"The Worm Turns" As Chevron 'Infected' By Stuxnet Collateral Damage

Tyler Durden's picture


"I don't think the US government even realized how far it had spread" is how the collateral damage from the Iran-attacking Stuxnet computer virus is described by Chevron. The sleep San-Ramon-based oil giant admitted this week that from 2010 on "we're finding it in our systems and so are other companies... so now we have to deal with it." It would seem that little consideration for just how viral this cyber warfare tactic has become and this news (reported by Russia Today) is the first time a US company has come clean about the accidental infection. Discovered in 2010, the Stuxnet worm was reported with all but certainty to be the creation of the United States, perhaps with the assistance of Israel, to set back Iran’s nuclear enrichment program as a preemptive measure against an eventual war. In a June 2012 article published by The New York Times, government agents with direct knowledge of Stuxnet claimed that first President George W. Bush, then Barack Obama, oversaw the deployment of the worm as part of a well-crafted cyberassault on Iran. On the record, the federal government maintains ignorance on the subject of Stuxnet, but perhaps Chevron sums up the impact of Stuxnet best (given the escalating Iranian enrichment program): "I think the downside of what they did is going to be far worse than what they actually accomplished."


Via Russia Today:

America’s cyberwar is already seeing collateral damage, and it’s hitting the country’s own billion-dollar companies. Oil giants Chevron say the Stuxnet computer virus made by the US to target Iran infected their systems as well.


California-based Chevron, a Fortune 500 company that’s among the biggest corporations in the world, admits this week that they discovered the Stuxnet worm on their systems back in 2010. Up until now, Chevron managed to make their finding a well-kept secret, and their disclosure published by the Wall Street Journal on Thursday marks the first time a US company has come clean about being infected by the virus intended for Iran’s nuclear enrichment program. Mark Koelmel of the company’s earth sciences department says that they are likely to not be the last, though.


“We’re finding it in our systems and so are other companies,” says Koelmel. “So now we have to deal with this.”


Koelmel claims that the virus did not have any adverse effects on his company, which generated a quarter of a trillion dollars in revenue during 2011. As soon as Chevron identified the infection, it was taken care of immediately, he says. Other accidental targets might not be so lucky though, and the computer worm’s complex coding means it might be a while before anyone else becomes aware of the damage.


“I don’t think the US government even realized how far it had spread,” Koelmel adds.


Discovered in 2010, the Stuxnet worm was reported with all but certainty to be the creation of the United States, perhaps with the assistance of Israel, to set back Iran’s nuclear enrichment program as a preemptive measure against an eventual war. Only as recently as this June, however, American officials with direct knowledge of the worm went public with Uncle Sam’s involvement.


In a June 2012 article published by The New York Times, government agents with direct knowledge of Stuxnet claimed that first President George W. Bush, then Barack Obama, oversaw the deployment of the worm as part of a well-crafted cyberassault on Iran. Coupled with another malicious program named Flame and perhaps many more, Stuxnet was waged against Iran as part of an initiative given the codename “Olympic Games.” Rather than solely stealing intelligence through use of computer coding, the endeavor was believed to be the first cyberattack that intended to cause actual hard damage.


“Previous cyberattacks had effects limited to other computers,” Michael Hayden, the former chief of the CIA, explained to the Times earlier this year. “This is the first attack of a major nature in which a cyberattack was used to effect physical destruction.”


On the record, the federal government maintains ignorance on the subject of Stuxnet. With American companies perhaps soon coming out of the woodwork to discuss how they were hit, though, the White House may have to finally admit that they’ve had direct involvement.


After the Times published their expose in June, Senator Dianne Feinstein, chairwoman of Intelligence Committee, called for an investigation to track down how the media was first made aware of America’s involvement in Olympic Games.


"I am deeply disturbed by the continuing leaks of classified information to the media, most recently regarding alleged cyber efforts targeting Iran's nuclear program,” Feinstein said through a statement at the time. “I made it clear that disclosures of this type endanger American lives and undermine America's national security."


When Feinstein spoke to DC’s The Hill newspaper, she said, "the leak about the attack on Iran's nuclear program could 'to some extent' provide justification for copycat attacks against the United States." According to the chairwoman, "This is like an avalanche. It is very detrimental and, candidly, I found it very concerning. There's no question that this kind of thing hurts our country."


Just last month, a shadowy Iranian-based hacking group called The Qassam Cyber Fighters took credit for launching a cyberattack on the servers of Capital One Financial Corp. and BB&T Corp., two of the biggest names in the American banking industry. Days earlier, Google informed some of its American users that they may be targeted in a state-sponsored cyberattack from abroad, and computer experts insist that these assaults will only intensify over time.


“We absolutely have seen more activity from the Middle East, and in particular Iran has been increasingly active as they build up their cyber capabilities,” CrowdStrike Security President George Kurtz told the Times.


Speaking of the accidental impact Stuxnet could soon have in the US, Chevron’s Koelmel tells the Journal, "I think the downside of what they did is going to be far worse than what they actually accomplished.”

Your rating: None

- advertisements -

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Sat, 11/10/2012 - 16:04 | 2968255 resurger
resurger's picture

Sexual prolification in progress....

Sat, 11/10/2012 - 16:32 | 2968326 NewThor
NewThor's picture

"Teaming up with Skynet will make us unstoppable. What could possibly go wrong?" - USA GOV

Sat, 11/10/2012 - 16:48 | 2968370 CrockettAlmanac.com
CrockettAlmanac.com's picture

We hate us for our freedom.

Sat, 11/10/2012 - 16:58 | 2968393 knukles
knukles's picture

They Hate US for our Fiefdoms

Sat, 11/10/2012 - 17:13 | 2968424 Mr Lennon Hendrix
Mr Lennon Hendrix's picture

Beware the Fiscal Kalif.

Sat, 11/10/2012 - 19:15 | 2968713 Bicycle Repairman
Bicycle Repairman's picture

"Grey Goo"

Sat, 11/10/2012 - 22:03 | 2969015 Vampyroteuthis ...
Vampyroteuthis infernalis's picture

The road to hell is paved with good intentions.

Sun, 11/11/2012 - 00:52 | 2969213 dugorama
dugorama's picture

beware the fiscal Caliph!

Sun, 11/11/2012 - 03:00 | 2969299 putaipan
putaipan's picture

all of your freedoms belong to hate.

Sat, 11/10/2012 - 16:05 | 2968257 mjorden
mjorden's picture

Don't worry people, Once Obama's executive order comes into play ... he can just shut down the internetz.  No worries here.

Sat, 11/10/2012 - 16:35 | 2968334 NewThor
NewThor's picture

Obama should also put a kill switch on the 30,000 drones.

I'd bet those bitches can be hacked.

Sat, 11/10/2012 - 22:04 | 2969018 Vampyroteuthis ...
Vampyroteuthis infernalis's picture

Hook 'em!

Sat, 11/10/2012 - 22:30 | 2969047 JuliaS
JuliaS's picture

Takes $1000 worth of gear to spoof a GPS signal? We're safe then as in 5-10 years no one will have that kind of money except for the government workers.

Sat, 11/10/2012 - 22:49 | 2969069 Ident 7777 economy
Ident 7777 economy's picture




Give me a 10.23 MHz crystal, a handful of TTL chips (esp. an XOR gate for 'modulation') and an L band source (portions which can also be built derived from the 10.23 MHz rock) .. I don't think that amounts to 1,000 bucks even from Digi-key in small quantities ...


I don't even need that much accuracy in the 'rock' as I'll calibrate against a beat note derived from 10 MHz WWV ...


Should have a build-able proto on 'Destructables' in a few weeks.





Sun, 11/11/2012 - 00:43 | 2969199 CrazyCooter
CrazyCooter's picture

Um ...

TTL - In your use of the term, it is as generic as give me a "automobile" and I will achieve some "highly specific task" ... between the two is a shit ton of knowledge and engineering. I got a "TTL" book from when I was in college ... like ... 20 years ago ...

X MHz- Unless you can demonstrate why your cited band is so key to your objective, you are as important as "Obama and I play golf". Great. You can say it, but is it true and what are the implications. Right, you are talking shit.

Mhz rock - sounding cool doing XMHz from the previous bullet except you use "rock" in the assertion.

If you are such a fucking McGyver with 1k USD, then why are you trolling ZH instead of building your sub 1k fuck-the-system-whatever that is so clearly overlooked by any of the engineers that built said system.

STFU. Genius.



P.S. My humor filter is broken, so if I really missed the joke, my apologies.

Sat, 11/10/2012 - 20:31 | 2968832 monkeyboy
monkeyboy's picture

I hear there's alot of money to be made on the interwebz.

Sat, 11/10/2012 - 20:47 | 2968871 A Nanny Moose
A Nanny Moose's picture

Burn the village to save it...

Sun, 11/11/2012 - 03:05 | 2969306 putaipan
putaipan's picture

it takes a nation of one hundred million smoking embers to educate a child....

Sat, 11/10/2012 - 16:08 | 2968263 cifo
cifo's picture

How is it going to be much worse if the virus was designed to damage the enrichment centrifuges?

Sat, 11/10/2012 - 16:33 | 2968330 Matt
Matt's picture

Somehow, the virus spread to an oil refiner. It demonstrates that malware can go well beyond its intended target. 

Also, retaliation; if other countries develop cyberwarfare programs in response to America, then you have risk of attack on oil refineries, nuclear plants, hydro dams, etc. 


Sat, 11/10/2012 - 16:36 | 2968340 NewThor
NewThor's picture


Are you implying there are countries that don't like America?


Sat, 11/10/2012 - 16:58 | 2968391 CrockettAlmanac.com
CrockettAlmanac.com's picture

Some moron at About.com claims to have debunked the theory that Stuxnet was developed with Israeli assistance and that its intended target was Iran. It's really more poo-pooing than debunking. The supposedly debunked arguments look fairly compelling to me.



Sat, 11/10/2012 - 20:43 | 2968862 OMG
OMG's picture

We have been bombing blowing up countries right & left bringing them the freedom they desire, it's obvious they LOVE US for it! A few countries could have pulled the plug years ago by refusing to buy our debt, they are all in on it....all of them. The red shields are playing both sides of the table and the middle.

Sat, 11/10/2012 - 21:34 | 2968952 A Nanny Moose
A Nanny Moose's picture

I they hated us for our freedom, how could they possibly still hate us?

Sun, 11/11/2012 - 03:17 | 2969308 putaipan
putaipan's picture

they don't. they hate the chicago school of rigged market ayn/ru/rand paulian neo-liberal bailout my ass rigged socialist/capitalism/fasciast system of economic eschatological chaos , or ,if might i be redundant, scholl of blasphamy. SHOW ME THE ORDER.



Sat, 11/10/2012 - 17:43 | 2968507 machineh
machineh's picture

Viruses: yet another 'benefit' of our unshakable relationship with a certain shitty little country.

If we send the mideastern leeches another $3 billion, would they kindly provide the 'uninstall' key?

Sun, 11/11/2012 - 03:19 | 2969309 putaipan
putaipan's picture


Sat, 11/10/2012 - 20:15 | 2968803 Papasmurf
Papasmurf's picture

It makes you wonder how these critical resources remain on public networks.

Sat, 11/10/2012 - 21:37 | 2968964 A Nanny Moose
A Nanny Moose's picture

They aren't. If designed correctly, they are firewalled from the rest of the internal network.

Regardless, the weak spot is the personnel in charge of them, who are easily socially engineered.

Sun, 11/11/2012 - 03:20 | 2969312 putaipan
putaipan's picture

and it makes me wander...............

Sat, 11/10/2012 - 20:40 | 2968812 malikai
malikai's picture

Stuxnet is designed to attack SCADA systems, which are generic control systems for many, many commercial/industrial applications.

SCADA systems can be found in aviation, power plants and distribution grids, pipelines, refineries, manufacturing plants, etc.


Sun, 11/11/2012 - 06:49 | 2969399 Kiwi Pete
Kiwi Pete's picture

It would be a real bitch if it somehow spread to your own nuclear power plants. I understand you have a few centrifuges too and rumours of a well developed program to produce WMDs.

Sat, 11/10/2012 - 16:11 | 2968270 JustObserving
JustObserving's picture

You cannot have a war without firendly-fire casualties.  Of course, for every enemy target there are 1000 friendly targets in a cyberwar.  

Maybe, Chevron can sue Obama for damages.

You cannot escape your own viruses or your karma.


Sat, 11/10/2012 - 16:16 | 2968287 resurger
resurger's picture

true, for a broke fucking oil compnay which faces thousands of legal suits, it could be possible that they will sue Obama administration for some $$$

Sat, 11/10/2012 - 16:25 | 2968309 Mr Lennon Hendrix
Mr Lennon Hendrix's picture

When you put it like that it is almost as if they corporations want to be infected so they have an excuse for not meeting earnings and whatnot.

Sat, 11/10/2012 - 16:33 | 2968331 NewThor
NewThor's picture

Bank of America accounts are experiencing trouble today.

Sat, 11/10/2012 - 17:00 | 2968397 knukles
knukles's picture

BofA has trouble every fucking day

Sun, 11/11/2012 - 03:24 | 2969314 putaipan
putaipan's picture

ain't no reason to delay....

Sat, 11/10/2012 - 17:10 | 2968415 IridiumRebel
IridiumRebel's picture

Thanks for reminding me why I dropped those cocksuckers last year. Small banks are better if any of them are any good which they are not.

Sat, 11/10/2012 - 20:48 | 2968872 Kassandra
Kassandra's picture

Credit Unions are also good, except for mine, who managed to keep my fucking drivers license yesterday!!

Sun, 11/11/2012 - 00:14 | 2969170 Deo vindice
Deo vindice's picture

If your driver's license has that kind of ability, it will be worth a lot - just for the sheer entertainment value if nothing else.

No wonder they kept it.

Sat, 11/10/2012 - 21:05 | 2968904 PLira
PLira's picture

I have, so far, zero complaints about my Credit Union. I've been banking with the them for more than 15 years.

Sun, 11/11/2012 - 03:44 | 2969323 DollarMenu
DollarMenu's picture

Mine is just o.k.

I think the non-profit mentality results in a service level

that I imagine would be the same as if the USPS did banking.

Long lines at slow ATMs, and forget about actually taking a number for

anything involving a human on their side.

It's odd, standinng in an ATM line as someone feeds a

several hundred dollar deposit in cash into the machiine.

Guy probably works for cash, and that's easier/faster than spending the whole afternoon in a teller line.

Still, it's not JPM or BofA, although I miss their ATM's.

Sat, 11/10/2012 - 16:13 | 2968275 Tirpitz
Tirpitz's picture

So, are our Revolutionary Guard hacker friends striking back? Can't be some GWB'ush project pushed by O'bummer is getting out of [zionist] control.

Sow the wind, reap the consequences.

Sat, 11/10/2012 - 16:31 | 2968325 seek
seek's picture

It's not Iran striking back, pure collateral damage. Like real-life viruses, you can't control where these things go once released into the wild.

Not surprised the wicked witch of the west's response to this is to try to find out who leaked it in order to keep secrets. One day we may see a half dozen refineries go up in smoke, and they'll lay the blame on China or Iran when it's far more likely it's a fuckup by our own guys persuing a cyberwar strategy that wasn't thought out very well.

Stuxnet is only the beginning. Don't forget that Duqu and Flame are related, newer, state-sponsored trojans, and Flame went undiscovered for years, and that some antivirus firms and Microsoft have been suspected or even proven to be complicitly supporting government-backed intrusions.

Power-mad control freaks have a habit of blowing themselves up, and unfortunately take a lot of innocent bystanders with them.

Sat, 11/10/2012 - 17:07 | 2968407 CrockettAlmanac.com
CrockettAlmanac.com's picture
SCTV Farm Film Report (He Blowed Up Real Good)


Sat, 11/10/2012 - 20:57 | 2968891 Urban Redneck
Urban Redneck's picture

I am not sure Stuxnet is the beginning, only that that is the first time they've been caught letting the genie out of the bottle.  In the Bubba Bubble of the 90's- an old acquaintance mentioned one of his companies was developing advanced cyber weapons to disrupt critical infrastructure, so they would have been well along the way to opening Pandora's box even before the post-9/11 spending orgy kicked off, much less the US invasion of Iraq in 2003 (which had plenty of critical infrastructure whose disruption could have beneficial to US efforts).

Sat, 11/10/2012 - 16:24 | 2968298 virgilcaine
virgilcaine's picture

I believe the Def Sec. Panetta was speaking of this recently. ? Going to use my term for the Year it seems.. 'quite strange'. Get used to weird, strange and things that go bump in the night.

Sat, 11/10/2012 - 16:23 | 2968299 Kaiser Sousa
Kaiser Sousa's picture

nobody except amerikka and the zionist entity could possible posses the intelligence and capacity to wage this kind of war.  they're so much superior to everyone else....








sarcasm: stupid American Hegemonic Bitchez.......

Do NOT follow this link or you will be banned from the site!