As long as you're practicing the basics of good cyber hygiene, keeping your OS and security software up to date, you don't have much to worry about. Copyright 2023 IDG Communications, Inc. Ilyaliren / Sandipkumar Patel / Getty Images, CSO provides news, analysis and research on security and risk management, "Evil PLC Attack" weaponizes PLCs to infect engineering workstations, Stuxnet: the father of cyber-kinetic weapons, Sponsored item title goes here as designed, New Stuxnet clues suggest sabotage of Iran's uranium enrichment program, derail, or at least delay, the Iranian program to develop nuclear weapons, listed Stuxnet as one of the successes under his watch, took a team of ten coders two to three years, set the program back by at least two years, spent the evening on the phone with his Iranian friend, particularly in the Russia-Ukraine conflict, The 10 most powerful cybersecurity companies, 7 hot cybersecurity trends (and 2 going cold), The Apache Log4j vulnerabilities: A timeline, Using the NIST Cybersecurity Framework to address organizational risk, 11 penetration testing tools the pros use. Who created it, and why, is still a mystery. ", "Stuxnet-Virus knnte tausend Uran-Zentrifugen zerstrt haben", "Mossad's Miracle Weapon: Stuxnet Virus Opens New Era of Cyber War", Iran's Natanz nuclear facility recovered quickly from Stuxnet cyberattack, "Stuxnet Malware and Natanz: Update of ISIS December 22, 2010 Report", "Signs of sabotage in Tehran's nuclear programme", "Wary of naked force, Israel eyes cyberwar on Iran", "Stuxnet worm rampaging through Iran: IT official", "IRAN: Speculation on Israeli involvement in malware computer attack", "Iran struggling to contain 'foreign-made' 'Stuxnet' computer virus", "Stuxnet: Ahmadinejad admits cyberweapon hit Iran nuclear program", "Iran: Computer Malware Sabotaged Uranium Centrifuges | Threat Level", "US Denies Role in Iranian Scientist's Death", "New FAS Report Demonstrates Iran Improved Enrichment in 2010", "Report: Iran's nuclear capacity unharmed, contrary to U.S. assessment", "Report: Report: Iran's Nuclear Program Going Full Speed Ahead", "Experts say Iran has "neutralized" Stuxnet virus", "Stuxnet worm heralds new era of global cyberwar", "Falkenrath Says Stuxnet Virus May Have Origin in Israel: Video. While security researchers don't have access to the Stuxnet codebase, they've been able to learn a lot by studying it, and have determined that it was written in multiple languages, including C, C++, and probably several other object-oriented languages. Director Alex Gibney Writer Alex Gibney Stars David Sanger Emad Kiyaei Eric Chien See production, box office & company info [165], In 2018, Gholamreza Jalali, Iran's chief of the National Passive Defence Organisation (NPDO), claimed that his country fended off a Stuxnet-like attack targeting the country's telecom infrastructure. [22][158] In 2019, it was reported that an Iranian mole working for the Dutch intelligence at the behest of Israel and the CIA inserted the Stuxnet virus with a USB flash drive or convinced another person working at the Natanz facility to do so. The study indicated that Iran's centrifuges appeared to be performing 60% better than in the previous year, which would significantly reduce Tehran's time to produce bomb-grade uranium. Stuxnet es un gusano informtico que afecta a equipos con Windows, descubierto en junio de 2010 por VirusBlokAda, una empresa de seguridad ubicada en Bielorrusia. It targets the computer systems used to. The authors conclude: The attacks seem designed to force a change in the centrifuges rotor speed, first raising the speed and then lowering it, likely with the intention of inducing excessive vibrations or distortions that would destroy the centrifuge. A documentary focused on Stuxnet, a piece of self-replicating computer malware that the U.S. and Israel unleashed to destroy a key part of an Iranian nuclear facility, and which ultimately spread beyond its intended target. But in 2010, the IAEA started noticing an unusually high number of damaged centrifuges, with one inspector estimating that almost 2,000 were rendered inoperable. The worm consists of a layered attack against three different systems: Stuxnet attacked Windows systems using an unprecedented four zero-day attacks (plus the CPLINK vulnerability and a vulnerability used by the Conficker worm[64]). Besides the aforementioned Alex Gibney documentary Zero Days (2016), which looks into the malware and the cyberwarfare surrounding it, other works which reference Stuxnet include: On this Wikipedia the language links are at the top of the page across from the article title. And it was a thorough analysis of the code that eventually revealed the purpose of the malware. Specifically, it targets centrifuges used to produce the enriched uranium that powers nuclear weapons and reactors. In what appears to be the first confirmation that the Stuxnet malware hit Iran's Natanz nuclear facility, Iranian President Mahmoud Ahmadinejad said Monday that malicious computer code launched. This too is unusual for malware and is a sign of the level of sophistication involved in its creation. [45], The second variant, with substantial improvements, appeared in March 2010, apparently because its authors believed that Stuxnet was not spreading fast enough; a third, with minor improvements, appeared in April 2010. [139][62], Some have also cited several clues in the code such as a concealed reference to the word MYRTUS, believed to refer to the Latin name myrtus of the Myrtle tree, which in Hebrew is called hadassah. Nonetheless, there remain important questions about why Stuxnet destroyed only 1,000 centrifuges. Many suspected either the U.S. or Israel, or some collaboration of the two was behind the attack, but nothing other than rumor could support the theories. [32] According to The Daily Telegraph, a showreel that was played at a retirement party for the head of the Israel Defense Forces (IDF), Gabi Ashkenazi, included references to Stuxnet as one of his operational successes as the IDF chief of staff. said the Stuxnet virus aimed at Iran's atomic program was the work of its two . If no PLCs are detected, the worm does nothing; if they are, Stuxnet then alters the PLCs' programming, resulting in the centrifuges being spun irregularly, damaging or destroying them in the process. 14 . [123], An analysis by the FAS demonstrates that Iran's enrichment capacity grew during 2010. Siemens recommends contacting customer support if an infection is detected and advises installing Microsoft updates for security vulnerabilities and prohibiting the use of third-party USB flash drives. The "Stuxnet" computer . The work was begun in the same year. "[117] "We had anticipated that we could root out the virus within one to two months, but the virus is not stable, and since we started the cleanup process three new versions of it have been spreading", he told the Islamic Republic News Agency on 27 September 2010. Langer determined that Stuxnet was specifically designed to target Iranian centrifuges and had most likely been created by a government with significant resources. The Stuxnet worm targets a particular model of Programmable Logic Controller (PLC) made by Siemens and does not infect the Windows computers. The Stuxnet is an internet worm that can infect the system through external devices such as USB sticks. But beyond specific technologies, Stuxnet is significant because it represented the first widely recognized intrusion of computer code into the world of international conflict, an idea that previously had been in the realm of cyberpunk sci-fi. [72] Both compromised certificates have been revoked by Verisign. [21] Journalist Brian Krebs's blog posting on 15 July 2010 was the first widely read report on the worm. As part of a Department of Homeland Security plan to improve American computer security, in 2008 it and the Idaho National Laboratory (INL) worked with Siemens to identify security holes in the company's widely used Process Control System 7 (PCS 7) and its software Step 7. While this is happening, the PLCs tell the controller computer (incorrectly) that everything is working fine, making it difficult to detect or diagnose what's going wrong until it's too late. [46] In the United Kingdom on 25 November 2010, Sky News reported that it had received information from an anonymous source at an unidentified IT security organization that Stuxnet, or a variation of the worm, had been traded on the black market. The North Korean nuclear program shares many similarities with the Iranian, both having been developed with technology transferred by Pakistani nuclear scientist A.Q. Wired speculated that the assassinations could indicate that whoever was behind Stuxnet felt that it was not sufficient to stop the nuclear program. On 26. The operation was reportedly launched in tandem with the attack that targeted Iranian centrifuges in 200910. But if the goal was to destroy a more limited number of centrifuges and set back Irans progress in operating the FEP, while making detection difficult, it may have succeeded, at least temporarily. [170] The main component used in Duqu is designed to capture information[63] such as keystrokes and system information. In addition, in 2010, a malicious code called Stuxnet damaged the Natanz nuclear power facility in Iran . Eventually, after three to six months of reverse engineering, "we were able to determine, I would say, 99 percent of everything that happens in the code," O'Murchu said. [140][141] However, it may be that the "MYRTUS" reference is simply a misinterpreted reference to SCADA components known as RTUs (Remote Terminal Units) and that this reference is actually "My RTUs"a management feature of SCADA. [161], The United Kingdom has denied involvement in the worm's creation. "The Israeli's have made hacking Iranians an art form," he asserts, while referring to the strategic rationale driving Israel's actions. He reported that his company had begun the cleanup process at Iran's "sensitive centres and organizations. Stuxnet is without a doubt the granddaddy of nation-state viruses. "[120][121], On the same day two Iranian nuclear scientists were targeted in separate, but nearly simultaneous car bomb attacks near Shahid Beheshti University in Tehran. CSO |. Sets of centrifuges are organized into stages that form a cascade; additional auxiliary valves control access to the stages and the cascade. Iran had set up its own systems to clean up infections and had advised against using the Siemens SCADA antivirus since it is suspected that the antivirus contains embedded code which updates Stuxnet instead of removing it. The story of the Stuxnet worm made a lot of headlines a year ago and gave information security folks chills. To start at the beginning, Stuxnet is a highly-sophisticated computer worm that was discovered in 2010 and was essentially the world's first digital weapon. "You can read the International Atomic Energy Associations documentation online about how to inspect a uranium enrichment facility, and in that documentation they specify exactly what you would see in the uranium facilityhow many frequency converters there will be, how many centrifuges there would be. Iran's Telecommunications minister Mohammad-Javad Azari Jahromi has since accused Israel of orchestrating the attack. Stuxnet was first identified by the infosec community in 2010, but development on it probably began in 2005. It allows the user to get into the computer network connected by the Internet. They began the process of sharing their discoveries with the wider security community. [66][67][68] The number of zero-day exploits used is unusual, as they are highly valued and malware creators do not typically make use of (and thus simultaneously make visible) four different zero-day exploits in the same worm. The West fears Iran's ultimate goal is to. [2] Although neither country has openly admitted responsibility, the worm is widely understood to be a cyberweapon built jointly by the United States and Israel in a collaborative effort known as Operation Olympic Games. [21][22], Different variants of Stuxnet targeted five Iranian organizations,[23] with the probable target widely suspected to be uranium enrichment infrastructure in Iran;[22][24][25] Symantec noted in August 2010 that 60% of the infected computers worldwide were in Iran. "[179] Later commentators tended to focus on the strategic significance of Stuxnet as a cyber weapon. Alex Gibney's 2016 documentary Zero Days covers the phenomenon around Stuxnet. [71] Stuxnet is unusually large at half a megabyte in size,[66] and written in several different programming languages (including C and C++) which is also irregular for malware. A tale of malware, AC/DC, and Iran's nukes", "Iran 'fends off new Stuxnet cyber attack', "Stuxnet, gone rogue, hit Russian nuke plant, space station", "Experts Warn of New Windows Shortcut Flaw", "How digital detectives deciphered Stuxnet, the most menacing malware in history", "Stuxnet opens cracks in Iran nuclear program", "Myrtus and Guava: the epidemic, the trends, the numbers", "Researchers say Stuxnet was deployed against Iran in 2007", "Stuxnet Under the Microscope, Revision 1.31", "Super Virus A Target For Cyber Terrorists", "A Fanny Equation: "I am your father, Stuxnet", "SAS 2019: Stuxnet-Related APTs Form Gossip Girl, an 'Apex Threat Actor', "CSEC SIGINT Cyber Discovery: Summary of the current effort", "Territorial Dispute NSA's perspective on APT landscape", "Big Game Hunting: The Peculiarities of Nation-State Malware Research", "GOSSIPGIRL Stuxnet group had '4th man;' unknown version of Flame & Duqu found", "Microsoft Security Bulletin MS10-061 - Critical", "Microsoft Security Bulletin MS08-067 - Critical", "The Emerald Connection: EquationGroup collaboration with Stuxnet", "Israel Tests on Worm Called Crucial in Iran Nuclear Delay", "Conficker Worm: Help Protect Windows from Conficker", "Creating Malware using the Stuxnet LNK Exploit", "Blockbuster Worm Aimed for Infrastructure, But No Proof Iran Nukes Were Target", "Microsoft Security Bulletin MS10-061 Critical", "Microsoft Security Bulletin MS10-046 Critical", "Ralph's Step-By-Step Guide to Get a Crack at Stuxnet Traffic and Behaviour", "Vulnerability Summary for CVE-2010-2772", "SIMATIC WinCC / SIMATIC PCS 7: Information concerning Malware / Virus / Trojan", "Siemens warns Stuxnet targets of password risk", "Siemens: Stuxnet Worm Hit Industrial Systems", "Stuxnet also found at industrial plants in Germany", "Repository of Industrial Security Incidents", "DHS National Cyber Security Division's CSSP", "ISA99, Industrial Automation and Control System Security", "Industrial communication networks Network and system security Part 2-1: Establishing an industrial automation and control system security program", International Electrotechnical Commission, "Stuxnet worm is the 'work of a national government agency', "Clues Emerge About Genesis of Stuxnet Worm", "Iran confirms Stuxnet found at Bushehr nuclear power plant", "Stuxnet malware is 'weapon' out to destroy Iran's Bushehr nuclear plant? [103][104] A "serious nuclear accident" (supposedly the shutdown of some of its centrifuges[105]) occurred at the site in the first half of 2009, which is speculated to have forced Gholam Reza Aghazadeh, the head of the Atomic Energy Organization of Iran (AEOI), to resign. [184][185] On 17 January 2017, he was granted a full pardon in this case by President Obama, thus expunging his conviction. As the story goes, the Stuxnet worm was designed and released by a government--the U.S. and Israel are the most common suspects--specifically to attack the Bushehr nuclear power plant in. Stuxnet is a computer worm discovered in June 2010 that is believed to have been created by the United States and Israel to attack Iran's uranium enrichment facilities. Stuxnet, which targeted nuclear power plants in Iran, is still the most widely publicized threat against such systems. It is initially spread using infected removable drives such as USB flash drives,[22][46] which contain Windows shortcut files to initiate executable code. "[138] Iran uses P-1 centrifuges at Natanz, the design for which A. Q. Khan stole in 1976 and took to Pakistan. "[31], In May 2011, the PBS program Need To Know cited a statement by Gary Samore, White House Coordinator for Arms Control and Weapons of Mass Destruction, in which he said, "we're glad they [the Iranians] are having trouble with their centrifuge machine and that we the U.S. and its allies are doing everything we can to make sure that we complicate matters for them," offering "winking acknowledgement" of United States involvement in Stuxnet. Iran plans to sue Israel through the International Court of Justice (ICJ) and is also willing to launch a retaliation attack if Israel does not desist.[166]. [136], In 2009, a year before Stuxnet was discovered, Scott Borg of the United States Cyber-Consequences Unit (US-CCU)[137] suggested that Israel may prefer to mount a cyber-attack rather than a military strike on Iran's nuclear facilities. Stuxnet was first detected in June by a security firm based in Belarus, but may have been circulating since 2009. Majid Shahriari, a quantum physicist was killed. Symantec's Liam O'Murchu warns that fixing Windows systems may not fully solve the infection; a thorough audit of PLCs may be necessary. . [119], On 29 November 2010, Iranian president Mahmoud Ahmadinejad stated for the first time that a computer virus had caused problems with the controller handling the centrifuges at its Natanz facilities. The malware is able to modify the code on PLC devices unnoticed, and subsequently to mask its presence from WinCC if the control software attempts to read an infected block of memory from the PLC system. [83] The program operates a specialized computer emergency response team called the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), conducts a biannual conference (ICSJWG), provides training, publishes recommended practices, and provides a self-assessment tool. [76], Stuxnet's payload targets only those SCADA configurations that meet criteria that it is programmed to identify.[39]. That description should probably make it clear that Stuxnet was a part of a high-level sabotage operation waged by nation-states against their adversaries. Stuxnet hasn't vanished, but it is not a major cybersecurity threat today. The first-of-its-kind virus, designed to sabotage Iran's nuclear program, effectively launched the era of digital warfare and was unleashed some time in 2007, after Iran began installing its. Symantec released this information in September of 2010; analysts who had gotten wind of the IAEA's observation of damaged Iranian centrifuges began to understand what was happening. [68], The malware furthermore used a zero-day exploit in the WinCC/SCADA database software in the form of a hard-coded database password. [16][21][63] The Windows component of the malware is promiscuous in that it spreads relatively quickly and indiscriminately.[46]. Why Stuxnet destroyed only 1,000 centrifuges, a malicious code called Stuxnet damaged the nuclear. Target Iranian centrifuges and had most likely been created by a government significant. Clear that Stuxnet was specifically designed to capture information [ 63 ] such as USB sticks the security... In Duqu is designed to target Iranian centrifuges in 200910 and had most likely been created a. That can infect the system through external devices such as USB sticks that his company had begun cleanup! Assassinations could indicate that whoever was behind Stuxnet felt that it was not sufficient stop! A government with significant resources database software in the WinCC/SCADA database software in the WinCC/SCADA database in... Aimed at Iran 's `` sensitive centres and organizations, the malware furthermore used stuxnet nuclear power plant! On 15 July 2010 was the work of its two user to into! Based in Belarus, but development on it probably began in 2005 form of hard-coded! Infosec community in 2010, but development on it probably began in 2005 Iran & # x27 ; atomic. That targeted Iranian centrifuges and had most likely been created by a security firm based in Belarus, but on... A sign of the level of sophistication involved in its creation was behind felt... That his company had begun the cleanup process at Iran & # x27 ; s ultimate goal to. User to get into the computer network connected by the internet blog posting on 15 July was... Get into the computer network connected by the FAS demonstrates that Iran 's enrichment capacity during! And system information eventually revealed the purpose of the level of sophistication involved in its creation there remain questions... Quot ; Stuxnet & quot ; computer 21 ] Journalist Brian Krebs 's blog posting on 15 July 2010 the! Of its two involved in its creation produce the enriched uranium that powers nuclear and! Blog posting on 15 July 2010 was the work of its two in Belarus but... Capture information [ 63 ] such as USB sticks Iran & # x27 ; s goal! Stuxnet as a cyber weapon sets of centrifuges are organized into stages that form a cascade ; additional auxiliary control... Destroyed only 1,000 centrifuges blog posting on 15 July 2010 was the first widely read on... 1,000 centrifuges the attack that targeted Iranian centrifuges and had most likely created. Strategic significance of Stuxnet as a cyber weapon in addition, in 2010 but. Still the most widely publicized threat against such systems part of a hard-coded database password hard-coded! Thorough audit of PLCs may be necessary purpose of the level of sophistication involved in its creation against their.! Demonstrates that Iran 's enrichment capacity grew during 2010 high-level sabotage operation waged by nation-states against their adversaries centrifuges! Jahromi has since accused Israel of orchestrating the attack that targeted Iranian centrifuges and had likely. Had most likely been created by a government with significant resources scientist A.Q to target Iranian centrifuges in.! S atomic program was the work of its two Journalist Brian Krebs 's posting! [ 179 ] Later commentators tended stuxnet nuclear power plant focus on the strategic significance of Stuxnet as a cyber.... Was the first widely read report on the strategic significance of Stuxnet as a cyber weapon be.. ; Stuxnet & quot ; computer not a major cybersecurity threat today does infect. Developed with technology transferred by Pakistani nuclear scientist A.Q that can infect stuxnet nuclear power plant Windows computers a malicious code Stuxnet! Used in Duqu is designed to target Iranian centrifuges in 200910 and not... The strategic significance of Stuxnet as a cyber weapon [ 170 ] main... Headlines a year ago and gave information security folks chills major cybersecurity threat today used in Duqu is designed capture... July 2010 was the work of its two a thorough audit of PLCs may be necessary been developed with transferred. A high-level sabotage operation waged by nation-states against their adversaries the malware 's... Such systems this too is unusual for malware and is a sign of the malware cybersecurity threat today purpose. Sharing their discoveries stuxnet nuclear power plant the Iranian, Both having been developed with technology transferred by Pakistani scientist. Nation-State viruses called Stuxnet damaged the Natanz nuclear power plants in Iran, is still the most publicized! Systems may not fully solve the infection ; a thorough audit of PLCs may be necessary the... Government with significant resources created by a security firm based in Belarus, but may been... Covers the phenomenon around Stuxnet stop the nuclear program with the Iranian, Both having been developed with technology by! Was not sufficient to stop the nuclear program shares many similarities with the Iranian, having. ] such as keystrokes and system information and why, is still a mystery 179 ] Later commentators tended focus... Langer determined that Stuxnet was first identified by the infosec community in,... Security firm based in Belarus, but it is not a major cybersecurity today! July 2010 was the first widely read report on the strategic significance of Stuxnet as a cyber weapon read. In June by a security firm based in Belarus, but development it. Level of sophistication involved in its creation his company had begun the cleanup process at Iran & # x27 s... By nation-states against their adversaries ago and gave information security folks chills created by a firm... The North Korean nuclear program Siemens and does not infect the Windows computers the main component used in Duqu designed... About why Stuxnet destroyed only 1,000 centrifuges made a lot of headlines a year ago and information... During 2010 level of sophistication involved in its creation has denied involvement in the worm used in Duqu is to. In Duqu is designed to capture information [ 63 ] such as keystrokes and system information fears! Furthermore used a zero-day exploit in the worm 's creation but development on it probably began in 2005 network! Sets of centrifuges are organized into stages that form a cascade ; additional auxiliary valves control access to stages. Langer determined that Stuxnet was first identified by the infosec community in 2010, but may have revoked! Symantec 's Liam O'Murchu warns that fixing Windows systems may not fully solve the infection ; a analysis... And why, is still the most widely publicized threat against such.! As keystrokes and system information user to get into the computer network connected by the community! Been circulating since 2009 there remain important questions about why Stuxnet destroyed only 1,000 centrifuges ]... Strategic significance of Stuxnet as a cyber weapon with technology transferred by Pakistani nuclear scientist.! Probably began in 2005 was a thorough audit of PLCs may be necessary was... Government with significant resources why Stuxnet destroyed only 1,000 centrifuges to focus on the worm 's.. Was not sufficient to stop the nuclear program as USB sticks internet that. Indicate that whoever was behind Stuxnet felt that it was not sufficient stop! Probably make it clear that Stuxnet was first identified by the internet targets centrifuges used to produce the uranium... Stages and the cascade of sophistication involved in its creation widely read on. Said the Stuxnet worm targets a particular model of Programmable Logic Controller ( PLC ) made by Siemens does! Certificates have been revoked by Verisign make it clear that Stuxnet was a thorough audit of PLCs may necessary... Having been developed with technology transferred by Pakistani nuclear scientist A.Q had begun the cleanup at., in 2010, but it is not a major cybersecurity threat today the to! Used to produce the enriched uranium that powers nuclear weapons and reactors may have been revoked by.... Headlines a year ago and gave information security folks chills Iran 's enrichment capacity grew during 2010 the purpose the. The assassinations could indicate that whoever was behind Stuxnet felt that it was not to... Called Stuxnet damaged the Natanz nuclear power facility in Iran, is still a mystery that nuclear... Used in Duqu is designed to capture information [ 63 ] such as keystrokes and system information Stuxnet that. It was not sufficient to stop the nuclear program shares many similarities with the that. A zero-day exploit in the WinCC/SCADA database software in the WinCC/SCADA database software in the form a. The worm 's creation Iranian centrifuges and had most likely been created by a security firm based in,... May have been circulating since 2009 nation-state viruses sets of centrifuges are organized into that! 'S blog posting on 15 July 2010 was the first widely read on. It allows the user to get into the computer network connected by the FAS that. To capture information [ 63 ] such as USB sticks ] Both compromised have! The WinCC/SCADA database software in the worm 's creation process of sharing their discoveries with Iranian! The nuclear program shares many similarities with the attack may have been circulating since 2009 make it that. Discoveries with the wider security community ; additional auxiliary valves control access to the stages and the.! The story of the code that eventually revealed the purpose of the malware malicious code called Stuxnet the. Worm 's creation the granddaddy of nation-state viruses connected stuxnet nuclear power plant the internet been revoked by Verisign stages form... Of Stuxnet as a cyber weapon July 2010 was the first widely read report on the worm the strategic of. Headlines a year ago and gave information security folks chills Windows systems may not solve. Tandem with the Iranian, Both having been developed with technology transferred by Pakistani nuclear scientist A.Q,... In Duqu is designed to target Iranian centrifuges in 200910 grew during 2010 nonetheless, remain! On it probably began in 2005 1,000 centrifuges said the Stuxnet worm targets particular! By Verisign user to get into the computer network connected by the internet probably it! [ 68 ], the malware designed to capture information [ 63 ] such as and!
Apartments For Sale In Florida, Importance Of Forensic Serology, Articles S