This page has been archived and commenting is disabled.
Al-Jazeera Confirms Iran Nuclear And Industrial Sites Crippled By Stuxnet, Time To Go Long Symantec?
After last week's Stuxnet disclosures, it was only a matter of time before the viral sabotage was flushed into the open, with Iran confirming that it had been in fact attacked. As expected, Al-Jazeera has just confirmed that not only has Bushehr been infected, but so have numerous other industrial sites all over Iran. Yet despite the pervasive attack, "no damage or disruption of nuclear facilities has yet been reported, however." What is surprising is that Iran has made such a major media splash on the topic: one would assume that demonstrating such broad cyberdefensive weakness would not be in the country's favor...
More from Al-Jazeera:
Iran's nuclear agency is trying to combat a complex computer worm that has affected industrial sites throughout the country and is capable of taking over the control systems of power plants, Iranian media reports have said.
Experts from the Atomic Energy Organisation of Iran met this week to discuss how to remove the malicious computer code, or worm, the semi-official Isna news agency reported on Friday.
Isna said the malware had spread throughout Iran, but did not name specific sites affected.
Foreign media reports have speculated the worm was aimed at disrupting Iran's first nuclear power plant, which is to go online in October in the southern port city of Bushehr.
Speaking to Al Jazeera, Rik Ferguson, a senior security adviser at the computer security company Trend Micro, described the worm as "very sophisticated".
"It is designed both for information theft, looking for design documents and sending that information back to the controllers, and for disruptive purposes," he said.
"It can issue new commands or change commands used in manufacturing.
"It's difficult to say with any certainty who is behind it. There are multiple theories, and in all honesty, any of of them could be correct."
Perhaps now is a good time to buy some SYMC: after all, it will be somewhat difficult for Iran to go on an anti-virus program piracy raid mission with everyone focused on the country's troubles. And with Iran suddenly in dire need of legitimate virus protection to go with its extensive Win95-backed infrastructure, could the $12 billion anti-virus company suddenly be an LBO target for those who wish to capitalize on the sales surge of the Norton product suite?
- 16446 reads
- Printer-friendly version
- Send to friend
- advertisements -


"one would assume that demonstrating such broad cyberdefensive weakness would not be in the country's favor..."
...PSYCHE!! lol
I'd like to offer a contrarian view here.
The technical truth is that antivirus vendors have no chance against attacks like this - today's anti-virus software is fundamentally feedback based, i.e. it only protects after a breach has been detected. It does not protect against the likes of Stuxnet, which used several zero-day (unknown before) vulnerabilities in Windows.
A smarter way to play this for any nation state (or, savvy investor) would be to go with an OS that has security designed in, not patched in after the fact.
Linux (and Android) would be a good example. For years Linux has been dominant in several critical infrastructure markets - such as webservers - still remote malware infections are a rare exception under Linux - while the Windows based IIS webserver, despite being smaller in market-share, has a much higher malware rate.
I.e. it is not true that more widely used software is more vulnerable because it gets more attention from attackers. Properly designed software can be safer even if it has tens of millions of users. Good security does not dilute with more users - it becomes stronger.
Android (which is Linux based) has a similarly good security track record, and it's on tens of millions of phones, so it has become a prime target for attackers.
If all desktops were running Android we'd likely have a much lower malware infection rate - and the desktop wouldn't run so slow due to antivirus overhead either. (If you ever wondered why those Android phones are so snappy.)
Now it's not just a matter of convenience anymore, it's all a matter of national security as well. These markets are going to be interesting in the years to come.
To play this would be to go short SYMC (and MSFT), and go long Windows alternatives (GOOG, etc.). YMMV.
Android? WTF are you nuts?
Google is an infection and they are in bed with the State security apparatus.
So is Microsoft, so what's your point precisely?
If you dont trust Google, pick any of the other Android vendors (or Linux vendors). It's open source so there are other vendors you can choose from - while with Windows there's obviously only Microsoft you can choose. That lack of competition shows up in the absymal state of Windows security.
You're right about Symantec. I've seen it stand idly by while browser-based malware steps in and does its thing.
However, your linux suggestion may not be very helpful. The reason they're running on windows is because their Siemens controller apps were written for windows.
Besides, I've done linux support in the past. There were critical security patches being released every month that we had to apply to the linux servers. While windows is a convenient target, the sophistication of this virus and the likelihood that it was state-backed means that the OS really isn't the issue. If the Siemens industrial software was running on linux, they would've found a different set of vulnerabilities to use against it. If you think linux is immune, you're fooling yourself. Locked-down linux servers can get compromised too (yes, they can).
It's certainly not immune - so what I do is that I look at the track record of Windows and Linux based server software and check the malware infection stats. Linux wins hands down even in markets where Linux is the dominant force. (webservers, mailservers, etc.)
We obviously have no controlled experiment yet about Linux on the desktop - but Android is shaping up to be such an example: it's on tens of millions of devices today and is projected to be on 500 million devices by 2015. So far there's basically zero malware on Android - which is unheard of from a generic consumer platform so large and so widespread.
Interestingly, there's no antivirus software for Android at all because it makes no sense under its security design: unlike on Windows on Android there's no ambiguous vectors of information propagation that can both be virii or legit software or documents. An E-Mail attachment cannot contain malware or a legitimate executable code embedded in a .DOC file. Etc.
But yeah, when it comes to the future few things are certain so I dont claim this is what will happen.
It's an interesting proposition nevertheless if you look to make money on mismatches in long tail risks: that the downfall of Windows will be its lack of security design. (and security is not something you can design in after the fact - because Microsoft is a captive of its own compatibility requirements. It tried and failed to change the security model with Vista. So either the current security model of Windows will survive [together with antivirus software, etc.], or another platform will take over.)
DEAD007
Or perhaps they were using Norton and it failed to stop the worm.
norton = sewertech (sewertech = symantech)
As far as I understand stuxnet defeated every commercial anti-virus program. It was identified by a Belarusian cyber security company through some more exhaustive testing of an infected Iranian computer. I'm not sure if they were called in because of something suspicious or if it was a routine check.
Tyler,
"As expected, Al-Quaeda has just confirmed that not only has Bushehr been infected, but so have numerous other industrial sites all over Iran."
I think you meant Al-Jazeera.
+1 on confusion on so many levels. - Ned
Ted says "Osama Obama."
http://www.youtube.com/watch?v=APx2YJ-_jos
Obama Osama name Mixups Volume 1
http://www.youtube.com/watch?v=ID91mi5c0OQ
bush approved the substitution
If this were true it would mean the complexion of the entire world has changed.
Whatever its unintended consequences, for the moment, peace seems closer.
I can't see how it would possibly be in Iran's interest to publicly state that they were attacked by Isreal. I'm sure that they won't have any reason to respond.
I think it's relatively safe to assume that Iranian techies are working on something in reply, maybe that looks for Hebrew language pack versions of Windows?
And if they succeed, then we have us a black swan, because Israel already has nukes, don't they?
In other news, Ahmadinezad may be just another Israeli agent and he planted the virus himself.
After all, he was born in Israel. His rhetoric is a front.
http://israelinsider.net/profiles/blogs/oy-vay-ahmadinejad-was-born-a
I know power plants and the operators have overrides on all fail safe systems and can shut down over-speeding turbines, cooling water failures, overheating, valve activation/deactivation and many others. Most systems have redundancy and in nuclear double redundancy.
Barring sleeping on the job or incompetence, nothing like that can happen.
Nothing is what appears to be.
Sell all stocks, buy physical gold, love your wife, hug your kids and sleep well.
I know PLC programming and worked with the HART protocal and the Field Guide Protocal where those "fail safe sytems" are implemented. two wires and $135 frequency shifting modem hooked up to a wireless usb device paired with a yogi antena and i OWN the power plant. water cools nuclear reactores. it take less then 20 packets of data to change f to c on that tempurature sensor. about 30 packets to change the range it sending back on. that range is sent back as a 4 to 20 mA signal. what if i change the "too hot" signal of the reporting range so the device never tells the operator there a problem?
do you know that mistubishi read only mode for there PLC is on the client side. the only reason it read only is because the software is told that. if i command a write to the plc with none defaut software. it writes. sure there a hard switch that make it read only. but guess what. noone over flips it on in case there an emergency and they need remote in cause the plant had a toxic spill.
are you aware that almost always defaut passwords are used cause if ther a problem they cant call the plant guy at 3 am and expect him to know 4 thousand passwords off the top of his head.
You don't have much time in U.S. nuclear units or CANDUs, so you? Nor in large central station plants. Kinda' different from the IPP world. - Ned
Lol.. The Hebrew language pack? I'm pretty sure that you're underestimating the sophistication of people, Iranian or other, when they are sufficiently motivated. But it would be funny if that's what they actually did, agreed.
Or perhaps another excuse for Iran to ratchet things up against Israel...
LMAO... you're funny... Unless that was sarcasm, that was the dumbest comment i've seen on here in at least a week..
Christ, even MSM doesn't take such an absurd approach to the subject..
It is in Iran's best interest to ratchet things up. They want to keep things on the brink of war, since that is the only thing stopping the price of oil from dropping to $20/barrel, and Iran needs the price of oil to stay high (or go higher).
what the fuck are you smoking.
Oil storage is near an all time high, I think it is pretty clear that the price of oil would drop a lot without the threat of war with Iran.
Iran isn't the only one that would like higher oil prices. fact is they haven't gone to war over it like some other countries.
still calling bullshit
swamp-fox: NO!
- Ned
The deployment of malware at this level of sophistication, where it takes over power plants and "industrial sites throughout the country," marks a very significant moment in the history of computer technology. Among other things, it will force us re-define what constitutes an act of war, and what would be an appropriate response.
"Among other things, it will force us re-define what constitutes an act of war, and what would be an appropriate response."
More Battleships.
guess a sarc, win a prize
More Battleships. Only if they are bigger and have more guns than current battleships.
Not-an-
So I'm on a cot near Manifa Bay, like 2330 local and this god-hellashious sound-CRACK comes from out on the water. wtf???
Turn on the radio to local AFRadio and listen to Peter Jennings say "U.S. has just launched ..."
Yep, more Badgers, Big Mo, even Big Sticks--standoff a good thing.
- Ned
fire support.
Hmmm remember the 5 transoceanic cables cut a couple years ago? Imagine if as soon as they were broke, 500+ miles away another section was surgically cut, splice and routed to a black box. When the Broken cable was fixed, they would never know of the black box existence. Imagine tapping into a secure network communicaton....
Crazy stuff happening.
Ah, not far from the truth. Just so happens that the USS Jimmy Carter was in the Med/Middle Eastern area at the same time that the cables there were damaged.
And for those not aware of the capabilities of the "Jimmy" (God, what an embarrassment...I serve on the Jimmy.) look it up.
Electroluxe Deluxe.
And shock of shocks, remember the brouhaha and outcry about the importance of the communications failures and how bloody marvelously, quickly, almost magically they were restored?! Navy already did same in Pacific/Siberian area with the Russians years ago. Public record.
"Blind Man's Bluff" -- I always wondered how Crowe came up with all of those ribbons. - Ned
I recall reading of an inventor whose attempted patent of a revolutionary underwater cable mending system was nixed by the DoD and his invention seized with meager compensation as a matter of "National Security."
When people who don't understand economics speculate about markets and gold, they lose money.
Whey they speculate about information assurance, they cause fear.
You can rest assured that technology to defeat so-called "man in the middle" attacks is well deployed, not to mention end-to-end encryption would not be breakable just because you inserted a black box into a cable.
There is a reason certain encryption algos are not exportable. Unless they were using their own homebrew, the "skeleton keys" are already likely in the posession of those who need to know. MD5? SHA1? Compromised. To move to new encryption and data integrity algos, require support by the equipment/software. Not to say they are not on top of it, but these are govt employees we are talking about.
Beyond that, everybody and every ideaology is up for sale to the highest bidder. The weakest link in every security chain, no matter how advanced, is the human link.
That's pure paranoia.
Use longer key lengths, or apply Triple-DES, Twofish, and AES successively if you are afraid.
It is always a lot easier to infiltrate your endpoint device with a keylogger, or a camera, to get access to your information than breaking the cipher.
Md5 is not an encryption algorithm. It's a hashin algorithm. "breaking" it amounts to finding a collision whereby two inputs hash to the same output. If you are using an md5 hashed password and you substitute a collision for the real password then you can "login" but this is not anything that would apply to encryption. For example, you cannot decrypt a stream of data with an md5 collision.
Bearster - Two things:
o Attacks are not what the no-such does.
o Decription has been a problem of scale for a long long time. Traffic is where it's at.
could it be why markets rallies this week?
anything to start a Iran Israel war.....if this fails...there will be something else...
Um, isn't it kind of immoral to "cyber" attack a nuclear plant? Apart from damaging property and wasting people's time and money, fission reactions do have a tendency to get out of control if they aren't carefully managed.
It's all shits and giggles until you poison the atmosphere and give innocent civilians cancer.
People who monopolize power and influence have to work incessantly screwing over everybody to keep it. It's kind of like the jesus plan. They let a couple people work it right like ghandi and martin luther king but for the most part they just find out who people trust and fuck them over.
Morality doesn't enter into the equation. Control and domination doesn't concern itself with the other guy.
I have to wonder about credibility of the claim that the "cyber" attack and not other factors was the cause of program disruption.
If your are an upper level technocrat reporting to a "religious" hierarchy and you are failing in your “mission”, what better way to deflect criticism that a mysterious computer virus. Maybe the virus could be real. And if you are on the other side trying to slow progress, why not let the opposition hierarchy believe it. Better to have them chasing ghosts that pushing forward real objectives.
Consider the case biological weapons and other WMD in Iraq, one purported reason for that war in spite of reports by Hans Blix to the contrary. Reality was that the despotic regime of Saddam Hussein had NO competent people at the top. And even when despotic regimes have competent personnel (IE WWII Germany, Japan) they tend to force a crazy decision environment.
It happens here in less lethal ways. In years 1960-61, classmate friend who was Army ROTC (and a ChE) was assigned to Rocky Mountain Arsenal in Colorado. A civilian contractor had been hired to dispose of aging containers of mustard gas (blister gas-post WWI). The workers for this “lowest bidder” wore protective clothing while dumping the gas containers into chemical disposal tanks but so many had to go to the hospital with burns that the contractor defaulted. They used RA troops to finish the job. My friend, who was not directly involved, relayed the story of the large number of “wounded” in the hospital before the job was finished. Nasty stuff.
Why? The Army Commanders had no clue about what they were dealing with. They picked the lowest bidder with no guidance and then assigned our troops to continue with the contractor’s procedures.
IMO, the Iranians are much, much better equipped to develop nuclear capability with out killing themselves than the Iraqis were to develop biological capability. But work with fissionable materials is not something that can be clowned around with. And then there is the delivery issue.
TD over exageration, there is nothing mentioned about Iran nuclear sites is crippled, there is public and privat owend companys that use Siemens machinerys are crippled but not the nuclear sites. here is the original article from Aljazeera not Al-Qaeda writen in Arabic http://www.aljazeera.net/NR/exeres/D28AFD15-AAA5-4CA0-8DF1-8B4749684521.htm?GoogleStatID=9
Sounds like an epic Israel fail. LOLZLMAO!1!!
An act of war if they can prove it, but proof that cyber warefare is 'not there' yet.
The Iran rhetoric says nothing about Israel being the perpetrator, at least not so far.
all your machinerys are ours
Zzzzzzzz...Wake me when it is a made-for-TV movie.
that is true.they said Stuxnet is maid by foreign Gov.
French Maid!
http://frenchmaidtv.com/web/French_Maid_TV_-_Videos_by_French_Maids_Ooo_La_La.html
Hammurabi must have those 33 virgins on his mind
but they did not mention israel
the usual suspects...
http://www.telegraph.co.uk/news/uknews/8024998/FBI-joins-investigation-into-MI6-spys-death.html
they were wearing olive tans.
Israel is pretty darn small. They do have a navy however. Needless to say "the US is selling arms to everyone." And of course "we have a peace process." I don't recall Iran being invited. The fact of the "peace process" of course is no accident. Is it just a "prevention of war" process? "There is an election in a few weeks."
The "peace" talks are nothing but standard election time mis-direction - unfortunately.
and the "peace process" results in Yasser Arafat winning the Nobel Peace Prize!
what a process!
- Ned
About the same as giving Dr. Robert C. Merton the Nobel Prize for Economics.
So much for Nobels.
My own experience with several personal computers has been that having Norton Antivirus loaded is worse than having an actual virus on the computer. It is such an extreme load on system resources that to do almost anything I would have to disable it. It got to be the first thing I would do after boot would be to disable Norton...I am no where near the level of sophistication of others on here with computers however it seems to me that if someone has a very good script blocker on their browser that seems to knock out about 99% of the viruses...
And for my AMZN friends out there, I accidentally knocked my kindle off a ledge about 3 1/2 feet high and it fell to the ground. The next morning when I picked it up off the ground the screen had been permanently damaged...Can't say much for the ruggedness of the product.
Biff
Eset is far more elegant than Norton.
European designed with U.S. support:
http://www.eset.com
~Misstrial
If you have a ethernet router in your home/office, it probably has a hardware firewall, which is much better protection than the garbage that Microslut, et al foist upon the public. Unfortunately, it cannot protect PCs from the id10t between the chair and keyboard, so stay vigilant on what you're clicking on (verify the URL of whatever you're gonna click on is indeed something useful).
I am with you on that.
I removed all such antivirusses from my old desktop and it is now 10x faster than the new one with the latest and faster chips. Amazing!
A firewall, hardware or software, only helps against some external direct attacks.
In almost all cases, just using NAT in your router protects you as well against those.
If your computer has been compromised, e.g. by exploiting browser/flash/pdf security holes while you were surfing the web, your firewall helps you close to nothing, before and after the incident.
funny Biff, me too, Norton uninstall, AVG free on.
Peace, never going to be peace down there. humans in the M.E. are to racist we well never have peace there. God i hope i m wrong. Israel is super powerful country,
According to the Old Testament, God him/herself led the Israelites from Egypt, yet Moses goes on a sabbatical up Mt. Sinai for awhile, and comes back to find everyone worshiping a Golden Calf. People are indeed foolish!
Yeah, especially ones that believe invisible entities are controlling our lives and want us to worship them with prayer..
worshiping golden ... hey wait!
This has got to be a complete joke.. Either this is made up or the Iranians are idiots. There is no way a industrial operations computer network would be connected to the Internet. These networks would be closed systems with no external access allowed, no wifi, and no just plugging a pc into a network port for Internet connectivity.
This is computer security 101. Stuxnet would not find a way into the network unless it allowed external access over the Internet, or mobile PCs allowed to connect that were infected. But who knows, maybe they have shit security, and allow employees to plug thumb drives into operation's computers. If it is nuclear, I would be surprised if it wasn't locked down to the max.
downloaded via floppy disk.
heh, just how old are you bob? I say downloaded from an Iplod.
If Iran is STILL using Windows-95, then chances are their PCs STILL have floppy drives! I have one that plugs into a USB port (just in case!)
downloaded via floppy disk.
5 1/4 inch single sided.
I'll go you one better-8 inch!
(Hollerith card reader seldom touched a pc)
- Ned
Pardon me, I stand corrected. Floppy it is. Appy polly logies bob.
Regards
This sounds like a diversionary rehash, aka repeat, of a comment posted for the first Stuxnet report on ZeroHedge. We already know that the Russian construction engineers used USB ports to connect their laptops to the equipment and that is how Stuxnet entered the system.
Good point. Just like the Diebold voting machines that were 'safe' becasue they were not on any network.
http://www.liveleak.com/view?i=a8d_1194275446
that link is not available in canada
Why assume it was Israel? They are far from the only nation who wants to see these reactors go away. The US, all of Europe, the Saudis... the list is long. Heck, the Russians who sold them many of their reactor systems might sabotage it -- they want the money from the sales but don't trust the Iranians either, and figured this way they get the best of both worlds.
I'm not even convinced it takes a nation to create this thing (like they keep claiming). All you really need is someone with a deep understanding of control systems, a Seimens system to practice on, a virus designer or two, and way to introduce it into the Iranian infrastructure. None of that seems to require the sponsorship of a nation.
Yeah, I'm not buying this claim that it takes a team of 100 of the world's best several years to write this, either.
If one of the designers was a Siemens system programmer himself he could've provided all of the requisite knowledge and the vector to get it directly into Bushehr itself. There's got to be a bunch of Germans who don't like Seimens selling these systems to Iran.
For all we know the only original infection could've been at Bushehr, and the spread of the virus was done accidentally by Iran's own internal spy agencies... you know they don't trust anyone and would definitely poke around inside their own nation's computers looking for signs of internal dissent.
From "The Stunt Man": "Paranoia is like an STD in that it's spread by screwing your fellow man." -- Peter O-Toole (close enough!)
And then a series of miracles begin occurring, apparently on cue, so that media can portray the sitaution with maximum emotional impact.
Ncontrol absolutly they think we are stupid, we had the embargo, now cyber attack to cripple Iran economy not the nuclear program
Hammurabi
You see the complexity of the situation and you long as do many others for a solution.
Perhaps all that can be accomplished by the world's exertions for peace is prevention of holocaust.
If that is all that we may hope for, may this computer virus be a step in that direction.
Should've bought a Mac. Time Machine works wonders.
Just sayin'.
Also, why the hell aren't these systems standalones? Are the Iranians really that retarded?
" Are the Iranians really that retarded?" - Yes they are living in the Middle Ages still
Yes they are living in the Middle Ages still
Then an assertion about Iranian nukes would have to be a lie, right?
* Really that retarded...
* Living in Middle Ages still...
and
* Likes to brag to entire world about both facts via global satellite TV network
Which of these does not fit?
ever been to utah
"Are the Iranians really that retarded?"
Alternatively, the Persians are sick and tired of their Islamic Republic.
"Alternatively, the Persians are sick and tired of their Islamic Republic."
Well, they tried to be democratic once already and look at how that panned out... what happened to Dr. Mohammad Mossadegh again? Oh, right. I'd bet they're still thanking the US for taking care of that for them... as you would expect.
Regards
Correction: the Persians might be sick and tired of supporting interests naturally conflicting with US' interests.
Once they get those interests aligned with the US, it wont matter much if they are a democracy, a dictature or anything else.
If as a nation, they were a democracy still supporting their national interests, they would be in the same situation.
Being a democracy brings no ease from the US. Aligning the interests does.
See: Saudi Arabia. South Africa under Apartheid/democracy. And many others.
Please, please, do not confuse the war mongering neo-cons on here with the facts.. You will upset them.. The name calling will start and you will end up being labeleda racist.. You will learn not to oppose Western aggression against brown people... Silly, Silly prole.. LOL
Wots of Iswaewis and Amewicans and Euwopeans are bwown, siwwy wabbit.
Wets go swaughtew some Finns.
Israel isn't the only country in the Middle East that wants to put a stop to a nuclear powered Iran.
And some of those countries have very deep pockets.
Do you think we could ask some of those countries with very deep pockets to have a go at stopping a nuclear armed (not just powered) Israel?
MB if we all said "pretty please"?
Regards
Why?
If you really need to ask...
You know what they say... "If you wanna whack, get a Mac."
This was likey a multiple-year covert operation involving multiple intelligence services. The Israelis have been cracking and hacking for decades, hell, they invented the computer virus.
The real question now is what have the Chinese got up their sleeve?
So why are we paying so much for the military industrial complex? Without firing a shot, the "threat" was neutralized.
If this prevented a war, all the better.
Cmon Tyler this gives them another chance to "blame it on the Jews." But you wouldn't know anything about that huh?
This Stuxnet crap could be serious. I found the following link after not much digging. Apparently, in one example Stuxnet was able to increase the pressure in an oil pipeline, which caused a massive pipeline explosion:
"By writing code to the PLC, Stuxnet can potentially control or alter how the system operates. A previous historic example includes a reported case of stolen code that impacted a pipeline. Code was secretly “Trojanized” to function properly and only some time after installation instruct the host system to increase the pipeline's pressure beyond its capacity. This resulted in a three kiloton explosion, about 1/5 the size of the Hiroshima bomb."
http://www.symantec.com/connect/blogs/stuxnet-introduces-first-known-roo...
This Stuxnet crap could be serious. I found the following link after not much digging. Apparently, in one example Stuxnet was able to increase the pressure in an oil pipeline, which caused a massive pipeline explosion:
You mean like a Gas Pipeline explosion and blowing up a whole city block? Hmmm, is tit for tat going on here?
Naw.
I see an IPO for Amish outdoing GOOG real soon!
Also from the Symantec Stuxnet blog:
Conclusion
Most security professionals that watch action movies where a skilled hacker holds an organization or even a country for ransom will simply dismiss it as fantasy. However, the case of Stuxnet easily reads as if it were the latest Hollywood blockbuster. This is the first publicly widespread threat that has shown a possibility of gaining control of industrial processes and placing that control in the wrong hands. It also shows that in this interconnected world, IT security is more important than ever and that even the unthinkable must now be considered.
While we don’t know who the attackers are yet, they did leave a clue. The project string “b:\myrtus\src\objfre_w2k_x86\i386\guava.pdb” appears in one of their drivers. Guava belongs to the myrtus plant family. Why guava or myrtus? Let the speculation begin.
Written by Patrick Fitzgerald and Eric Chien
It was Dr. Evil in his secret Volcano lair.
Point. Set. Match. BOOGA-BOOGA-BOOGA!
"one would assume that demonstrating such broad cyberdefensive weakness would not be in the country's favor..." ???
Not really. Let's face it, they would stand no chance of stopping the US (or Israel) from doing it if we wanted to. At the same time, the world has little sympathy for either bullies (that would be US most days even without this) or cyber-saboteurs. Recall how we felt when the story went out that China was attempting to hack our shit.
Sounds like a real good move on Iran's part--whether they were actually victimized or not. Think about it.
only if symantec did the virus (again).
singing:
I DON'T BELIEVE ANYTHING OF THIS!!!
ALL critical operations networks are all stand alone networks and never conected to the internet.
We even have this in our company where in case something bad like a worm or a virus where to cripple the network, we can erase all the stations and put a ghost on these in less then 4 hours. All the workable systems are copied avery 24h and stored for 2 years.
And as those computers like in the powerstations are eagle types for security reasons, restoring those only takes 5 to 12 minutes!
How many minutes to really screw something up? And, the prevailing theory is a flash drive, though vendor hanky-panky seems equally possible (which is the reason the US makes even its own chips on site for nuclear control systems.)
+1
This story is pure, sensationalized crap.
Hide under your bed everybody, a Windows worm is going to destroy the world.
Windows rootkits are notoriously hard to detect, correct ? And as I recall, the most recent viruses and worms go to special efforts to remain undetected, as they get what they came for. I wonder how long this worm had infected these industrial sites before it was detected, and how many of those 'backups' contain worm larvae.. could be a year or more I suppose. Assuming they can even find all the places it hides (reverse engineering binary code, so much fun), removing it could be time-consuming.
Stuxnet is NOT a worm, it's a virus.
This isn't about a computer network, persay. PLC's and particulary the one in question control things in the real world. When you consider something as complicated and real time as a nuclear reactor, it would not take very long to screw something big up. As a simple example, the PLC is programmed to limit a 25000 lb, 20" shaft's RPM's to 2000. It also is monitoring the temperature of the bearings. If the temperature begins to approach 200 deg. F, it turns on a chiller and opens a valve to increase oil flow to the bearing. Now remove that set of instructions and replace with: Remove RPM limits on the shaft and begin to increase the shaft to 10000 Rpm's, also turn off the lubrication system and chiller. Get the idea? Complete and catastrophic destruction of long lead items in probably 20 seconds - just a guess.
https://www.automation.siemens.com/mcms/process-control-systems/en/distributed-control-system-simatic-pcs-7/pages/distributed-control-system-simatic-pcs-7.aspx
separate overspeed trip in any real installation--mechanical or well controlled segmented electronic trip. - Ned
This is simpley inaccurate. Fuck power, we can do without that. How about food/water? First of all, you have to know there is a problem before you know to enact your BCDR plan. This virus is not popping up RPC errors like blaster. It is silent, directed, and very sophisticated.
Second, I have personally worked on SCADA type networks which are controlling PLC's connected to dams (yeah..those things that make lakes), water/ sewer pipes, Mac n Cheese squeezers, etc. Do they all run Siemens gear? No. But neither are they always properly air gapped from other networks. Every platform needs to be assessed in the era where usability and the rush to market are more important than data validation or OS hardening. My security team and I are playing Paul Revere here and it is a very long road to travel.
Third, delivery mechanism is USB...Sneakernet Bitchez.
How long before the creature returns for retribution on its creators, is all I am wondering? Not a matter of "if"....
Is it possible that stuxnet (or something like it) could have had anything to do with the rig that blew up in the gulf?
Dick Cheney wishes (or more likely couldn't care less; but he thanks you anyway for another option to explore in the painting of Halliburton's complete exoneration with regards to the disaster).
I can hear it now,
"It appears that our concrete forms' construction for the well cap body was altered by unauthorized software commands during manufacture. Our people suspect stuxnet... I'd like to thank ZH and commentors for sending the virulent virus viral; guiding our investigators as to what to fi... er, look for. "
Regards
I don't know which freaks me out more, influenza bugs, bed bugs or now cyber bugs! I hate bugs of all types. The closest I wanna get to one is on the golf course.
Duh, except goldbugs, of course. I do love them.
I really doubt they were infected. This is more of the same Psy-War. I worked before on Industrial Systems and
although it's not easy to escape Microsoft Operating Systems because of Drivers
and some Industrial Software are only available to Windows, you ran these
system in a local LAN disconnected from the Internet and you don't allow
Diskettes or USB Pens to connect. If you do, them it's a question of incompetence.
If the Isrealis really created this silly virus, maybe they will suffer from the same medicine.
I don't like the Zionist Colonialists (I Support Palestine and Iran any day) and I can write virus too to hit Israel.
Maybe the reactor doesn't work, and they're looking for an excuse?
Another Zionist dog and pony show. Supposing Israel did it, Siemens connived and Iran was using Windows, you may expect an extra impulse for state actors world-wide to adopt Linux, dump Windows, and finally dump the putrid dollar. Another blow to American credibility, thanks to our bestest syphilitic friends, the death cultists of Israel.
Seriously... who runs anything of importance on a Microsoft OS?
If they seriously are using an MS OS, lol. They deserve whatever they get.
you speak the truth Incubus and you already have one junk - amazing.
Incubus, I didn't junk you, but:
... er ... Honeywell, Emerson, Zeemans, Foxboro, Moore used to, Allen-Bradley, Rockwell Software, and the list goes on.
http://www.youtube.com/watch?v=umrp1tIBY8Q
So that is almost all of the power plants, refineries, and industrial facilities in the developed world.
- Ned
The ignorance around here is astonishing.
You guys speak without understanding the infection vector, why MS OS was used, or much of anything about the problem.
MS OSes were used because they have a nice, convenient set of drivers and interfaces to configure the PLCs.
The fucking reactor was NOT being run "on Windows."
I really hope dc, londonistan and isntreal are vaporized in my lifetime.
Hitler was right about everything.
"I don't see much future for the Americans. It's a decayed country. And they have their racial problem, and the problem of social of social inequalities . . . Everything about the behavior of American society reveals that it's half Judaized, and the other half negrified. How can one expect a State like that to hold together - a country where everything is built on the dollar?"
-Adolf Hitler
Isntreal--that's rather clever. I hadn't seen that one before . . . but then I don't frequent the white supremacist blogs.
I think you got lost on your way to a lynching, sodomite.
Piss off.
O.K., Lib Sod, I'll bite.
As others have noted you seem to be more interested in posing than in proselytising, but the public expression of such abhorrent thoughts compels me to respond.
I'm dieing to know, is it worth it to you to see the destruction of Israel if it means the destruction of Cairo, Ankara, Damascus, Beirut and Tehran as well; and the attendant global nuclear fallout?
And if America is as Hitler describes it in your quote, 'half Judaized and half negrified', which half are you?
You devote London and DC to the flames. Surely there are a few others you'd like to cinder as well. Would you care to name them?
I hope my questions warrant an answer.
You Sir, not only disgust me as a fellow human being.
You are also deeply ignorant.
what the fuck is he "ignorant" about?
Whether or not you find racism repugnant, I'm getting tired of seeing people who express racist beliefs referred to as "ignorant." Ignorant of WHAT? The epithet is a total non-sequitur.
The quote from Hitler did not express any genocidal sentiment.
Hitler was TOTALLY 100% right when he said "2+2=4." I know straight off that saying that invokes cognitive dissonance, but assess the truth or falsity of the statement without regard to the identity of the speaker. JFC, be LOGICAL.
@7777
Hitler practiced genocide. It is reasonable to look for evidence of that in all his statements. On that basis it is logical to infer a 'genocidal sentiment' in this quote by Hitler. Hence you are illogical, 7777.
You are right about one thing though. There is no cognitive dissonance in your statement in my opinion. But it does show your willingness to play footsie with a raging genocidal maniac and his patsies, 7777.
Indeed, if you have any doubts about where Lib Sod is coming from/where he stands, just click on his user name and hit the "track" button to check his posts, which you can do on an article-by- article basis via the "find" function on your browser menu bar under "edit."
This guy, like a few others who pass through on a fairly regular basis, is fanatically obsessed with posting material that often as not expresses a virulently anti-jewish bigotry. It gets old reading his twisted desires on every thread that can be bent to an opportunity for him to again share them.
Silently tolerating it seems to me to poorly represent this community in the name of some misguided notion of free speech/thought. I don't like PC "censorship" any more than the most principled conservative, but this transcends the superficial--it's like saying nothing when your neighbor decides to "express himself" by building a showering fountain in his front yard . . . and hooks it up to the sewer line to supply the water, no accident, fully intentional.
This guy, and others like him, also do not stumble in here and innocently find themselves the victims of small-minded intolerance or misunderstanding. He's trying to stink the place up. No accident, no misunderstanding, fully intentional.
Ignorant of individual capacity.
Racism itself is a non-sequitur. Unless one believes that we are genetically predisposed to act a certain way becuase we have a certain set of genes that demarcate a race, then the inability to judge people INDIVIDUALLY is an ignorant viewpoint.
I know you really really want to deport the Jews, which you have mentioned in the past. But just becuase you hate some 'Zionist Cabal', how is that in any way an indication of my beliefs or capacities? JFC, be LOGICAL.
"What is surprising is that Iran has made such a major media splash on the topic: one would assume that demonstrating such broad cyberdefensive weakness would not be in the country's favor..."
Seems to me that assumes a certain level of rationality that is not actually present.
Easy fix.
Toss all computers.
Hire thousands of workers to follow shouted commands of "Off, On" at all the control points.
Solves two issues at once. Unemployment and Technology problems.
Saves power too.
As long as it's korean.
http://www.dailymotion.com/video/xa198v_human-lcd-impressionant-stade-sy...
Bringing life to imagination.
"Bringing life to imagination."
False flag.
BUSHEHR PLANT-SATCON
http://williambanzai7.blogspot.com/2010/09/stuxnet-bush-w-plant-iran.html
HUMAN CUSIPS
http://williambanzai7.blogspot.com/2010/09/stuxnet-unique-id.html
Sorry chaps.
Stuxnet = Swine Flu.
Just excitable nonsense.
http://www.youtube.com/watch?v=7eUsSXXc8wU