Slashdot Mirror
Stuxnet Worm May Have Targeted Iranian Reactor
yuna49 writes "Analysis of the Stuxnet worm suggests its target might have been Iran's nuclear program. "Last week Ralph Langner, a well-respected expert on industrial systems security, published an analysis of the Stuxnet worm, which targets Siemens software systems, and suggested that it may have been used to sabotage Iran's Bushehr nuclear reactor. A Siemens expert, Langner simulated a Siemens industrial network and then analyzed the worm's attack. Experts had first thought that Stuxnet was written to steal industrial secrets, but Langner found something quite different. The worm actually looks for very specific Siemens settings — a kind of fingerprint that tells it that it has been installed on a very specific Programmable Logic Controller (PLC) device — and then it injects its own code into that system."
Which is why this malware has multiple infection routes, including USB sticks.
Hence why no one knows where it came from.
Iran already blames Israel, for pretty much everything including why the crops fail. I mean, christ, they made the 100th anniversary of the original publishing of "the protocols of the elders of zion" (you know, the anti-semitic forged pamphlet) into a national holiday. It's not like things could get any worse.
The only reason that Iran doesn't attack Israel is because they know that Israel has nukes, and the will to use them with very little provocation. Even for those countries who would likely come down on Iran's side in any conflict, how many of them have any military to speak of? How many have nukes? Even one?
Really, it's in Israel's best interest that Iran starts hostilities and the sooner the better, before Iran gets nukes. In many ways it would actually stabilize the region to have Iran beat down somewhat--you know, at least from Israel's perspective.
Also, you should know by now that ulcers come from infection, not stress. Seriously, there was a Nobel Prize and everything.
You catch enchiladas by picking them up behind the head and holding them underwater until they don't kick anymore -VeGas
They're not connecting it to the Internet, so far as I know. The speculation in the article is that the Russian contractor building the facility brought in infected PCs for the control system. Coincidentally(?), the contractor (AtomStroyExport) had its own website hacked recently.
The CIA did not actually produce the special (i.e. modified to run the super high pressure test after a set period of normal operation) pipeline management hardware and software themselves. Instead, they convinced a private company to produce them and ensured that the modified parts made their way into Russian hands. Supposedly, the resulting explosion and subsequent fire, near Vladivostok in eastern Russia where the pipeline was located, were so large that they were detected by satellites designed to monitor nuclear tests. I wonder if it is possible for this worm, once inside the controller, to adjust the operating parameters in such a way to ensure a catastrophic failure (i.e. meltdown) occurs? What does this say about reactor safety system design?
OB35 is a an interrupt function which is periodically called by a timer, generally every 100ms.
If you were to inject malicious code into OB35, it would be periodically executed, assuming that OB35 was loaded onto the controller in the first place.
No idea what this code might be expected to do. Crash the software running on the PLC maybe.
Infection is not the only cause of peptic ulcers. Nonsteroidal anti-inflamitory drugs, for instance, are just one example. Further, stress may not directly cause ulcers, but has been found to exacerbate existing conditions that lead to peptic ulcers.
In the case of a nuclear weapons program, you want to destroy the facilities to make the weapons, not just knock out power lines.
They run everything from nuke plants to little benchtop lathes and aerospace applications. How this person decided that it *had* to be the Iranian nuke plant baffles me.
That's exactly what I first thought, that a country would use its resources (you RTFA'd, right?) to attack benchtop lathes around the world. It must be just a coincidence that the infection started in Iran and that 60% of infected computers are in Iran.
"Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
The mere fact that it's speculative does not make it a terrible article.
Considering the nature of the malware, the apparent difficulty of extracting information from it, and the sensitivity of the information already disclosed, I'd say it's a pretty fine write-up. It tells you what they know and can disclose, tells you there's more they can't disclose, and that there's still mroe that they know they don't know.
I mean seriously, hooray for forthright honesty here. No one is pretending to certainty that they don't have, which puts it in the top 1% of journalistic articles right there.
With reasonable men I will reason; with humane men I will plead; but to tyrants I will give no quarter. -- William Lloyd
What does this say about reactor safety system design?
Nothing, because the entire scenario (adjust parameters...meltdown) is a fiction that exists exclusively inside your head.
The reactor is a Russian PWR that follows contemporary design principles and has parity with western reactors. The ECCS is not subject to the exclusive control of vulnerable PLCs. Safety systems aren't networked together in Ethernet broadcast domains waiting for stuxnet infections. Worst case; control rods can be inserted manually and feedwater/HPCI/LPCI pumps activated manually regardless of the state of any given PLC. The manual controls on these safety systems are deliberately simple for a reason.
Maybe a really clever attack designed to confuse operators into making the wrong decisions (see TMI-2 1979) could produce core damage. This still isn't some containment free RMBK graphite bomb reactor like Chernobyl. Contained PWR designs are more forgiving; they don't contaminate things even when they do melt down.
Maw! Fire up the karma burner!
I'm well aware of the differences between Persians and Arabs, and I'm aware that much of the Iranian population is Persian, though certainly not all of them.
But the government is not Persian, it is Arabic. Throughout their long history, Persians have repeatedly been invaded and conquered. Persia was first conquered by Muslim Arabs in 644. Many Persians refer to the 1979 revolution as the second Arab invasion of Persia.
The deposed Shah of Iran was a Persian. He was replaced with a Muslim Arabic government. This is the current ruling party of Iran, not Persians. The Persians aren't threatening to destroy Israel, Arabs are.
"Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
Seriously, wanting to persue peaceful nuclear power isn't an issue.
That's not the real issue here.
Hell, if they wanted warheads they could just BUY them.
Even if they could do so without the transaction somehow gummed up by the CIA, the Mossad, et al, buying nukes on the black market doesn't solve the problem from Iran's point of view. Iran wants to be able to homebrew these things and grow an arsenal. Buying the goods premade is more suited to a terrorist organization; a) bent on destruction of a specific target, and/or blackmail, b) without the resources (land, modern, standing armed forces, especially air & air defense) to build and protect fixed facilities.
I prefer rogues to imbeciles because they sometimes take a rest.
This could be an interesting topic, but unfortunately, it is turned into a pointless article spewing wild guesses.
yeah, the writer should have called up the Mossad, and asked to talk to the author so he could get some solid facts...
Really, what do you expect from a story about what is obviously a covert operation?
HA! I just wasted some of your bandwidth with a frivolous sig!
Iranians don't like to be called Arab because:
1. They aren't arab:
a. they aren't descended from the arabs; they aren't semitic, they are aryans (Iran = Ayran = land of aryans)
b. they don't speak arabic, they speak persian (called farsi in their language) which is an IndoEuropean language closer to English than arabic
c. Most arab muslims are sunnis, Iranians are Shiite
2. Iranians have sought to make themselves distinct from the Islamic Empire since about 500 years ago when they mostly became Shiite and revived the persian language and have since tried to revive their "Persian Empire" root. For example, at the beginning of the 20th Century a general took over, called himself King and claimed to be related to the ancient "Pahlavi" dinasty.
3. Because of this, Arabs are often portrayed in Iranian accounts of history as uncivilized crowds of destroyers that came to destroy the noble ancient Persian culture. So 20th Century Shah's saught to foment alliegience to the ancient culture rather than Mecca in an effort to secularize the country.
4. Secularization backfired in 1979 when the clergy took over power. However, the new clergy fancies itself the "true Islam" and still distinct from Arab Islam.
3. As a result of this, anti-arab prejudice runs deep among Iranians :)
Wouldn't the current president count? His mother is believe to be descended from Muhammad's bloodline. The VP, Mohammad-Reza Rahimi, is from Kurdistan Province. Many Kurds are also Arabs. I believe the Larijani family is also Arabic, descended from an Ayatollah.
"Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
Actually Saddam had claimed it to be operational quite a few times at that points. Israel attacked just after the last component that was absolutely necessary for it's operation was installed. Perhaps something similar is happening here ?
Ahmadinnerjacket is certainly not above lying.
"Persians aren't threatening to destroy Israel, Arabs are."
Persian inaction is consent. If the Persians view remaining as serfs under Arab masters to be a problem, they should revolt and kill all the Arabs.
The solution to being mastered by an ethnic enemy is ethnic cleansing.
"This post is an artistic work of fiction and falsehood. Only a fool would take anything posted here as fact."
I'm sorry, but your view of Iran seems very skewed and you're being modded as Informative when really you just seem to be voicing your own opinions.
Persia was first conquered by Muslim Arabs in 644.
One thousand, three hundred and sixty-six years ago, yes. I hardly think this comes into play in modern Iranian politics. The idea that there's some sort of insidious infestation of Arabism that has festered in Iran for over a thousand years seems pretty silly. Also, the idea that Iranians were converted to Islam by force has been mostly discredited.
Many Persians refer to the 1979 revolution as the second Arab invasion of Persia.
"Many" is a weasel word. The ones you've been listening to apparently believe that. But this interpretation ignores the fact that the 1979 revolution in Iran was largely a populist political revolt against a brutally oppressive regime backed by the foreign interests (the U.S.). Some people protested the societal changes that came with the new Islamic state, yes. But the vast majority welcomed it.
If Iran was "invaded by Arabs" in 1979 and everything since has been part of some big Arab conspiracy, how do you explain that the majority Muslims in Syria, Iraq, Jordan, Yemen, and Kuwait are Sunni, while Iran is a Shi'a republic?
And if Iran has been "invaded by Arabs" since 1979, how do you explain the events of 1980 when Iran was, oddly enough, invaded by Arabs? Iran fought a bloody war against Iraq for the next eight years.
And when Mahmoud Ahmadinejad talks about improving his countries ties with "Arab nations" and "the Arab world," what's he doing -- putting up a front for appearances' sake? Your comment elsewhere that his mother "is believed to be descended from Muhammad's bloodline" doesn't hold much water.
Likewise your comment that Larijani must secretly be an Arab because he's the son of an Ayatollah doesn't make sense either. You don't have to be an Arab to be a Muslim, and your insistence on conflating the two smacks completely of jingoism, despite what the other responder says.
Breakfast served all day!
You are wrong. They are Persian and speak Farsi predominantly. Arabic is a second language.
60 % of the Iran population is Persian, the rest is a mix.
Educate yourself.
Dude, Israel is not *that* evil. They just like poking the Palestinians with a stick by building settlements.
They just like pissing off the rest of the Middle East by existing.
The higher the technology, the sharper that two-edged sword.
The idea that there's some sort of insidious infestation of Arabism that has festered in Iran for over a thousand years seems pretty silly.
I doubt Persians feel the same way. Only 50 years ago Persians had a vibrant arts culture, with music and poetry. The Islamic Revolution put a stop to that. That's hardly ancient history.
"Many" is a weasel word.
What, like "mostly discredited"?
If Iran was "invaded by Arabs" in 1979 and everything since has been part of some big Arab conspiracy, how do you explain that the majority Muslims in Syria, Iraq, Jordan, Yemen, and Kuwait are Sunni, while Iran is a Shi'a republic?
I don't know enough about the region to provide an explanation for why the denominations of Islam are located where they are, but I never claimed conspiracy.
And if Iran has been "invaded by Arabs" since 1979, how do you explain the events of 1980 when Iran was, oddly enough, invaded by Arabs?
I don't see how that requires an explanation. Like you pointed out, Shia Muslims were fighting Sunni Muslims during the Iran-Iraq war.
Likewise your comment that Larijani must secretly be an Arab because he's the son of an Ayatollah doesn't make sense either.
I'm pretty sure I said "I believe", not "He must be". I could not find an answer for his ethnicity, only his parentage.
"Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
Its difficult to explain in a logical fact-based way why that perception might be the case (and I don't know enough locals to say one way or another) but Persians do dislike (hate?) Arabs. Persians feel their culture is superior to that of Arabs. The current regime has in the past and currently cracked down on certain cultural traditions that are not in line with Islam. This has been interpreted by some commentators as Arab cultural imperialism - and from there its not hard to see how an perception that their leaders are (culturally if nothing else) Arabic.
Control is an illusion, order our comforting lie. From chaos, through chaos, into chaos we fly