This page has been archived and commenting is disabled.
DEADF007 - Is Stuxnet The Secret Weapon To Attack Iran's Nukes; Is A Virus About To Revolutionize Modern Warfare?
One of the most interesting stories in the last few days, has little to do with finance and economics (at least right now), but arguably very much to do with geopolitics. A fascinating report which cites computer security experts claims that the recent uber-cryptic malware worm Stuxnet is nothing less than a weapon designed to infiltrate industrial systems, and based on attack patterns, the ultimate object of Stuxnet may be none other than Iran's Busher nuclear reactor, which could be targetted for destruction without absolutely any military intervention. Has modern warfare just become obsolete courtesy of a computer virus?
From Yahoo:
Cyber security experts say they have identified the world’s first known cyber super weapon designed specifically to destroy a real-world target – a factory, a refinery, or just maybe a nuclear power plant.
The cyber worm, called Stuxnet, has been the object of intense study since its detection in June. As more has become known about it, alarm about its capabilities and purpose have grown. Some top cyber security experts now say Stuxnet’s arrival heralds something blindingly new: a cyber weapon created to cross from the digital realm to the physical world – to destroy something.
A brief history of Stuxnet:
Stuxnet surfaced in June and, by July, was identified as a hypersophisticated piece of malware probably created by a team working for a nation state, say cyber security experts. Its name is derived from some of the filenames in the malware. It is the first malware known to target and infiltrate industrial supervisory control and data acquisition (SCADA) software used to run chemical plants and factories as well as electric power plants and transmission systems worldwide. That much the experts discovered right away.
But what was the motive of the people who created it? Was Stuxnet intended to steal industrial secrets – pressure, temperature, valve, or other settings –and communicate that proprietary data over the Internet to cyber thieves?
And it gets much more eerie:
Since reverse engineering chunks of Stuxnet's massive code, senior US cyber security experts confirm what Mr. Langner, the German researcher, told the Monitor: Stuxnet is essentially a precision, military-grade cyber missile deployed early last year to seek out and destroy one real-world target of high importance – a target still unknown.
"Stuxnet is a 100-percent-directed cyber attack aimed at destroying an industrial process in the physical world," says Langner, who last week became the first to publicly detail Stuxnet's destructive purpose and its authors' malicious intent. "This is not about espionage, as some have said. This is a 100 percent sabotage attack."
Stuxnet is so sophisticated it may revolutionize the way modern warfare if fought entirely:
Stuxnet's ability to autonomously and without human assistance discriminate among industrial computer systems is telling. It means, says Langner, that it is looking for one specific place and time to attack one specific factory or power plant in the entire world.
"Stuxnet is the key for a very specific lock – in fact, there is only one lock in the world that it will open," Langner says in an interview. "The whole attack is not at all about stealing data but about manipulation of a specific industrial process at a specific moment in time. This is not generic. It is about destroying that process."
The virus has already spread to the point where it is safe to say most critical SCADA infrastructure may already be infected.
So far, Stuxnet has infected at least 45,000 industrial control systems around the world, without blowing them up – although some victims in North America have experienced some serious computer problems, Eric Byres, a Canadian expert, told the Monitor. Most of the victim computers, however, are in Iran, Pakistan, India, and Indonesia. Some systems have been hit in Germany, Canada, and the US, too. Once a system is infected, Stuxnet simply sits and waits – checking every five seconds to see if its exact parameters are met on the system. When they are, Stuxnet is programmed to activate a sequence that will cause the industrial process to self-destruct, Langner says.
Has Stuxnet already hit its target?It might be too late for Stuxnet's
target, Langner says. He suggests it has already been hit – and
destroyed or heavily damaged. But Stuxnet reveals no overt clues within
its code to what it is after.
Will DEADF007 be the keyword that everyone will soon focus on?
Langner's analysis also shows, step by step, what happens after Stuxnet finds its target. Once Stuxnet identifies the critical function running on a programmable logic controller, or PLC, made by Siemens, the giant industrial controls company, the malware takes control. One of the last codes Stuxnet sends is an enigmatic “DEADF007.” Then the fireworks begin, although the precise function being overridden is not known, Langner says. It may be that the maximum safety setting for RPMs on a turbine is overridden, or that lubrication is shut off, or some other vital function shut down. Whatever it is, Stuxnet overrides it, Langner’s analysis shows.
"After the original code [on the PLC] is no longer executed, we can expect that something will blow up soon," Langner writes in his analysis. "Something big."
And the punchline - Iran's nuclear plant may have already been destroyed without anyone firing a shot anywhere:
A geographical distribution of computers hit by Stuxnet, which Microsoft produced in July, found Iran to be the apparent epicenter of the Stuxnet infections. That suggests that any enemy of Iran with advanced cyber war capability might be involved, Langner says. The US is acknowledged to have that ability, and Israel is also reported to have a formidable offensive cyber-war-fighting capability.
Could Stuxnet's target be Iran's Bushehr nuclear power plant, a facility much of the world condemns as a nuclear weapons threat?
Langner is quick to note that his views on Stuxnet's target is speculation based on suggestive threads he has seen in the media. Still, he suspects that the Bushehr plant may already have been wrecked by Stuxnet. Bushehr's expected startup in late August has been delayed, he notes, for unknown reasons. (One Iranian official blamed the delay on hot weather.)
There is much more to this story than merely creating page click inducing headlines. Computerworld itself is on the case:
A highly sophisticated computer worm that has spread through Iran, Indonesia and India was built to destroy operations at one target: possibly Iran's Bushehr nuclear reactor.
That's the emerging consensus of security experts who have examined the Stuxnet worm. In recent weeks, they have broken the cryptographic code behind the software and taken a look at how the worm operates in test environments. Researchers studying the worm all agree that Stuxnet was built by a very sophisticated and capable attacker -- possibly a nation-state -- and it was designed to destroy something big.
Though it was first developed more than a year ago, Stuxnet was discovered in July 2010, when a Belarus-based security company found the worm on computers belonging to an Iranian client. Since then it has been the subject of ongoing study by security researchers, who say they have never seen anything like it before. Now, after months of private speculation, some of the researchers who know Stuxnet best say that it may have been built to sabotage Iran's nukes.
And ever more experts are chiming in:
Last week Ralph Langner, a well-respected expert on industrial systems security, published an analysis of the worm, which targets Siemens software systems, and suggested that it may have been used to sabotage Iran's Bushehr nuclear reactor. A Siemens expert, Langner simulated a Siemens industrial network and then analyzed the worm's attack.
Experts had first thought that Stuxnet was written to steal industrial secrets -- factory formulas that could be used to build counterfeit products. But Langner found something quite different. The worm actually looks for very specific Siemens settings -- a kind of fingerprint that tells it that it has been installed on a very specific programmable logic controller (PLC) device -- and then it injects its own code into that system.
Because of the complexity of the attack, the target "must be of extremely high value to the attacker," Langner wrote in his analysis.
The evidence supporting that the attack is truly focusing on Iran is moving beyond the merely circumstantial:
This specific target may well have been Iran's Bushehr reactor, now
under construction, Langner said in a blog post. Bushehr reportedly
experienced delays last year, several months after Stuxnet is thought to
have been created, and, according to screenshots of the plant posted by UPI, it uses the Windows-based Siemens PLC software targeted by Stuxnet.
Another article by Computerworld discusses the lack of patching of a bug which Windows promised had been fixed, yet which allowed the entry of the virus into attacked systems. One wonders why Windows may have misrepresented this weakness...
Microsoft confirmed Wednesday that it overlooked the vulnerability when it was revealed last year.
The vulnerability in Windows Print Spooler service was one of four
exploited by Stuxnet, a worm that some have suggested was crafted to sabotage an Iranian nuclear reactor.
Last week, researchers at both Kaspersky Lab and Symantec, the firms that had reported the bug to Microsoft
in July and August, respectively, said the print spooler vulnerability
had not been publicly disclosed before they found Stuxnet was using the
flaw.
Yesterday Microsoft this omission:
"Microsoft is aware of claims that the print spooler vulnerability in
MS10-061 was partially discussed in a publication in April 2009," said
company spokesman Dave Forstrom in an e-mail Wednesday. "These claims
are accurate. Microsoft was not directly made aware of this
vulnerability nor its publication at the time of release."
And for the paranoid, there are at least two other unpatched bugs which allow Stuxnet to enter any system it desires:
The security firms also notified Microsoft of two other unpatched bugs that the Stuxnet worm exploited. Those flaws, which can be used by attackers to upgrade access privileges on compromised PCs to administrator status, will be patched in a future update, Microsoft said last week. It has not set a timetable for the fixes, however.
Little information is available about the two lesser vulnerabilities. Danish bug tracker Secunia, for example, has posted only bare-bones advisories, noting that one affects Windows XP while the other affects Vista and Windows Server 2008 machines.
In other words, the entire world could very well be open to attacks by the most sophisticated targeted virus ever created, whose sole purpose may be the eradication of targets which previously involved the involvement of armed combat.
Is the face of warfare about to change forever?
»
- 38446 reads
- Printer-friendly version
- Send to friend
- advertisements -
Shielded vacuum tubes, bitches!!!!!!!!!
FreeBSD, bitchez!!!!
Ah, THERE it is!
Ummm, this is a local issue, right?
LOL
The only thing that can now save the world - if Windows messes up and throws BSOD!
funny++;
Thankfully the "offending" line of code was commented out.
Anyone using WindBloze OS for industrial control processes, deserves to go up in smoke! Linux (and BSD!) rulez!
Nonsense. First of all, PEBKAC is the biggest security vulnerability. I am no fan of Windoze, or Mc iPhail, but all operating systems have vulnerabilities. Changing platforms is merely obfuscation, which only buys time. Then there is the matter of the average dipshit user being able to actually use the fucking thing without needing to be an engineer to complete their mundane make-work in the average word processor
I have hardened a Windoze XP, SP 1 based PLC and the network such that Stuxnet has no available infection vectors. None of these task based machines need a fucking print spooler, server/workstation services, USB ports, or goddam autoplay bullshit. It comes down to turning off that which you don't need (key difference between Windoze and IX distros), securing the network infrastructure, and the threat of termination of employment for people who fuck it up (good luck with this in unionized utilities).
Posted on this elsewhere but worth the note.
In case everyone has forgotten or for those that don't read, during the late 50's and into early 60's there was something goiing on called the "Cold War". The Russian Migs would occassionally turn on their afterburners and make a supersonic dash toward the Alaskan US boundry line only to turn at the last second recording data on electronic responses. Curtis LeMay's Strategic Air Command (alledgedly) had 1/3 of the flyable long range bombers in the air at all times. Of those, 1/3 were (alledgedly) loaded with nuclear weapons. A book, "Blind Man's Bluff" was written about the submariners cold war that was going on at the same time.
The USA operated up to 4 nuclear reactors at a place called "The Savannah River Plant". The controllers for everything were hardwired, set and monitered by staff. It was labor intensive but there were no "computers" that were not part of the hardwired system.
The research group had computers with tubes that were coded for calculation using bits and bites.
No doubt controls were "upgraded" through the years. But Savannah River probably produced enough plutonium and tritium to last all the decades since.
The Iranian technical people that I have had interface with through the decades were very bright, just as smart as the Americans. IMO, they would be able to eventually do as well as we did during the early years.
IMO, as applies to being effective in disabling Iranian fissionable materials production, this virus thing is science fiction.
And, EMP is different. That is comparing apples to hand grenades.
Agreed, do you think that after going through the QA review and safety evaluation process required to even get software into a nuclear plant, let alone going operational, you'd attach the system to the "internet"? In the end analysis, most actionable impulses in a power plant, including newclear plants (:, boil down to contact points, relays, and/or other mechanical control scemes. Most computer control systems are supervisory or if they do lead, contain a fail safe criteria with another computer supervising. Imagine what would happen if you lost control power at a nuc. or the grid goes down isolating the plant from the rest of the world? This does happen. For this reason, most US plant have designed in safety criteria for just this type of problem. Thus the need for the fail safe modes close, open, or stay in place. Besides, a good reactor operator and engineer, provided with current schematics, could shut most plants down with jumpers and blocks. With regards to a turbine shaft over spinning, the admission valve to the steam chest is controlled by a dead man switch based on centrifugal force. And lastly, regardless of all the hype the public has heard, Nuclear Power Plants Can Not Explode Like A Nuclear Bomb! Period.
Good to hear someone pronounce "newclear" right. That "newkuler" really gets me.
Sure they can...the accident at Chernobyl involved a criticality incident due to negative void coefficient. If hell breaks loose, SCRAM can be done manually with boric acid
Operative words are Nuclear Bomb. Steam explosions, Hydrogen explosions, while not desirable, are not the proverbial "mushroom cloud". They are also included in the design basis. Dirty bomb, yes. Fission reaction, no. Chernobyl was an example of an extremely irresponsible design, being a graphite water cooled reactor built in a light metal building. The lead up to the chemical reaction, hydrogen meet oxygen, was a test of a new voltage regulator design that could have been conducted on any turbine generator set in any fossil fueled power plant. Also a very irresponsible act, a special test in the US and strictly reviewed and controlled. The reactor was brought into and out of criticality repeatedly in a short period of time. The control rods overheated and wouldn't drop. The pile overheated, cracked, and introduced the coolant, water, to the mix. Research why you don't want to throw water on over heated graphite, if you don't already know. The British discovered this in the eary 50's at Windscale and is why graphite designs were frowned upon in the US. Ft. St. Vrain, in Colorado was an exception, a Gulf Atomic design, but the coolant was helium. Research half-life of any helium isotope. The over all design was great. Very low personnel exposures, high temperatures great for the supercritical rankine cycle. Great location for skiing. Only problem was the steam motivated fans to circulate the Helium through the core. British designs used electric motors. Also, "criticality incident due to negative void coefficient"? No insult intended, seems like an oxymorn. Maybe referring to the repeative criticality of the test? And yes, the coolant, water, boiled in the reactor, creating a negative void coefficient? Or a combination of words designed to create hyperbole, not on your part though. You need water to moderate the fission process to maintain criticality so I don't understand. Obviously I've too much time on my hands, but then again, I could be spiritualy creating my own reality, sorry.
I don't know why you got junked for this. I thought it was hilarious.
Say it wasn't targeted at a Nuke plant or something similar, but somehow in the comps that store all of that fancy digital $$$/paper?
One of the problems with a culture that watches too many movies is that people start to think in linear relationship to their favorite blockbusters.
Believing that every last control system in a plant is connected directly to the Internet without a firewall, exposed, and vulnerable. Spectacular, oh my!
Long live the movies without them there would be no Tyler.
I was just asking a question. I know very little about firewalls and whatever else about computers.
This virus was a clear hybrid approach. Social engineering and virus deployment. Any cracker would try to bank on some stooge getting the virus on his home computer.. infecting a thumb-drive and then bringing it into work. This virus was NOT intended to enter via the internet.. sheesh.
wow thats pretty clever.
brute force doesn't always work. This is what I call a parasite, not a virus, because the host is you! and you infect the machines when you slap in a thumb drive. This is exactly how I would do it. Get into a windows users box.. put some parasite onto your system (built in C++) and wait for you to knowingly or unknowingly contact someone down the grapevine of 6 degrees of separation and see what happens. I'm just curious about how many virus writers know the ins and outs of Nuclear computer architecture and the software that is used and how to infect that software.
If this is what it is, and it's really a virus specifically targeting a reactor site, then who ever did it has connections of the not so legal type, is another government agency or is just pipe-dreaming that it will work. I'm thinking the latter.
You also have a flair for the dramatic. Funny how so many superior thinkers discount the work of others just because they live in a foreign country, a line in the sand makes you the one and only.
Iranians could never engineer an impenetrable network. They don't know how to craft packets that would never be recognized or routeable on networks known as the Internet.
They would never be able to create their own operating systems, or intrusion detection systems. They are not me or mines therefore they are inferior.
--Disappointed
If that's the case, then it's clearly sabotage via physically infiltrating. Not quite what most computer users think when you say "computer virus".
and what better saboteur than someone who has know idea he's doing it.
i remember a bank thinking it was invincible to a virus, so they hired a company to hack in. that company instead created a small virus, put it on about 20 thumb drives and left them around the bank parking lot, on cars, planters, etc. some employees picked them up, plugged them into their workstations and clicked vacationpictures.exe and bam, done deal.
best way to hack a computer is social engineering people. ask kevin mitnik
Yeah, people think cracking is about sitting around writing invasive code when, in fact, that's like the last thing you do. Script kiddies will just plunk away like that. Real cracking is a skill and it's time intensive. You have to pick your target and truly, you have to understand humanity. People do things, say things, and throw away UNBELIEVABLE types of personal info without shredding. People.. do yourself a favor.. SHRED EVERYTHING that has your name on it... twice.
That's allegedly how the Chinese cleaned out the Pentagon several years ago.
Negative, the way the Pentagon was cleaned out (and now some of that stuff appears recently at Wikileaks and has made the international news) was by someone there giving a honey trap (as in TOR sites) to a neocon PAC, who was spotted by the Chinese Ghostnet, which stealthily piggybacked on it, and was in turn piggybacked by others and hence ended up at Wikileaks.
This stuff can get fairly circuitous and hairy.
You are sooooo on target, UGrev, my good fellow!
Unless, there happens to be some delivery method extant which is unknown to us?
Can't think of one offhand, unless they have some open satellite connection, you have to be right.
ZH's editors need to be a bit more selective.
I would imagine critical control systems wouldn't be connected at all.
Flash drive.
Russian contractor.
Putin: "Sorry, Mr. Obama, I can't shut them down. I need the cash from this deal."
Obama: "Ok, finish the reactor but make sure this little package gets installed too and you get a bonus from us. Collect from Iran, collect from us, just make sure our little package gets delivered, ok?"
Putin: "Done."
It seems silly but most of the control systems are connected to the net full time. Those Siemens controllers are no different than that used in any high rise, school, hospital, etc. The Siemens package controls lighting, building access, HVAC, etc.
A school for instance would have a terminal onsite for the Janitor/Engineer staff to monitor. Then the local school board, monitoring company, alarm company, fire monitoring company, service company, original installing contractor all have access. Typically the program works automatically turning lights on and off, doors locked or open, temperature set here, etc. But, if you have a problem you get an alarm situation which then alerts all of the people above by email, call, text, page, etc.
The first thing they do is log on and see what the problem is. 80% of the problems can be fixed online. In some cases, like a blown motor the service contractor will see no amperage draw (say). He will make sure the backup fired up automatically and then schedule a call for replacement.
Right now I could log onto about 10 different buildings and boil the receptionist. Log on, find unit supplying reception, increase setpoint 10 degrees and voila.
On a fancy install the "control" guys would integrate their system into the company's larger network. BUT, most of the time the control guys are part of the building's contruction. Wires are pulled at contruction time for the company's network but no servers and switches are installed until the building is finished and operating.
These control packages from Siemens do run on windoze based computers, so if you can hack a Windows XP login then you can screw with most of the buildings out there which are under control. The PLC controllers all get a set of limits and functions programmed in. They can run automatically if the control system goes down, lightning zaps a computer, hard drive fail, etc. For instance a boiler in a school will run within a set of limits by itself. So, these guys are hackin in and changing the limits on the actual controllers.
I am fairly sure that power plants would be secured better than schools and office buildings but you better believe that Siemens Engineering group would have remote access to that reactors control system. Monitorring, upgrades, startups, changeover, repairs, etc. would all be aided by Siemens from somewhere in the world. If they (or anyone) has access then it can be snooped and then spoofed.
To be honest nobody normally would think of a pump controller as a potential target. Until it is pumping heavy water. :) Typically accounting, HR, company research, back officey stuff is secure but some computer sitting in the stinky janitor's room is wide open.
To follow up to your post: During the cold war there was an rupture/explosion of a Russian pipeline system. Director of the CIA Casey claimed that this was the result of the US ensuring that industrial products sold to the USSR contained defects that would result in operational failure.
In addition the beta release of Windows 2000 server contained an encryption key folder labelled "NSA key." It was believed that this was a backdoor key which give NSA access to any encrypted Windows system.
Finally, if the industrial control system runs on the Windows platform, ask yourself how you get OS updates? When you download and install MS-061 do you have any idea what that contains or what it does? And how do you know that your version of MS-601 is the same as my version of MS-601?
Going to be hard to increase US exports if people become aware that any sophisticated product can be trashed by a desk jockey in Langley VA.
And don't forget that secret M$ dll file.
.
Since the market is about to go range bound till 3:00 as usual I have time to read this.
Just watch "Independence Day", same plot.
The Aliens died because they didn't have McAfee Upgrades turned on!!!
Let's just hope the Iranians don't have their antivirus programms up to date or there goes Obama's secret weapon...
emp, far more efficient...
I hear ya. Perhaps the virus gives some degree of plausible deniability?
Complete autonomy I would think. Plausible deniability for sure.
Or the fiction necessary to substantiate the alleged need for an internet wide kill switch. Also strikes me as so "2000" in regards to the date roll over issue...
DO THEY HAVE COMPUTERS IN IRAN?!!!
I SAY WE BEAT THEM IN A GAME OF SOLDIERS OF FORTUNE!!
LAN PARTY!!!!!!
Halo Bitchez!
Fuck 'n A! I was typing that exact comment but thought better of it . . . then came back and here it was!
Who do you work for, cm????????
I was up a little late last night "TCB"...LOL
What's TCB?
Seriously, something very weird is going on here. Now our posts, originally stamped one minute apart, now appear to be one hour apart.
WTF????
Is it what I said about the fucking FBI on Tuesday? I mean, really, this is truly fucking weird.
They can still kiss my ass, but still, inquiring minds wanna know.
BoB i love you.
really really strange things are happening on this website. plus my firefox browser. plus time suspension on this website. huge time lapses.
OK, thanks for the love, luv. I don't think that quite captures what I'm describing here. We'll see what the webmaster has to say.
Sorry. I've been fucking with you. I'll stop now.
No actually that was me fucking with you just now. But yes, I will stop as promised.
Funny! I think I'll take a pill now. :)
TCB = Taking Care of Business.
It was Elvis' motto.
http://oakey.net/decals/images/Elvis%20TCB%20Band.jpg
Haho and approach with greater stealth.
Ummm, not now. You kinda' sorta' just TOLD them what was coming. Ask Pickett's Ghost how that worked out at Gettysburg.
Any chance this can be applied to the f......g HFT's & PPt's. I think we can take a collection and forward to the creators.
Modern warfare hasn't been made obsolete. Sabotage is an integral and ancient method of warfare, this is just a new methodology. Reminds me of the sabotage Russian explosion the US engineered during the Cold War.
It is rather obvious that this article was not written by a technical individual. "viruses" are programs almost always written for a specific OS typically in a specific configuration. Critical (or realtime) Industrial automation typically iss a series of embedded PLC devices using what is called ladder logic talking OPC back to a OI (Operator Interface) controller unit. In plane english, this means that industrial systems typically are very much distributed and very difficult to "take down". Other than having someone physically press a button or blow up key modules, there is little damage that they can do.
In short, this "modern warefare" on industrial systems is nothing more than a PR stunt. As someone who designs and builds industrial automation for a living, it is laughable that these guys have the arrogance to think they can easily damage systems designed for HA and fault tolerance reliability.
Speaking of arrogance
+100
++
Arrogance, indeed.
Just a quick search of the keywords "Agora, Seattle, INFOWARCON, critical infrastructure" and maybe "energy infrastucture survivability" might be interesting.
Can't *wait* until all the "smart grid" hype is realized.
My guess is that the mullahs in Iran are pushing the techies to get it done as fast as they can which might encourage them to buy/borrow/steal whatever off-the-shelf components they can find, rather than recreating/reinventing some secure, isolated, hard-wired, custom thing. Not to mention the industrial control and other equipment multi-national suppliers who are more than happy to accept Iran's money.
Other folks have commented on the social engineering aspects of hacking.
Did you read the original article? It talks about exactly what you just commented on. How the virus infects the Siemens SCADA and then from there injects code into the PLC.
I was wondering about that--as well as the notion that it must be a product of a Nation State. Last I knew, the most creative people did not work in government.
Ever hear of the NSA? Just to name one.
Gov-vie bashing is fine when limited to banking and lawyering. Those people are just clever apes. You start getting into the natsec and infosec realms and you are dealing with a whole other kind of animal.
Yes.
There is no security authentication when writing data to a PLC (programmable logic controller) from a computer on the same network as the controller. With a native driver to a Siemens PLC controlling a critical process, you could wreak havoc. I bet if I could control a robot remotely while you are standing next to it, I could knock your head off. Does that qualify as damage?
That's been my point, too. You have a great firewall, and barbed wire fences. But are you searching your techies? Do you allow USB drives or CDs or laptop computers? Fuck that -- did you inspect the firmware update software to ensure it's actually from the manufacturer? There is no auditing of these things once they are hooked up to a serial port, and not much more when they are on a network switch.
It's hard to hit these targets, but they can be hit. If you want to hit them and you are motivated, you can figure it out. I'm 100% certain of that. There are no invulnerable control systems of any specific complexity or scope.
They exist... they are hardwired and secured from all human access. Its Humans thats the problem.
+1 Fun and games.
I don't know how cleanly "embedded" these things are any more. Starting around 2000 I would guess that a lot of this stuff became network-aware. In a huge way. All the Unix-based crap must be running native TCP stacks, even the micro-controllers probably have simple protocol agents for HTTP and SSH. I bet it's held out as a feature, even. Once the core logic is breached the HA stuff can be nuked or turned and the whole thing becomes a Trojan horse.
My worry is that things really and truly are massively connected, even if only tangentially. The trick is to find that tangent and exploit the f*ck out of it. Once you are in past the hardwired obstacles, you are in.
Not hard. Just takes imagination. And money to hire coders you can count on. And a clear agenda. All of which are attributes of State-sponsored haxorz projects.
I know what you are saying, but things on the ground are evolving. I might be really bad, all of a sudden.
Always makes more sense to stick the Trojan at the compiler level, and it's a rare site which doesn't have one sort or another of compilers.
BOOGA-BOOGA-BOOGA!!! Nice movie script...Does not pass a sniff test...
Of course that does not mean they won't force us to WATCH this movie in real-time complete with awesome special effects.
If it's plausible that a country would send fighter jets over disputed airspace to bomb an industrial/military target then this is also completely plausible.
This is very doable. Machine control systems are some of the most vulnerable out there. If the entity involved found out what type of controls are used (Siemens), which would not be difficult, then the entity could have written a specific software driver to browse the program and turn things on and off automatically. Any software developer can purchase the SDK from Siemens to open up the program and its data point addresses.
Don't you see the inherent contradiction?
Novel, new, super-cyber worm produced by state-supported entity...
vs.
Any fool with development skills and an SDK can bring a gov't to their knees...
Is that where the virus causes your markets to become bubbles of epic proportions? If so, looks like they are testing it out now on the US markets. WE GOT GREEN BIT-CHEZ!
Nice.....
If simple little algols can absolutely fuck the eyeballs out of capital markets, just think of what they can do with all the switches, relays, whatever the fucks there are in a nuclear plant. LOL
Awesome.
Unless it's my own infrastructure, of course, dickhead!
And just a year or two ago, Richard Clarke was being called a tin foil hat weirdo nut case fruitcake imaginary techno BS artist. Ah, but when the conspiracy leaves the realm of the theoretical.....
That describes him perfectly...
Except you left out the part where he stands to profit handsomely from the spread of all this @#$%^&* hysteria.
Negative, firstdivision!
That virus, is the Global Financial Virus (a k a credit derivatives and associated CDSes) accidentally designed by some Ph.D. quants for the Wall Street crowd (controlled by the scumbags at JPM Chase, Goldman, Morgan Stanley, and one assumes, Citi and BofA -- through their Global Regulatory Information Database, or G.R.I.D. -- the renamed Total Information Awareness database, with links to the DoD, which in turn is filled with realtime data from each of the TIA's nodes, the NSA, DIA, NGA, and those 80 plus private contractors -- everything from OnStar, First Data, and pay-per-view motel outfits, to Narus, Raytheon, and a bunch of others).
Ohhh yeah.. The military industrial complex will get behind this.. I think not.. This is garbage. War is big business, not a room full of geeks. Never happen.
Are you kidding? The military has always been leading-edge techno-geeks. Pretty much any new technology gets adopted by the military faster than just about anybody else.
The DoD has been one of the biggest recruiters of MIT, Cal Tech, and VA Tech for eons.
I agree.. But it will not and never will be the only system employed to deal with war as the article implies (imo). Bomb manufacturing will continue and none of our defense industry will be diminished by this. That's my point.
Actually, usually it's the other way around... Military develops new technology to solve some conflict related problem and then the technology is sanitized and turned into a product for mass consumption.
Max, IMO you are completely correct.
In the late 50s the USA operated heavy water reactors producing plutonium and tritium(H Bomb) sufficient to last for several decades. At that time the controls were ALL stand alone hard wired. Computers had nothing to do with the controls in the plant. The software were programing with bits and bites to do repetitive calculations.
There is no reason to assume that Iran must have computer controls to operate their reactors.
They would probably be using older labor intensive technology anyway.
We've got ourselves a thinker here! Excellent!
no...anyone with a smidgeon of computer expertise would not misspell "bytes" twice.
But, we actually know what kind of controllers exist at Beshahr! Did you read the article? It's standard equipment, frankly.
Off-the-shelf German and French equipment for the most part. German machines give the commands and French machines get down on their virtual knees.
True for plutonium, but false for tritium, which has a half-life of ~12 years.
IIRC we currently have a shortage of tritium.
Smith&Wesson makes a watch model that uses tritium vials that glow in the dark. Wearing one right now!
You mean to state clearly, at this site, that you are completely ignorant of those viruses unleashed against the Iraqi infrastructure prior to the US imperialist invasion of that country?
Not too bright, are we?
Why would anyone serious about security run anything made by Microsoft? Mad world we live in...
Why would anyone serious about security run anything made by unpaid geeks with a penchant for anarchist pursuits?
Well for starters the "anarchist" geeks didn't design as system that gave root access to all users from the get go.
I assume people understand that the Microsoft OS (operating system) has built in back doors for "national security" reasons? As well as Apple?
If the Telco's have been playing ball since before WW2, why would anyone expect the major computer operating system software producers to be any different?
Considering that the various agencies peak in your underwear draw on a regular basis, why would anyone think their computers are secure if you run off the shelf OS software? Or for that matter, off the shelf "firewall" software?
CD, you hit on a point. Window's has so many holes it is ridiculous. The holes are from shoddy programming and the desire of Bill Gates to control the spread of his product. Most serious computer programmers use Linux or other open source platforms to run their systems. The only reason why we have Window's on most computers is because MS used ruthless business tactics and would go the extra mile to have Windows as the newest GUI back when Windows '95 was launched. It became the default OS over time.
Schools require it. The wife hates running Windows on her Mac!
But you are overlooking the obvious: an open-source system is just as vulnerable to slow-moving, concerted attacks. Just inject some code, that well disguised breaks some security, as a "fix" to the code base.
Look at http://www.h-online.com/newsticker/news/item/Debian-package-of-OpenSSL-g...
although I am not saying that was intentional.
"You have zero privacy anyway. Get over it."
--Scott McNealy, Sun Microsystems Co-Founder
hey, did you know bill and sarah joy when they were married, living in aspen? sarah is a really good potter.
Yes, but I'm not talking about Apple and there's too much money to be made by selling OS antivirus software (ex McAfee 7B market cap).
And you believe that McAffee, Norton or any of the other "antivirus/firewall" software products are actually secure to NSA/big brother intrusion attempts?
The fact is that we have no idea what's being done in the name of "national security". And every time something that is being done is leaked, it's shocking. To assume any commercial OS or software firewall is "secure" is hopelessly naive. Not being insulting, just being realistic.
We are "free", and our homes "secure", only in our minds.
nm I don't think you got my point ...I don't even run windows.
But 92% of the country and 85% of the world does. Or so Microsoft claims.
You seriously think that makes you anymore secure from the NSA and the other gov't intellegence agencies?
I wasn't going to go there. People who run non commercial OS's have the tendency to believe very strongly that they are secure. Or at least much more secure. They aren't, but they believe they are. And we all need to sleep well at night, don't we.
I always assume everything I do on my computer is being scrutinized. Then I don't need to cling to the self inflicted illusion that I am secure. I'm not. End of story.
:) By non commercial OS's I assume you mean everything non-Windows based?
The prevasive false sense of security by Apple/Linux/etc users both amusses and irritates me.
Essentially.
And used by various nefarious characters, governmental or private, to great advantage.
Think bigger... why do you think the military [true original inventor of the internet] released the internet for the public's use? To provide a convenient window through which they can monitor the populace anytime they want. It's rediculous to think anything you do on your computer, no matter what OS you use is secure!
Al Gore was in the military?!!!
(Sorry, I had to do it. Couldn't stop myself.)
U can say that agaiin†
Microsoft Cofee comes to mind. It's like the master key to any windows system.
Computer Sleuthing for Dummies.
http://www.microsoft.com/industry/government/solutions/cofee/default.aspx
Anyone for COFEE?
http://www.theregister.co.uk/2009/11/24/ms_forensic_tool_take_down/
Cryptome.org
What a great headline.
Yeppers ... it is comical to think that "We the People" are considered such a threat to those in power that they have to spy on our every day lives. Oh well, if they have nothing more worthwhile to do than watch me scratch my balls and read my emails, then I feel bad for their sorry lives.
OpenBSD FTW
Eeewwww. That sounds messy. ;)
This is the mental prep we need so that when the internet get taken down our government can say this is the reason.
Its more manipulation and fear creation.
Timing is everything. Lot's of stories on this lately. We have just entered another interesting period.
http://www.globalsecuritynewswire.org/gsn/nw_20100827_1692.php
http://www.foxnews.com/scitech/2010/08/03/power-grid-vulnerable-cyber-attacks/
Yup...Power-grid vulnerability...Right...
Totally different than the hysteria about power-grid vulnerability surrounding Y2K...
Someone out there is establishing the proper framing, perhaps.
Something wicked this way comes.
At a major symposium for world-class programmers, 100 were surveyed on their view of Microsoft.
The Question asked was: If Microsoft built an airliner, would you fly on it?
99 of them gave one version or another of "Hell no, are you crazy?"
The remaining respondent, however, answered "Fuck yeah, why not--it wouldn't even get to the end of the runway!"
Cyber martial law can be justified by the Ass Hats if they can demonstrate this as a weapon of mass digital destruction. See the logic? No more free access to information...
http://www.stungunstopepperspray.com/
Apply the Leiberman rule Mr President.
Shut It Down.
What's the frequency, Skynet?
Galaxy 15
http://www.youtube.com/watch?v=2BgfSLVIkoY
Still won't die
http://www.msnbc.msn.com/id/39233332/ns/technology_and_science-space/
im skeptical, reminds me of Y2K
You're suggesting that the year 2000 never occurred?
It will be more amusing when they use it on us.
Assuming that's all true; what a bunch of absolute Donald Ducking numpties.
1. "We will defy our mortal enemy by building a nuclear reactor! Down with the infidel!"
2. "We shall buy our monitoring systems from an ally of the infidel! Down with the infidel!"
3. "We shall buy an operating system to run this all on from the infidel! Down with the infidel!"
4. "And for our final trick, we shall connect everything up to the internet! Down with the infidel!"
I'd be prepared to stand in front of the UN and petition that, for their own safety, Iran shouldn't be allowed to buy cuttlery let alone build a reactor if that's how biblically stupid they are.
+1000
ROFLMAO
Iran shouldn't be allowed to buy cuttlery let alone build a reactor if that's how biblically stupid they are.
But they are not "biblically stupid". They are Koranically stupid.
Now that is fucking funny. T'would be even more funny were it not the truth.
Allahu Akbar.
Which Urban dictionary disambiguates as "I love to take it in the ass". Generally shouted by suicide bombers before they pull the switch.
Sorry, but it's my Turrettes.
When you have to use your SmartCard just to get an IP address, I hope you'll let us know if you still think there is some possible truth to the idea that Iran and their suppliers are actually that fucking stupid.
That is if ZH is still online at that point.
well played sir, well played! :)
Actually, not really unheard off. I was supporting an "undisclosed location" a few years back. For a few weeks we were having our closed/high security network shut down by viruses. We would clean up the virus/worm and a different one would appear. After about 3 weeks I tracked it down to computer operators downloading music on line to their thumb drives and bringing the thumb drives to listen to the music on their "secure" workstations. The operators were properly punished and the problem stopped, but I have no doubt that the Iranian computer operators are no more sophisticated than the location I was supporting.
Oooooh, would that be a Wenkel rotary?
Perfect fodder for the conspiracy crowd. Nice of TD to include some teasers at the end there.
this is hilarious...lemme guess, MS is on the payroll to leave exploit vectors in their OS?
I mean, I always wondered about why these fucking developers can't write buffer length checks. How long before we get "patches" that provide custom infection vectors?
Uhhhg! This had not even occurred to me...
Hang on -- I have to go vomit a little bit.
The infected areas are centered around Iran, and include Indonesia, India, and Pakistan. So infection vectors would seem to have to include a self-propagation routine, else, how/why could it have spread out so far? And anyway, what is strange is that while STUXNET is described as a worm targeting a single entity, nevertheless it seems to have spread out far and wide.
That's the fingerprint of an external injection via a semi-specific mobile vector. That's how a mosquito does it. That's how you find your prey in the dark.
Absolutely.
"Be extremely subtle, even to the point of formlessness. Be extremely mysterious, even to the point of soundlessness. Thereby you can be the director of the opponent's fate."
Sun Tzu
The world will not tolerate an uncontrollable, nuclear Iran.
Sidenote....remember that the globe has 3 security services. US, Russia, China. Sometimes they work together, sometimes independently.
Why is there so much focus on Iran's (non-existent) nuclear weapons but never any mention of Israels vast nuclear arsenal?
Iran is a signatory nation to the NPT which gives them the legal right to nuclear fuel. Israel refuses to sign the NPT which places them in such auspicious company as North Korea, India and Pakistan. But Israel gets a pass? WTF...seriously...WTF?
I know one thing for certain...If Israel was my neighboring country...I'd want to be as heavily armed as humanly possible.
bringing out the industrial-strength stupid for all of ZH to see. nice work!
alright genius...exactly what part of my post was not factually correct?
It wasn't the facts, doofus. It was the presentation.
Not only does Israel get a pass they should get the green light.
***feedwaterpumps/2/3/4***....***off**
That probably doesn't look convincing to a techie, but you get the idea.