider using dedicated USB devices.”

This was last published in November 2010

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close