Domain: langner.com
Stories and comments across the archive that link to langner.com.
Comments · 7
-
Here's the link to Ralph's blog
-
Focus on offensive capabilites is misguided
Ralph Langner (the guy who figured out Stuxnet was designed to attack Iran) has been critical of the US's policies of focusing on offensive capabilities while largely ignoring or grossly underfunding defensive capabilities. He wrote a op-ed in the NYT about this. Hereis his rebuttal to Obama's executive order on critical infrastructure cyber security.
One of the problems with cyber defensive security is that too many companies use "risk assessment", which is inappropriate for security concerns. This is because risk assessment assumes that you are aware of all possible vulnerabilities and what impact these vulnerabilities will have, which is impossible. It is too easy for companies to use a risk assessment model as an excuse for not spending any money on their security, because the costs of security show up on a balance sheet while the benefits do not.
-
its cause we dont have amazing researchers
Ralph Langner was the genius behind our knowing about what Stuxnet did. But his team of researchers aren't studying Duqu much because "please note that we don’t research Duqu as it appears to be unrelated to control systems." We don't have that genius picking apart Duqu as we do Stuxnet. But Duqu is not the next stuxnet. It's not nearly as cool. Stuxnet was a very unique virus for several reasons. Duqu is more like just a standard virus. I don't understand why Stuxnet was underplaid and Duqu is so overplayed. If you want the cool information on Stuxnet http://www.langner.com/en/2011/11/09/two-years-later/ is Langner's latest post.
-
Re:Is Stuxnet a first?
1. No, it's not the first. The 2010 Verizon Data Breach Report shows that 54% of successful attacks using malware used customized or custom-written malware, and that 97% of the data records stolen were done so with the use of custom malware.
2. Yes, we're going to see a lot of it. It's already begun, according the the engineer who dissected the industrial control code that stuxnet injected.
-
It's the USraelis...
It's the USraelis trying to hit the Iranian centrifuges... http://www.langner.com/en/index.htm Obvious....
-
Some more analysis & advice
"German IACS security researcher Ralph Langner has successfully analyzed the Stuxnet malware that appeared to be a miracle. Stuxnet is a directed attack against a specific control system installation. Langner will disclose details, including forensic evidence, next week at Joe Weiss' conference in Rockville. " http://www.langner.com/en/index.htm
-
Re:Not about "default passwords. Worse.
There are indications that the target may have been the Bushehr nuclear power plant in Iran, with the Russian contractor's USB drives being the attack vector into the plant's control systems. (Which are not on the Internet, despite the smug assumptions of so many posters earlier in this comments section.) There's enough information out in the wild now that anyone with access to the target's PLC code could verify the target. Obviously this means the attack targets will be able to prove that the trojan was targeting them, but I doubt they'll be announcing the fact to the world - unless they can trace the attackers and gain political advantage through an announcement.
It seems the evidence currently leans towards a probably Israeli or possibly US cyberwarfare attack on Iran.