New "supervirus" targets Iranian nuclear facilities? - DFWstangs Forums
 
LinkBack Thread Tools Display Modes
post #1 of 25 (permalink) Old 09-22-2010, 09:26 PM Thread Starter
UNFUCKWITHABLE
 
Strychnine's Avatar
 
Join Date: Feb 2003
Location: Putting the sensual in nonconsensual since 1984
Posts: 12,482
New "supervirus" targets Iranian nuclear facilities?

http://news.yahoo.com/s/csm/327178

Quote:
Cyber security experts say they have identified the world's first known cyber super weapon designed specifically to destroy a real-world target – a factory, a refinery, or just maybe a nuclear power plant.

The cyber worm, called Stuxnet, has been the object of intense study since its detection in June. As more has become known about it, alarm about its capabilities and purpose have grown. Some top cyber security experts now say Stuxnet's arrival heralds something blindingly new: a cyber weapon created to cross from the digital realm to the physical world – to destroy something.

At least one expert who has extensively studied the malicious software, or malware, suggests Stuxnet may have already attacked its target – and that it may have been Iran's Bushehr nuclear power plant, which much of the world condemns as a nuclear weapons threat.

The appearance of Stuxnet created a ripple of amazement among computer security experts. Too large, too encrypted, too complex to be immediately understood, it employed amazing new tricks, like taking control of a computer system without the user taking any action or clicking any button other than inserting an infected memory stick. Experts say it took a massive expenditure of time, money, and software engineering talent to identify and exploit such vulnerabilities in industrial control software systems.

Unlike most malware, Stuxnet is not intended to help someone make money or steal proprietary data. Industrial control systems experts now have concluded, after nearly four months spent reverse engineering Stuxnet, that the world faces a new breed of malware that could become a template for attackers wishing to launch digital strikes at physical targets worldwide. Internet link not required.

"Until a few days ago, people did not believe a directed attack like this was possible," Ralph Langner, a German cyber-security researcher, told the Monitor in an interview. He was slated to present his findings at a conference of industrial control system security experts Tuesday in Rockville, Md. "What Stuxnet represents is a future in which people with the funds will be able to buy an attack like this on the black market. This is now a valid concern."

A gradual dawning of Stuxnet's purpose

It is a realization that has emerged only gradually.

Stuxnet surfaced in June and, by July, was identified as a hypersophisticated piece of malware probably created by a team working for a nation state, say cyber security experts. Its name is derived from some of the filenames in the malware. It is the first malware known to target and infiltrate industrial supervisory control and data acquisition (SCADA) software used to run chemical plants and factories as well as electric power plants and transmission systems worldwide. That much the experts discovered right away.

But what was the motive of the people who created it? Was Stuxnet intended to steal industrial secrets – pressure, temperature, valve, or other settings –and communicate that proprietary data over the Internet to cyber thieves?

By August, researchers had found something more disturbing: Stuxnet appeared to be able to take control of the automated factory control systems it had infected – and do whatever it was programmed to do with them. That was mischievous and dangerous.

But it gets worse. Since reverse engineering chunks of Stuxnet's massive code, senior US cyber security experts confirm what Mr. Langner, the German researcher, told the Monitor: Stuxnet is essentially a precision, military-grade cyber missile deployed early last year to seek out and destroy one real-world target of high importance – a target still unknown.

"Stuxnet is a 100-percent-directed cyber attack aimed at destroying an industrial process in the physical world," says Langner, who last week became the first to publicly detail Stuxnet's destructive purpose and its authors' malicious intent. "This is not about espionage, as some have said. This is a 100 percent sabotage attack."

A guided cyber missile

On his website, Langner lays out the Stuxnet code he has dissected. He shows step by step how Stuxnet operates as a guided cyber missile. Three top US industrial control system security experts, each of whom has also independently reverse-engineered portions of Stuxnet, confirmed his findings to the Monitor.

"His technical analysis is good," says a senior US researcher who has analyzed Stuxnet, who asked for anonymity because he is not allowed to speak to the press. "We're also tearing [Stuxnet] apart and are seeing some of the same things."

Other experts who have not themselves reverse-engineered Stuxnet but are familiar with the findings of those who have concur with Langner's analysis.

"What we're seeing with Stuxnet is the first view of something new that doesn't need outside guidance by a human – but can still take control of your infrastructure," says Michael Assante, former chief of industrial control systems cyber security research at the US Department of Energy's Idaho National Laboratory. "This is the first direct example of weaponized software, highly customized and designed to find a particular target."

"I'd agree with the classification of this as a weapon," Jonathan Pollet, CEO of Red Tiger Security and an industrial control system security expert, says in an e-mail.

One researcher's findingsLangner's research, outlined on his website Monday, reveals a key step in the Stuxnet attack that other researchers agree illustrates its destructive purpose. That step, which Langner calls "fingerprinting," qualifies Stuxnet as a targeted weapon, he says.

Langner zeroes in on Stuxnet's ability to "fingerprint" the computer system it infiltrates to determine whether it is the precise machine the attack-ware is looking to destroy. If not, it leaves the industrial computer alone. It is this digital fingerprinting of the control systems that shows Stuxnet to be not spyware, but rather attackware meant to destroy, Langner says.

Stuxnet's ability to autonomously and without human assistance discriminate among industrial computer systems is telling. It means, says Langner, that it is looking for one specific place and time to attack one specific factory or power plant in the entire world.

"Stuxnet is the key for a very specific lock – in fact, there is only one lock in the world that it will open," Langner says in an interview. "The whole attack is not at all about stealing data but about manipulation of a specific industrial process at a specific moment in time. This is not generic. It is about destroying that process."

So far, Stuxnet has infected at least 45,000 industrial control systems around the world, without blowing them up – although some victims in North America have experienced some serious computer problems, Eric Byres, a Canadian expert, told the Monitor. Most of the victim computers, however, are in Iran, Pakistan, India, and Indonesia. Some systems have been hit in Germany, Canada, and the US, too. Once a system is infected, Stuxnet simply sits and waits – checking every five seconds to see if its exact parameters are met on the system. When they are, Stuxnet is programmed to activate a sequence that will cause the industrial process to self-destruct, Langner says.

Langner's analysis also shows, step by step, what happens after Stuxnet finds its target. Once Stuxnet identifies the critical function running on a programmable logic controller, or PLC, made by Siemens, the giant industrial controls company, the malware takes control. One of the last codes Stuxnet sends is an enigmatic “DEADF007.” Then the fireworks begin, although the precise function being overridden is not known, Langner says. It may be that the maximum safety setting for RPMs on a turbine is overridden, or that lubrication is shut off, or some other vital function shut down. Whatever it is, Stuxnet overrides it, Langner’s analysis shows.

"After the original code [on the PLC] is no longer executed, we can expect that something will blow up soon," Langner writes in his analysis. "Something big."

For those worried about a future cyber attack that takes control of critical computerized infrastructure – in a nuclear power plant, for instance – Stuxnet is a big, loud warning shot across the bow, especially for the utility industry and government overseers of the US power grid.

"The implications of Stuxnet are very large, a lot larger than some thought at first," says Mr. Assante, who until recently was security chief for the North American Electric Reliability Corp. "Stuxnet is a directed attack. It's the type of threat we've been worried about for a long time. It means we have to move more quickly with our defenses – much more quickly."

Has Stuxnet already hit its target?It might be too late for Stuxnet's target, Langner says. He suggests it has already been hit – and destroyed or heavily damaged. But Stuxnet reveals no overt clues within its code to what it is after.

A geographical distribution of computers hit by Stuxnet, which Microsoft produced in July, found Iran to be the apparent epicenter of the Stuxnet infections. That suggests that any enemy of Iran with advanced cyber war capability might be involved, Langner says. The US is acknowledged to have that ability, and Israel is also reported to have a formidable offensive cyber-war-fighting capability.

Could Stuxnet's target be Iran's Bushehr nuclear power plant, a facility much of the world condemns as a nuclear weapons threat?

Langner is quick to note that his views on Stuxnet's target is speculation based on suggestive threads he has seen in the media. Still, he suspects that the Bushehr plant may already have been wrecked by Stuxnet. Bushehr's expected startup in late August has been delayed, he notes, for unknown reasons. (One Iranian official blamed the delay on hot weather.)

But if Stuxnet is so targeted, why did it spread to all those countries? Stuxnet might have been spread by the USB memory sticks used by a Russian contractor while building the Bushehr nuclear plant, Langner offers. The same contractor has jobs in several countries where the attackware has been uncovered.

"This will all eventually come out and Stuxnet's target will be known," Langner says. "If Bushehr wasn't the target and it starts up in a few months, well, I was wrong. But somewhere out there, Stuxnet has found its target. We can be fairly certain of that."


.

Audentes Fortuna Juvat

Last edited by Strychnine; 09-22-2010 at 11:37 PM.
Strychnine is offline  
Sponsored Links
Advertisement
 
post #2 of 25 (permalink) Old 09-22-2010, 09:28 PM
Wolverines!!!
 
SlowLX's Avatar
 
Join Date: May 2002
Location: 1st Civ Div
Posts: 9,261
You can find smart people shit like this, yet you don't what state Cleveland is in?
SlowLX is offline  
post #3 of 25 (permalink) Old 09-22-2010, 09:29 PM Thread Starter
UNFUCKWITHABLE
 
Strychnine's Avatar
 
Join Date: Feb 2003
Location: Putting the sensual in nonconsensual since 1984
Posts: 12,482
Quote:
Originally Posted by SlowLX View Post
You can find smart people shit like this, yet you don't what state Cleveland is in?
Don't make me Stuxnet you.


I'm too deep in the bourbon to care to defend myself. FOAD... IAF.


.

Audentes Fortuna Juvat
Strychnine is offline  
 
post #4 of 25 (permalink) Old 09-22-2010, 09:39 PM
Lifer
 
MR TINFOIL HAT's Avatar
 
Join Date: Jan 2002
Location: NAU
Posts: 4,982
This couldn't possibly be a "nudge" towards the cyber secuirty act, I call bullshit.

Our government needs our help, they have an addiction. Our government is addicted to our money. Since they always have our best interest at heart it's time we return the favor. We need to have an intervention, for the governments own good of course. It's just irresponsible for us to let people with a known money addiction continue to handle our money. Lets have an intervention now so we can help these sick individuals.
MR TINFOIL HAT is offline  
post #5 of 25 (permalink) Old 09-22-2010, 11:12 PM Thread Starter
UNFUCKWITHABLE
 
Strychnine's Avatar
 
Join Date: Feb 2003
Location: Putting the sensual in nonconsensual since 1984
Posts: 12,482
Quote:
Originally Posted by MR TINFOIL HAT View Post
This couldn't possibly be a "nudge" towards the cyber secuirty act, I call bullshit.

Where does "cyber" fall into this?

Quote:
could become a template for attackers wishing to launch digital strikes at physical targets worldwide. Internet link not required.
I realize "cyber" was quoted many times in the article, but in the end, if a powerplant (or whatever) does not need to be "cyber" (read: internet) connected, how does the "cyber sercurity act" (aka. 'internet kill switch') protect anything? (Putting aside all the conspiracy 'they must control us' stuff)


.

Audentes Fortuna Juvat

Last edited by Strychnine; 09-22-2010 at 11:18 PM.
Strychnine is offline  
post #6 of 25 (permalink) Old 09-22-2010, 11:24 PM
Aspiring Bean Counter.
 
Slowhand's Avatar
 
Join Date: Feb 2006
Location: Howard Johnson's Earthlight Room
Posts: 12,279
That's really, really fucking creepy.

Slowhand is offline  
post #7 of 25 (permalink) Old 09-22-2010, 11:47 PM
Lifer
 
MR TINFOIL HAT's Avatar
 
Join Date: Jan 2002
Location: NAU
Posts: 4,982
Quote:
Originally Posted by Strychnine View Post
Where does "cyber" fall into this?



I realize "cyber" was quoted many times in the article, but in the end, if a power plant (or whatever) does not need to be "cyber" (read: INTERNET) connected, how does the "cyber security act" (aka. 'INTERNET kill switch') protect anything? (Putting aside all the conspiracy 'they must control us' stuff)

I'm just saying they are cranking up the scare tactics. Most people won't even realize It doesn't pertain to cyber connections. The sheep will just think we need the cyber security act because the "experts" who said this deal is a threat. "OMG we don't want a virus going to some countries nuke site and blowing us all up accidentally".

To answer your last question about the cyber security act, IMO it's exactly what you said to put aside. They want complete control.

Our government needs our help, they have an addiction. Our government is addicted to our money. Since they always have our best interest at heart it's time we return the favor. We need to have an intervention, for the governments own good of course. It's just irresponsible for us to let people with a known money addiction continue to handle our money. Lets have an intervention now so we can help these sick individuals.
MR TINFOIL HAT is offline  
post #8 of 25 (permalink) Old 09-23-2010, 03:17 AM
Rockin' da fumanchu
 
Join Date: Nov 2005
Location: On the straight and narrow,stumbling at best, only by Gods grace.
Posts: 7,224
That's intriguing.





Listen to my buddy, Jeff Bolton, from 6-9 AM Mon-Fri.

Obamanomics = Trickle Up Poverty

Think you need to format/reinstall your OS(XP), read this first.
Tx Redneck is offline  
post #9 of 25 (permalink) Old 09-23-2010, 06:07 PM
Baller
 
Join Date: Nov 2003
Location: drrty south
Posts: 4,003
I don't know what the cyber securities act is, and don't feel like reading it. But the US has been ramping up their cyber warfare technology and investments for a while now. It will be the next big defense sector.
ruffdaddy is offline  
post #10 of 25 (permalink) Old 09-23-2010, 06:47 PM
KJ94GT
Guest
 
Posts: n/a
Quote:
Originally Posted by ruffdaddy View Post
I don't know what the cyber securities act is, and don't feel like reading it. But the US has been ramping up their cyber warfare technology and investments for a while now. It will be the next big defense sector.
And it's mostly due to the constant cyber attacks from China, I'm sure.
post #11 of 25 (permalink) Old 09-26-2010, 03:03 PM Thread Starter
UNFUCKWITHABLE
 
Strychnine's Avatar
 
Join Date: Feb 2003
Location: Putting the sensual in nonconsensual since 1984
Posts: 12,482
More confirmation today that Iran was/is a target...



http://blogs.computerworld.com/17028...tion?source=t4
Quote:
September 26, 2010 - 9:08 A.M.

Iran nuke SCADAs saturated with Stuxnet infection


By Richi Jennings. September 26, 2010.

Let's play... Global Thermonuclear War. The Stuxnet worm, "the most sophisticated malware ever," has been discovered infesting Iran's nuclear installations. There's growing speculation that these were indeed the intended targets of what the mainstream continues to call a "virus" -- it only infects certain Siemens SCADA systems in specific configurations. There's also speculation that it's state-sponsored malware, with fingers pointing at either Israel or the U.S. Let's take a look, in The Long View...

It must be said, our own Gregg Keizer has come in for some stick on this. He's been leading the reporting of suspicion that Stuxnet's authors deliberately targeted Iran's atomic energy systems. Also, by implication, targeting the nuclear weapons program that's suspected of running parallel to it.


However, evidence continues to pile up that Gregg was right on:

Quote:
Officials in Iran have confirmed that the Stuxnet worm infected at least 30,000 Windows PCs in the country ... the total number of infected Windows PCs may be considerably larger.

Iran's Atomic Energy Organization ... met this week to discuss how to remove the malware. ... Stuxnet has been attacking SCADA systems since at least January. ... Government officials said that "serious damage that caused damage and disablement" had been reported.
So, it's looking more and more like Gregg's angle was justified. Time will tell, I suppose.


It's hugely significant that Iran is in fact acknowledging the problem now. The worry is that this 30,000 datum is actually way under-played. As Richard Silverstein notes:

Quote:
Until now, western security experts were the only ones reporting on ... Stuxnet. No Iranian sources were willing to speak publicly. ... But the fact that this article quotes “Iranian nuclear experts” confirms that the worm has infected Iran’s nuclear complexes. The only thing left to know is whether the most damaged site was Natanz, the only known plant enriching uranium which might be used in producing a nuclear weapon.
Why would anyone believe that the 30,000 figure is accurate? It's a reasonable assumption that the regime would under-report the extent of the infection.


Naturally, there are those who see the hand of Israel behind the curtain. The pseudonymous T.S. caused howls of rage in the Economist's comments section:

Quote:
Its unusual sophistication ... has prompted speculation that it is the work of a well-financed team working for a nation state, rather than a group of rogue hackers. ... This, in turn, has led to suggestions that Israel, known for its high-tech prowess and (ahem) deep suspicion of Iran's nuclear programme, might be behind it.

If Stuxnet has been deliberately aimed at Iran, one possible target is its Bushehr nuclear reactor ... controlled by Siemens systems, including the WinCC software that Stuxnet targets. ... A rival theory is that the target was Iran's uranium-enrichment plant at Natanz, and that Stuxnet successfully shut down some of its centrifuges in early 2009.
Better than flying a couple of F16s over sovereign territory to drop bombs on it. Less risky, and far more plausibly deniable.


Still others look to American influence. Tariq Alhomayed writes from London:

Quote:
Washington had previously considered initiating ‘electronic warfare’ against the regime of Saddam Hussein ... to ensure that Iraqi defense systems were crippled, and to prevent resistance. ... The idea was shelved, but it is certain that experts have been working since then to develop the idea of electronic warfare.

When Ahmadinejad says that Iran is the second strongest force bar America in ... the Middle East, he is absolutely right. ... All the elements of subversion are in the hands of Iran. ... Iran effectively controls Gaza through Hamas ... it ensures that the Hezbollah front continuously confronts Israel. ... It is consolidating the Iraqi sectarian divide ... disrupting the formation of the next Iraqi government. ... Iranian intervention in Yemen ... its attempt to destabilize the Gulf region by awakening a sense of sectarianism ... funding and laying sleeper cells within Gulf states.

Scary stuff. Now, if you'll excuse me, I'm going to watch the Formula 1 night race from Singapore.

Iran confirms massive Stuxnet infection of industrial systems

Stuxnet 'Industrial Virus' Hits Iran Hard

etc


.

Audentes Fortuna Juvat
Strychnine is offline  
post #12 of 25 (permalink) Old 09-26-2010, 03:37 PM
WE ARE THE CHAMPIONS!
 
Sgt Beavis's Avatar
 
Join Date: Jul 2002
Location: Lake Dallas, TX
Posts: 10,859
Israel has a lot of experts in this field.


just sayin'

We're Adopting. Contact us through our website.

http://www.theboyetts.com

You can also LIKE us on Facebook
Sgt Beavis is offline  
post #13 of 25 (permalink) Old 09-26-2010, 07:08 PM
Hero in a half shell
 
Fobra's Avatar
 
Join Date: Jul 2003
Location: Richmond Tx
Posts: 2,584
I find this intriguing and creepy at the same time.

Fobra is offline  
post #14 of 25 (permalink) Old 09-26-2010, 11:58 PM
Canada is welcome here.
 
justinsn95's Avatar
 
Join Date: Mar 2005
Location: ft worth
Posts: 4,039
Maybe I'm not familiar with the way they do things, or maybe they don't have the money to do this. But what is stopping them from just yanking out that hardware, and installing new? That's what I'd do. Kinda hard for the virus to affect you if its no longer there. They said it only targets a specific type of siemens system. So switch to the other type.

Also, they said that this was some russian dude going around spreading it. So basically, russia sees iran as a threat now?

Quote:
Originally Posted by aksthem1 View Post
i think thedark1337 is a pretty cool guy. eh plays the game and doesnt afraid of anything


Quote:
Originally Posted by Chillaxed View Post
- later on when i was about 16 i suddenly came to the realization that i had zero appeal to women and i said "i'm going to say i'm gay from now on"
justinsn95 is offline  
post #15 of 25 (permalink) Old 09-29-2010, 08:11 PM Thread Starter
UNFUCKWITHABLE
 
Strychnine's Avatar
 
Join Date: Feb 2003
Location: Putting the sensual in nonconsensual since 1984
Posts: 12,482
Two more.

This fascinates me.




Good breakdown of the virus:

Quote:
The best detailed and low level analysis of the malware is from Symantec.http://www.symantec.com/connect/blog...ection-process

It's quite a read, and unless you're a network/software person, it may not mean a whole lot, so I'll summarize. For reference, a PLC is a programmable logic controller which is a small industrial computer system designed to run a dedicated task by reading inputs and generating outputs. A PLC does not run an operating system in a traditional sense. Each PLC manufacturer does things their own way internally on the units and each PLC implementation is unique to the system is connected to.


* Uses three previously entirely unknown Microsoft Windows security exploits, known as 0-day exploits. This is entirely unprecedented.

* Uses a security hole within the Microsoft print spooler that was known, but only within a small community of Eastern European software security analysts.

* Uses two stolen digital security certificates from legitimate companies (Realtec and JMicron). This is impressive in its own right as these use a public/private key system.

* The main infection vector was USB key sharing combining one new Windows exploit and the stolen certificates. Further infection is spread via other Windows exploits both 0-day and known exploits methods.
* Implements a relatively complicated (for a piece of malware) peer-to-peer network to update itself if the command and control server is taken offline (which it has been since late August I believe)

* The purpose of the virus is not commercial (botnets) or data mining but to infect a VERY SPECIFIC subset of Siemens PLCs running ONE specific program

* The virus actually lies dormant (outside of occasional update checks against C&C server an on the P2P network) unless it is connected to a Siemens PLC system

* Completely subverts the functionality of the Siemens PLC programing software to inject NEW code into the PLC. The virus actually maps the software in the connected PLC to verify that new code should be injected

* The majority of the known infections have been found in Iran



Symantec and Kasperspy are convinced that only a nation state could have the resources to develop such a piece of software. The use of three 0-day exploits is not the MO of a disruptive or commercial hacking group. These exploits are INCREDIBLY valuable. Imagine having the ONLY skeleton key to nearly one billion computers around the work. Apparently, the exploits are often developed in the Eastern European region and sold off to organized crime. Why would a group want to expose its whole hand when it wasn't needed? The only reason I can think of is that someone wanted to make damn sure they reached whatever the target was.

The acquisition of the stolen digital certificates requires completely different set of hacks/social engineering/inside intel job/etc. These are occasionally sold on the black market as well.

The code for the software is written in several computer languages as has file creation dates going back into 2009. This indicates that a team was working on the malware for an extended period of time.

The injection of PLC code into a system leads directly to the conclusion that the developers had a copy of the PLC software and likely the technical engineering drawings for how the target facilities was wired and piped. Typically, PLC code is not very useful without drawings to map the input/output points to actual hardware (motors, pressure sensors, temperatures sensors, valve actuators, etc.).

It would be easy to crash the PLC if so desired by injecting trash code that the system could not understand and would likely cause the CPU to fault. This would be the sledgehammer solution that could be PLC code/system independent. However, crashing a PLC typically does not have a detrimental effect on the system. Industrial control systems are design to be fail safe so that when inputs and outputs stop updating, the facility automatically goes to a safe state. This could be by the venting of pneumatic or hydraulic pressure or by removing electrical signals that activate solenoids. Stuxnet doesn't just try to crash a PLC. After determining that the target PLC is likely running code that Stuxnet is familiar with, it activates one of two sequences. One sequence even runs a sequence that can be monitored and controlled by a part of the virus's software.

This type of targeted attack is much more dangerous. As opposed to crashing the PLC, it could, for example, leave a pump running after the pressure has exceeded the safe limit of the system, or it could open a series of valves in an order not normally allowed by the system for safety reasons. It could even bypass shutdown signals without the facility operators being aware of it.

I don't know who wrote this software, but it was a team of people was a variety of skills and knowledge of a variety of software packages.

I also think that the target was hit, whatever it was. The results may or may not have been as catastrophic as the designers intended. This virus was first detected by a group out of Belarus at the request of entities in Iran. Stuxnet runs a very low profile for the most part, so it would be tough to detect. It does not load communication networks, so it's likely that it was noticed only after some series of upsets that drove the facility owners to look at a low level.

I don't think that this necessarily means that all industry is suddenly exposed as it takes LOTS of insider knowledge and also technical skill to pull of a successful attack such as this. I do think that it will make us in the industry look more closely at our policies regarding outside Internet connections and the use of removable memory a little closer.


Aaaaaand...

Quote:
Pentagon Silent on Iranian Nuke Virus

September 27, 2010 - 12:33 PM | by: Justin Fishel

WASHINGTON -- The Pentagon is refusing to comment on widespread accusations that it is responsible for coordinating a cyber-attack against Iran's nuclear facilities. Earlier this month the Iranians acknowledged the "Stuxnet Worm" had invaded software it uses at multiple nuclear production plants.

Pentagon Spokesman Col. David Lapan said Monday the Department of Defense can "neither confirm nor deny" reports that it launched this attack.

The Stuxnet worms enters networks through USB portals and is designed specifically to attack software made by Siemens, the German owned industrial corporation. German intelligence agencies have been known to cooperate closely with the United States. Combine this fact with that the United States and Israel both have a vested interest in stopping the Iranians from acquiring a nuclear weapon, and you have the three main suspects behind the worm: the U.S., Israel, and Germany.

It's also important to note that researchers have determined the worm originated sometime in early 2010. Therefore if it was initiated by the United States it would have been done under the Obama administration.

Last year the Pentagon was attacked by a virus that temporarily shut down email services in the Pentagon. That worm also entered the system through commonly used flash drives, or portable hard drives, that plug into USB ports. Since that attack the Pentagon has banned the use of flash drives throughout the Department of Defense, and that ban remains in place today.

The Department of Homeland Security said last week it is taking precautions to defend the U.S. against the Stuxnet worm.


Read more: http://liveshots.blogs.foxnews.com/2...#ixzz10yXbCehJ


.

Audentes Fortuna Juvat
Strychnine is offline  
post #16 of 25 (permalink) Old 09-29-2010, 09:02 PM
Time Served
 
Join Date: Sep 2010
Posts: 184
we probly developed the software and sent some russian dude to install it
92Gt5liter is offline  
post #17 of 25 (permalink) Old 09-30-2010, 08:07 AM
Time Served
 
Join Date: May 2008
Posts: 127
Goes to show if you thumb the US we will put you in your place. Now we have plausable denialbility and they have a virus that will take them years to get rid of ..if ever. Sure they can replace all the hardware and reinstall their software from source media that hopefully isn't infected, and hope they get rid of the virus. Sure one day they will find a way to disharm it, but we will already have another one to send to them. The only way they can avoid this is to develop their own systems and software which they just don't have the technology.

1965 Mustang Coupe. C-Code http://www.cardomain.com/ride/3093806

2004 Mustang GT
dave586 is offline  
post #18 of 25 (permalink) Old 09-30-2010, 08:30 AM
Hero in a half shell
 
Fobra's Avatar
 
Join Date: Jul 2003
Location: Richmond Tx
Posts: 2,584
Keep up with the updates, this is fascinating

Fobra is offline  
post #19 of 25 (permalink) Old 09-30-2010, 08:58 AM
Time Served
 
Join Date: Jan 2004
Location: Texas
Posts: 802
http://gizmodo.com/5652032/the-secre...-nuclear-power


Software engineers analyzing the code inside Stuxnet, the supervirus that is focusing its attacks in Iran power plants, have found a secret code word that may point to its country of origin.

The origin may be, oh surprise, Israel. Engineers reportedly found the word "Myrtus" inside the virus, which could be an allusion to the Book of Esther. In the Old Testament, a Jewish woman called Esther marries Ahasuerus, King of Persia, the Iran of antiquity. The King's prime minister, Haman, doesn't like Esther and her cousin, Mordechai, so makes a plan to kill all the Jews in the Persian empire. Mordechai discovers the plan, and Esther tells the king who, enraged, orders Haman to be impaled and gives permission to the Jews to defend themselves against the attack. In the book, the Jewish kill Haman's sons and seventy-five thousand Persians.

Back in the real world, the Stuxnet virus didn't kill anyone or caused any fatal damage to Iran's nuclear plant. Designed to attack Siemens' Simatic S-7 controllers—used in nuclear power plants as well as oil pipelines and electrical power grids—the worm has been found in China, India, and Indonesia, but it has been especially virulent in Iran.

According to experts consulted by the New York Times, the secret code may not be a sloppy or whimsical reference from its developers, but a tool of psychological war. In recent years, Iran has been feeling the heat in their nuclear program, with scientists defecting and their secrets being compromised. The signature may just be a way of telling them "make no mistake, we are onto you." [NYT]
Viper is offline  
post #20 of 25 (permalink) Old 09-30-2010, 09:14 AM
Time Served
 
Join Date: Sep 2010
Location: Mexico
Posts: 449
Norton can fix that shit.
slo3gt is offline  
post #21 of 25 (permalink) Old 09-30-2010, 10:17 AM
BP
Keep your unicorns
 
BP's Avatar
 
Join Date: Apr 2000
Location: At the Dexter Lake Club
Posts: 12,422
Quote:
Originally Posted by Viper View Post
The origin may be, oh surprise, Israel. Engineers reportedly found the word "Myrtus" inside the virus, which could be an allusion to the Book of Esther.[NYT]
So from millions of lines of code they've managed to decypher one word? It's a shrub, not an obscure reference to Israel. Good to know gizmodo is biased against Israel.

Buell 1125R
Raptor 700R
No fast cars though
BP is offline  
post #22 of 25 (permalink) Old 09-30-2010, 07:29 PM
Time Served
 
Join Date: Sep 2010
Posts: 184
Or a clever way for us to deflect the blame. Iran has some measure of power, too. However small it may look in comparison. They have more than enough money to hire someone to try to figure out a way to stop the virus, that would eventually come across that word. Who would then of course tell his employers. Who would then of course think it was Israel.
92Gt5liter is offline  
post #23 of 25 (permalink) Old 09-30-2010, 07:52 PM
Worship me
 
AL P's Avatar
 
Join Date: Mar 2000
Posts: 34,345
I got news for all of you, even if it was monkeymen from fucking Mars that engineered this thing and they took out an ad in the New York Times admitting to it, the Iranians will still say it was Israel.

"I find that the harder I work, the more luck I seem to have." - Thomas Jefferson (1743-1826)

"There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." - Ed Howdershelt
AL P is offline  
post #24 of 25 (permalink) Old 10-08-2010, 12:36 PM
Time Served
 
Join Date: Dec 2005
Posts: 779
You've got a good thread going here. Keep it going.

Here's a little more on Siemens.

http://www.msnbc.msn.com/id/39346699...h_and_gadgets/

Siemens was involved in the original design of the Bushehr reactor in the 1970s, when West Germany and France agreed to build the nuclear power station for the former Shah of Iran before he was overthrown by the 1979 Islamic revolution.

Siemens, the world's number one maker of industrial automation control systems, which are also the company's bread-and-butter, says it has not supplied Iran with any industrial control systems usable for nuclear facilities.

However experts say such industrial control systems can be bought on the open market.


U.S. Enriches Companies Defying Its Policy on Iran
http://www.nytimes.com/2010/03/07/wo...ions.html?_r=1


I wonder how much of the technology that will be required for them to replair or replace their systems is now blocked by santions. Maybe the whole sabotage and santions combinations will be effective enough to prevent weapons from ever being dropped.

05 GT Torch Red C&L CAI, Diablo 93 tune, BMR LCR's & UCR, Pro 5.0, S UDP, Mac
<a href="http://giftube.com/"><img src="http://giftube.com/gifs/1016.gif" alt=""></a><br/><a style="padding:3px;background: transparent;color:#00ADEF;font-family:tahoma;font-size:10px;font-weight:bold;text-decoration:none;" href="http://giftube.com/" target="_blank">Gifs at Giftube.com </a>
jones4stangs is offline  
post #25 of 25 (permalink) Old 10-08-2010, 12:45 PM
Banned
 
poopnut2's Avatar
 
Join Date: Dec 2002
Location: On the Fence
Posts: 20,196
Quote:
Originally Posted by SlowLX View Post
You can find smart people shit like this, yet you don't what state Cleveland is in?
Cleveland Rocks, Cleveland Rocks, Cleveland Rocks!

Ohio!

The only way I can remember.
poopnut2 is offline  
Sponsored Links
Advertisement
 
Reply

Bookmarks

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the DFWstangs Forums forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in










Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page
Display Modes
Linear Mode Linear Mode



Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome