This page has been archived and commenting is disabled.

Is a Rogue Computer Virus Shutting Down Nuclear Plants Worldwide?

George Washington's picture





 

It is now common knowledge that the U.S. and Israel developed the
Stuxnet computer virus in order to slow down Iran's nuclear program.

As the New York Times noted in January:

 

Over the past two years, according to intelligence and military experts
familiar with its operations, Dimona has taken on a new, equally
secret role — as a critical testing ground in a joint American and
Israeli effort to undermine Iran’s efforts to make a bomb of its own.

 

Behind Dimona’s barbed wire, the experts say, Israel has
spun nuclear centrifuges virtually identical to Iran’s at Natanz, where
Iranian scientists are struggling to enrich uranium. They say Dimona
tested the effectiveness of the Stuxnet computer worm, a destructive
program that appears to have wiped out roughly a fifth of Iran’s
nuclear centrifuges and helped delay, though not destroy, Tehran’s
ability to make its first nuclear arms.

 

“To check out the
worm, you have to know the machines,” said an American expert on
nuclear intelligence. “The reason the worm has been effective is that
the Israelis tried it out.”

 

Though American and Israeli
officials refuse to talk publicly about what goes on at Dimona, the
operations there, as well as related efforts in the United States, are
among the newest and strongest clues suggesting that the virus was
designed as an American-Israeli project to sabotage the Iranian
program.

 

***

 

Officially, neither American nor Israeli
officials will even utter the name of the malicious computer program,
much less describe any role in designing it.

But Israeli
officials grin widely when asked about its effects. Mr. Obama’s chief
strategist for combating weapons of mass destruction, Gary Samore,
sidestepped a Stuxnet question at a recent conference about Iran, but
added with a smile: “I’m glad to hear they are having troubles with
their centrifuge machines, and the U.S. and its allies are doing
everything we can to make it more complicated.”

 

***

 

By
the accounts of a number of computer scientists, nuclear enrichment
experts and former officials, the covert race to create Stuxnet was a
joint project between the Americans and the Israelis, with some help,
knowing or unknowing, from the Germans and the British.

And the Telegraph noted last month:

A showreel played at a retirement party for the head of the Israeli
Defence Forces has strengthened claims the country's security forces
were responsible for a cyber attack on the Iranian nuclear programme.

The
video of Lieutenant General Gabi Ashkenazi's operational successes
included references to Stuxnet, a computer virus that disrupted the
Natanz nuclear enrichment site last year, Ha'aretz reported.

Although Israel has not officially accepted responsibility for the
Stuxnet attack, evidence of its role has been mounting since it was
first discovered last July.

***

Attributing the source
of cyber attacks in notoriously difficult, but security researchers
say factors including complexity of the operation, which would have
required human sources inside the Iranian nuclear programme, point strongly to the Israeli security forces.

As PC World pointed out last November,

The
sophisticated Stuxnet is a "game changer" for companies and
governments looking to protect their networks, said Sean McGurk, acting
director of the National Cybersecurity and Communications Integration
Center in the U.S. Department of Homeland Security.

 

***

 

As
of last week, there were still about 44,000 computers infected with
Stuxnet worldwide, with about 60 percent of them in Iran, said Dean
Turner, director of Symantec's Global Intelligence Network. About 1,600
of the current infections are in the U.S., he said.

 

***

 

"Stuxnet
demonstrates that industrial control systems are more vulnerable to
cyberattacks than in the past for several reasons, including their
increased connectivity to other systems and the Internet," he said.
"Further, as demonstrated by past attacks and incidents involving
industrial control systems, the impact on a critical infrastructure
could be substantial."

Indeed, one of the
computer experts quoted by the New York Times, German cyber-security expert
Ralph Langner, noted in a Ted talk last month that Stuxnet could
be used to attack Western nuclear power plants and other types of
automated plants:

As Israel National News writes today:

[Langner] went on to describe the risk that Stuxnet could be used to blow up power plants:
"The idea here is not only to fool the operators in the control
room. It actually is much more dangerous and aggressive. The idea here
is to circumvent a digital safety system.... when they are
compromised, then real bad things can happen. Your plant can blow up
and and neither your operators nor your safety system will notice it.
That's scary. But it gets worse - and this is very important, what I
am going to say. Think about this: this attack is generic. It doesn't
have anything to do with specifics with centrifuges, with uranium
enrichment. So it would work as well, for example in a power plant or
in an automobile factory. It is generic. And as an attacker you don't
have to deliver this payload by a USB stick, as we saw it in the case
of Stuxnet. You could also use conventional worm technology for
spreading. Just spread it as wide as possible. And if you do that,
what you end up with is a cyberweapon of mass destruction."
"That's the consequence that we have to face," he said, deliberately,
while showing a map that marked Western countries (Israel not
included) in green. "So unfortunately, the biggest number of targets
for such attacks are not in the Middle East. They are in the United
States, in Europe and in Japan. So all the green areas, these are your
target-rich environments. We have to face the consquences and we
better start to prepare right now."

***
It
seems possible that he thinks Israel could use the worm against
Western targets. Why the German consultant thinks Israel would want to
do this, one can only speculate.

***

In a correspondence with cyber-security firm Symantec some six months ago, Langner named a "hacker underground" as the possible threat:

"You fail to understand that the hacker underground has been
studying control systems for years without any success. You fail to
understand that this community will eagerly dismantle Stuxnet as a
blueprint for how to cyber-attack installations from the cookie plant
next door to power plants."

***

The New York Times
recently reported that the Stuxnet virus could possibly still be
infecting Iranian systems and that it may unleash additional havoc on
new targets.

Has Stuxnet Already Caused Damage Outside of Iran?

Since the Japanese earthquake, Michael Rivero has posted hundreds of articles arguing that the Stuxnet virus has "gotten loose" and attacked other nuclear power plants outside of Iran.

The former editor of the Japan Times - Yoichi Shimatsu - writes:

Tepco
engineers suggested that the electric power inside the plant was
knocked out by something other than the tsunami. I have pointed to this
possibility early on, that the quake and control disruptions could have
made the control computers vulnerable to the Stuxnet virus.

According to Yomiuri, Stuxnet was in Japan as of October of 2010. However, I find it hard to believe that it was not the massive earthquake and the enormous tsunami which knocked out the power (although I suppose a virus could have exacerbated the damage).

There have been a lot of strange stories about unexplained nuclear power plant shutdowns. For example, as Fox News reported last week:

 

A
nuclear reactor at Plant Vogtle in eastern Georgia has been taken out
of service until authorities determine why it unexpectedly shut down.

I
have no idea whether or not the shutdowns were caused by Stuxnet
accidentally spreading to other reactors, instead of just hitting its
intended target: Iran.

But at the very least, the virus
created by the U.S. and Israel to slow down Iran's nuclear program has
opened a "Pandora's box" which leaves our nuclear plants and other
sensitive facilities open to attacks by hostile governments or rogue
hackers.

 


- advertisements -

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Wed, 04/27/2011 - 08:25 | Link to Comment snowball777
snowball777's picture

Why would the control systems for nuke reactors be hooked up to any kind of external network thus exposing themselves to virii?

Sometimes you should find out more before posting; this appears to be one of those times.

Wed, 04/27/2011 - 08:08 | Link to Comment Cthonic
Cthonic's picture

Only reports so far of the "star virus" are coming from Iran.  If it actually turns out to be targeting the same systems as stuxnet then one may be right to consider it the Western cyber-tactical equivalent of a double tap.  Seeing that Reid and Obama sucessfully 'nuked' the Yucca Mountain Repository, we don't even have plans for what to do with our (copious amounts of) nuclear industry byproducts.  We hear Iran boast about their enrichment facilities and new reactor, and nary a word of *any capacity* or any plan for capacity to handle their future waste streams.  Does anyone outside of Iran really think Iran has a bona fide need to enrich uranium?  Does anyone believe they've spent billions studying Kavir geology or focused any iota of scientific effort on the problem of fuel reprocessing?

Wed, 04/27/2011 - 08:25 | Link to Comment snowball777
snowball777's picture

Maybe they're planning on stupid, insecure spent fuel ponds too.

Wed, 04/27/2011 - 07:59 | Link to Comment New_Meat
New_Meat's picture

"I have no idea whether or not the shutdowns were caused by Stuxnet accidentally spreading to other reactors, instead of just hitting its intended target: Iran.

But at the very least, the virus created by the U.S. and Israel to slow down Iran's nuclear program has opened a "Pandora's box" which leaves our nuclear plants and other sensitive facilities open to attacks by hostile governments or rogue hackers."

GW, you post this crap, then say "I have no idea..."

Like, you have no idea how antiquated the control systems are in almost all nuclear plants.  Like, they are almost all analog, like 1980's technology.

http://www.youtube.com/watch?v=LucTPdK8VTc

- Ned

Wed, 04/27/2011 - 07:29 | Link to Comment primaryschooldropout
primaryschooldropout's picture

learn some fuck math and economics, come back in three yearsa(at minimus) and shut your mouth there are adults talking. try to listen.(hint I do not post much because I am listening)

Wed, 04/27/2011 - 07:16 | Link to Comment primaryschooldropout
primaryschooldropout's picture

does the point of non compatable not reach you? have you ever worked in #asm?   or any root code at all? not just an include? will not work betweem fenuc and S7. even low level. fuck off I read this shit at the asm level because I have S7 systems to worry about. learn you craft and then be part of the zh team. otherwise join a hedgefund. I am sick of you idiots posting over such good product.

Wed, 04/27/2011 - 07:04 | Link to Comment primaryschooldropout
primaryschooldropout's picture

btw this is the real world of somebody who fucking knows how those littile black boxes work.

Wed, 04/27/2011 - 06:59 | Link to Comment primaryschooldropout
primaryschooldropout's picture

really knock it off this is zerohedge not a god damn tin foil hat site I am sick of you

 

Wed, 04/27/2011 - 06:57 | Link to Comment primaryschooldropout
primaryschooldropout's picture

learn how to code and how this shit works fucktard

Wed, 04/27/2011 - 05:20 | Link to Comment primaryschooldropout
primaryschooldropout's picture

Oh yeah greatfultraveler. Siemens is like number 4 in the plc world, like an also ran.

Wed, 04/27/2011 - 05:17 | Link to Comment primaryschooldropout
primaryschooldropout's picture

I am going to be very simple with you george. GE fenuck and seimens S7 are not compatable. So no japan interaction. Futhermore the stuxnet virus only targets FVD's at 800-1200 hz. I like your stuff but in this case you are very off base. I do not post often. And usually only very intoxicated but I am an engineer very familar with both systems. and yes this was done by people with a lot of resources but they knew the possibilities and they are few. on another note siemens is crap. Germans should stick to ME, not CE. They suck at the latter.

Wed, 04/27/2011 - 03:40 | Link to Comment gratefultraveller
gratefultraveller's picture

That is not what the anti-virus community was saying at the time StuxNet was discovered, so yours appears to be a presumption. The Siemens controllers are some of the most widely used in industrial plants, they are "simply" building blocks used to coordinate different aspects of a process, be it car assembly, pill manufacturing, rail traffic in a network, you name it - indeed a Pandora´s Box.

Karma is a bitch.

Wed, 04/27/2011 - 03:20 | Link to Comment ivars
ivars's picture

New  (first time)  Fukushima area cumulative 1year  radiation dose (till March 11, 2012) map:

http://www.saposjoint.net/Forum/viewtopic.php?f=66&t=2657&p=32014#p32014

 

Wed, 04/27/2011 - 02:13 | Link to Comment CheapPanderingCrony
CheapPanderingCrony's picture

Yea, because the Stuxnet, not an earthquake, cracked open the concrete encasing multiple reactors. Sounds like George is talking out of his arse on this one.

Wed, 04/27/2011 - 00:37 | Link to Comment themiestro
themiestro's picture

I just think GW has a hard-on for nuke related stuff.  220, 221, whatever it takes.

Tue, 04/26/2011 - 23:54 | Link to Comment BlackholeDivestment
BlackholeDivestment's picture

The fact is, what is now upon this generation is the revelation that there is no stopping a WMD event involving Israel, U.S., Iran etc...

...''it's'' going to happen and soon, ''they'' have telegraphed this punch for a long time now, from ''The Last Best Chance'' http://www.youtube.com/watch?v=z4mmpRdV-3o to ''The Tipping Point'' http://www.youtube.com/watch?v=pH8UmH712C4 premier. http://www.youtube.com/watch?v=6AG8ottXd_M The same Pete Peterson's and Bernie Madoff with your money crowd, you know, that MIHOP LIHOP their Grand Chessboard way through the WTC and insured their AIG Fannie Mae I have another bailout bonus ...or there will be blood in the streets Mr. Gaddafi, ''we are doing gods work'' gang.

The aftermathh adds up to the reflection of history. The whole ''New World Order'' security matrix ''never let'' a Joe Biden ''generated'' Rahm Co. ''good crisis go to waste'', ''it's just business'' thing.  Larry Silverstein and friends ''pulled'' the WTC, while Larry Summers and friends ''pulled'' the global Born Ultimatum. Israel is just a pathetic revelation of the madness of the antichrist(s). All nations are guilty. Fear not, just stand fast and do no harm. This will not take long. You will see the call for peace among Israel and all the nations, soon after you realize the cause for the Nobel Prize, and you will see the security measures that take place, which you now already see happening. Any false moves after the peace is sealed, all hell will be breaking loose, count on it. Stuxnet is not the only virus to watch, the hate for anyone is deadly, don't dash your foot upon the Stone.

Wed, 04/27/2011 - 09:41 | Link to Comment old naughty
old naughty's picture

Well, not only you handed your enemies (who?) the knowhow --- a sword has two sides, you actually sets up round 2 of Nine.11.

You'll never know who hit you, hum...

Japanese: " Dai Jor Bu" (no problemo).

Sad? May be its time,

Paging John Connors. 

Wed, 04/27/2011 - 01:27 | Link to Comment Oh regional Indian
Oh regional Indian's picture

Hmmmmm, a thought provoking ramble. Feels almost like I wrote it! :-)

ORI

Tue, 04/26/2011 - 23:04 | Link to Comment Chuck Walla
Chuck Walla's picture

America! Hell, Yeah!

Tue, 04/26/2011 - 23:00 | Link to Comment michigan independant
michigan independant's picture

http://www.mcafee.com/us/resources/white-papers/wp-global-energy-cyberattacks-night-dragon.pdf

Our dcs only allows monitoring, no global inputs changes in apac

 SCADA system monitors the complete operations of the loop.

While we believe many actors have participated in these attacks, we have been able to identify one individual who has provided the crucial C&C infrastructure to the attackers — this individual is based in Heze City, Shandong Province, China. Although we don’t believe this individual is the mastermind behind these attacks, it is likely this person is aware or has information that can help identify at least some of the individuals, groups, or organizations responsible for these intrusions.

On the compromised web server, they also deployed ASPXSpy, a web-based remote administration tool, also of Chinese origin.

 

ty GW

Tue, 04/26/2011 - 22:40 | Link to Comment Augustus
Augustus's picture

Has anyone checked the weather control computers lately?  Those controllers have been creating some pretty devestating weather events here in the US in the last month.  How fast does this virus replicate in weather control equipment?

 

I am certain this virus must be responsible for the damage to my stack of cord wood.  First the fan on the stove blower quits and then I have to deal with a bunch of wet fuel.  I'd sure like to find out who exactly is responsible for a virus that can cause that.

Wed, 04/27/2011 - 00:26 | Link to Comment RockyRacoon
RockyRacoon's picture

You too?  I think it's the same mysterious yet treacherous people who made my weedeater go crazy the other day and try to eat my ankles through.   I swear it was varooming my name as the little 2-cycle motor revved to tolerances that would have destroyed a "normal" engine.

Tue, 04/26/2011 - 22:39 | Link to Comment windcatcher
windcatcher's picture

Until we bring the Traitors to the USA to Justice, the criminally insane sociopaths and their atrocities against humanity will continue to become even more audacious.

 

“We are an Empire now, and when we act, we create our own reality. And while you are studying that reality – judiciously as you will – we will act again, creating other new realities, which you can study too, and that’s how things will sort out. We are history’s actors…and you, all of you, will be left to just study what we do.” Carl Rove

Tue, 04/26/2011 - 22:06 | Link to Comment penisouraus erecti
penisouraus erecti's picture

So, this should be good for the Dow.

Tue, 04/26/2011 - 22:00 | Link to Comment majia
majia's picture

Arnie Gunderson, Chris Busby and the blogger Ex-SKF are all suggesting the #3 explosion was nuclear rather than a hydrogen explosion. Arnie thinks it was the spent fuel pool.

What are the implications if that is true?

Also, can anyone who is following this evaluate the current state of the plants in relation to more significant radiation releases (outside of those caused by more earthquakes)...

Wed, 04/27/2011 - 09:11 | Link to Comment Ethics Gradient
Ethics Gradient's picture

If it's true, we don't know anything about nuclear physics.

Tue, 04/26/2011 - 21:40 | Link to Comment Iam_Silverman
Iam_Silverman's picture

I suppose if you had no clue at all how a nuclear plant works you could contrive such a dire situation as postulated.

A LOCA, indeed.  Please, be more specific.  Will the StuxNet virus drill into the piping?  Open those manual (capped and locked-closed) drain valves?  Maybe it will roll open the PORVS?  Oh, wait, they're not controlled by a SCADA system, are they?  I guess that no one has given much thought to the fact that due to regulatory and environmental constraints, our nuclear plants are progeny of the 60's and 70's - pretty much a hodge-podge of pnuematics and clicking, buzzing relays.  Are there SCADA systems in non-ESF roles?  Yup, turbine and condensate controls.  They are not connected to even the company intranet, and they don't have accessible drive ports or USB connections.  I don't usually carry around a serial (RS232) cable, so I can't watch my porn on those computers.  So, if a virus causes the turbine controls (or feed pumps, or condensate filtration) to go apeshit, you just downpower the device.  The trip and control valves will fail closed.  If not, the highly mechanical overspeed trip will take you out, or the manual pull-to-trip T-Handle will also do nicely.

I may need to wear my tinfoil hat more often at work.

Fear mongering, at best.

Wed, 04/27/2011 - 00:20 | Link to Comment RockyRacoon
RockyRacoon's picture

Kinda reminds me of what I think was a Stephen King movie.   Some "intelligence" or "malevolent thingy" was trying to do harm and it sent "signals" to stuff like microwaves and blenders and other rather vapid household appliances.   Like through a 110V power line instructions could be sent to blow up and cause all sorts of havoc.   Yeah.

My lawnmower is trying to kill me!

Tedious tripe.

Tue, 04/26/2011 - 22:32 | Link to Comment RmcAZ
RmcAZ's picture

+1... There is one nuclear "expert" in this thread, and one security "expert" in this thread. And we both agree.

Everything else is fear mongering.

That's not to say that nothing will ever happen in a SCADA environment.

Tue, 04/26/2011 - 22:47 | Link to Comment penisouraus erecti
penisouraus erecti's picture

So, then there's nothing to worry about here?

Tue, 04/26/2011 - 21:10 | Link to Comment Ned Zeppelin
Ned Zeppelin's picture

McAfee can knock out this Stuxnet thingie STAT. No worries.  

Tue, 04/26/2011 - 20:57 | Link to Comment disabledvet
disabledvet's picture

As an alien from Mars "we don't need no stinkin' Stuxnet."  In fact believe it or not we came to your Planet because radioactive material is in fact a delicacy on my Planet.  We were shocked when we found you had a "disposal issue" because "you have too much!"  We immediately had brought to us "Granny Martians secret radiation dishes" and have been going wild and gettin' fatter ever since.  and we love your women too although we apologize for "eating the first few me met."  it was our custom and "this converstation thing" was rather odd at first.

Tue, 04/26/2011 - 20:29 | Link to Comment red_pill_rash
red_pill_rash's picture

 

There aint anything rogue about it..

Psychopathy at it's worst. .

 

Tue, 04/26/2011 - 19:37 | Link to Comment medicalstudent
medicalstudent's picture

some maybe crazy youtube lady said it was israel; leuren moret... good other points too

 

?

Tue, 04/26/2011 - 19:21 | Link to Comment KickIce
KickIce's picture

First oil production, now nukes - it's almost like they're forcing a green agenda down our throats.

Wed, 04/27/2011 - 00:15 | Link to Comment RockyRacoon
RockyRacoon's picture

Gee.  Ever consider that "they" might be right?

Tue, 04/26/2011 - 19:21 | Link to Comment bugs_
bugs_'s picture

when the morris worm got out, he didn't intend for it to get out.  it wasn't fully debugged.  but it got out and made history (and an new position at the NSA).

Tue, 04/26/2011 - 19:18 | Link to Comment espirit
espirit's picture

To monitor and receive updates-

http://hisz.rsoe.hu/alertmap/index2.php

Scroll down for the latest biological, epidemic, or near earth object approaching you.

Wed, 04/27/2011 - 06:18 | Link to Comment Husk-Erzulie
Husk-Erzulie's picture

Wow, golden tin-foil award dude.  Great stuff.

Tue, 04/26/2011 - 22:13 | Link to Comment tom a taxpayer
tom a taxpayer's picture

espirit - Amazing. Thanks.

Tue, 04/26/2011 - 21:42 | Link to Comment Natasha Fatale
Natasha Fatale's picture

This is brilliant, many thanks for sharing!

Wed, 04/27/2011 - 05:17 | Link to Comment Yen Cross
Yen Cross's picture

Making some GLOBAL money? I'm not suprised. Good work!

Tue, 04/26/2011 - 20:52 | Link to Comment tewkatz
tewkatz's picture

Wow, thanks for the link!

It's like a Bloomberg screen for catastrophy...

Tue, 04/26/2011 - 19:08 | Link to Comment topcallingtroll
topcallingtroll's picture

You do know the scuttlebutt about how they got it into the intranet managing the centrifuges, considering it is not connected to the internet?

Guys from sexually repressive societies go apeshit over a flash drive full of quality porn

Tue, 04/26/2011 - 19:27 | Link to Comment Cognitive Dissonance
Cognitive Dissonance's picture

Guys from sexually repressive societies go apeshit over a flash drive full of quality porn

Well then that stereotype perfectly explains why America is King of the Porn. Lots of sexually repressed guys with unlimted access to porn. All that female flesh flashed on the TV, in movies, on the dance floor. But no touchy touchy because NO means NO.

Arab nations aren't the only country with sexually repressed men.............and women.

Tue, 04/26/2011 - 23:00 | Link to Comment Ying-Yang
Ying-Yang's picture

You ain't kidding CD...

Just like our FED employees:

Dozens of Securities and Exchange Commission staffers used government computers to access and download explicit images and many of the incidents have occurred since the global financial meltdown began, according to a new watchdog investigation.

Several of employees held senior positions, earning between $99,300 and $222,418 per year, the inspector general's summary said. Three of the incidents occurred this year, ten in 2009, 16 in 2008, two in 2007 and one each in 2006 and 2005.

Heh..... you would think making 222k, you could afford the real deal.

 

Tue, 04/26/2011 - 22:21 | Link to Comment FeralSerf
FeralSerf's picture

There is a common denominator:  whacko fundamental religious nuts.  America has its share (and always has had since the Puritans) as does Iran, of course.

Tue, 04/26/2011 - 18:58 | Link to Comment anyways
anyways's picture

i suppose this is the true reason for the surprising nuclear power plant shutdowns in Germany: 8 (sic!) 'old' where shut down days after Fukushima.

Tue, 04/26/2011 - 18:54 | Link to Comment Milestones
Milestones's picture

Hugh Plains-how does this tie into the story you related about the Japanese Atomic "problem" and that certain semitic states potential involvement? Seems we have a possible bogey? Just surfin the turf.      Milestones

Do NOT follow this link or you will be banned from the site!