Slashdot Mirror

← Back to Stories (view on slashdot.org)

Stuxnet Worm May Have Targeted Iranian Reactor

Posted by CmdrTaco on from the stux-on-this dept.

yuna49 writes "Analysis of the Stuxnet worm suggests its target might have been Iran's nuclear program. "Last week Ralph Langner, a well-respected expert on industrial systems security, published an analysis of the Stuxnet worm, which targets Siemens software systems, and suggested that it may have been used to sabotage Iran's Bushehr nuclear reactor. A Siemens expert, Langner simulated a Siemens industrial network and then analyzed the worm's attack. Experts had first thought that Stuxnet was written to steal industrial secrets, but Langner found something quite different. The worm actually looks for very specific Siemens settings — a kind of fingerprint that tells it that it has been installed on a very specific Programmable Logic Controller (PLC) device — and then it injects its own code into that system."

7 of 322 comments (clear)

  1. Some people don't care how many others they screw by Anonymous Coward · · Score: 5, Insightful

    There's one non-secular country in the world that is famous for it's disregard for anyone but itself and its fundamentalist religious belief in their own specialness in the eyes of their own god, which they believe justifies their evil actions.

    The truth is some evil people will do anything for wealth and power.

  2. Re:So....the CIA wrote it? by Wyatt+Earp · · Score: 5, Insightful

    Nope, Israel.

    The Saudis, UAE or Qatar have strong interests in Iran not going nuclear, but military computer science stuff is going to be Israel, Russia, China or the US, my money is on Israel in this one.

  3. speculation anyone? by superstick58 · · Score: 4, Insightful

    Ugh, what a terrible article. There's no firm conclusions at all, just mindless speculation. Here's some gems: "The only thing I can say is that it is something designed to go bang" and "'If I had to guess what it was, yes that's a logical target' he said, 'but that's just speculation'"

    This could be an interesting topic, but unfortunately, it is turned into a pointless article spewing wild guesses. And the findings are to be submitted in a closed door security meeting? WTF? I guess we'll never know.

    I have programmed many PLC's in my day, but unfortunately not Siemens. Does anyone have experience with siemens that can comment on the mysterious operational block 35?

  4. Rrrriiight. by bmo · · Score: 4, Insightful

    Siemens PLCs are everywhere. Same with GE and others. They run everything from nuke plants to little benchtop lathes and aerospace applications. How this person decided that it *had* to be the Iranian nuke plant baffles me.

    How does he know that it wasn't targeted at various military targets? Iranian medium and short range missile installations also come to mind. Does he *have* the Siemens PLC configuration from the nuke plant in his hot little hands? Or does he even have the model numbers?

    Reading TFA, no.

    Peterson believes that Bushehr was possibly the target. "If I had to guess what it was, yes that's a logical target," he said. "But that's just speculation."

    Well, there you go. Nothing to see here.

    That's not to say that actual cyber-warfare is not happening, but to come out with wild-ass speculation and present it as newsworthy reminds me of Fox "News" and the rest of the Murdoch "empire."

    --
    BMO

  5. Re:So....the CIA wrote it? by erroneus · · Score: 4, Insightful

    Definitely. Using more conventional power generation technologies, they are a target for aerial bombing. If a nuclear power plant were to be bombed, any sort of disaster might occur making the bomber look extremely evil. (The only way they could hope to get away with it is to make the bombing look as if it came from Iran itself.) In any case, enemies would be less inclined to attack a nuclear power plant as opposed to conventional ones.

    As to who is responsible for the targeted malware? I can't imagine.

  6. Re:Smooth by interkin3tic · · Score: 4, Insightful

    Brilliant - let's get one up on the Iranians by messing with their nuclear reactor controls! What could possibly go wrong?

    Maybe less than would go wrong if Iran got the bomb?

    I don't know how likely that is, but I'm guessing whoever did this probably has a different calculus than I do for weighing the two, like (Iranian civilian deaths)= 0.1(own civilian deaths). So from their perspective, probably not much could go wrong.

  7. Re:Where did all the pseudo-/.ers go? by HiThere · · Score: 4, Insightful

    That's because it does. You just need to be a *little* slyer. (Not much.)

    This is one point where it really does matter what the target OS is. If your USB is vfat, then you can't have allow execute set to true. But if you use a properly targeted file system (say ext3), then you can set execution permissions. Or even just make it a tar.gz file, and when it's expanded, it ends up with execute permissions set. So you open a jpeg, and actually execute a script that opens the jpeg while executing something else in the background.

    (Allowing tar files so set the execute permission is a big weakness...and a vast convenience. But that should require running a separate script or chmod with root permissions.)

    --

    I think we've pushed this "anyone can grow up to be president" thing too far.