Slashdot Mirror
Stuxnet Worm May Have Targeted Iranian Reactor
yuna49 writes "Analysis of the Stuxnet worm suggests its target might have been Iran's nuclear program. "Last week Ralph Langner, a well-respected expert on industrial systems security, published an analysis of the Stuxnet worm, which targets Siemens software systems, and suggested that it may have been used to sabotage Iran's Bushehr nuclear reactor. A Siemens expert, Langner simulated a Siemens industrial network and then analyzed the worm's attack. Experts had first thought that Stuxnet was written to steal industrial secrets, but Langner found something quite different. The worm actually looks for very specific Siemens settings — a kind of fingerprint that tells it that it has been installed on a very specific Programmable Logic Controller (PLC) device — and then it injects its own code into that system."
Looks like national cyber security is about to get a much higher priority than copyright protection.
One of the most effective ways to penetrate a company is to drop a couple of USB sticks in their parking lot with some "special" autoinstalled software. Someone sees it, picks it up, takes it in side and plugs it in to see what's on it. A few boring things, maybe a naked picture of someone, and a rootkit.
I've worked for a couple of companies which have had security audits performed on them that included hiring outside firms to do "social engineering" penetration tests to see how good the employees are about that sort of thing. It's strange... someone who won't be fooled by "we're from IT and need your password" sweet-talk and who would never open an attachment to an email will happily stuff a flash drive into their computer. The penetration testing firms tell me they almost always get a hit with the USB drive trick. (And, for the record, one of my companies passed the test, 100%. Woot! Let's not talk about the other, though...)
So yeah, physical devices > air-gap.
Everybody gets what the majority deserves.
Iran wants to provoke a conflict with Israel. It doesn't want to start one. There is apparently an Islamic sect that believes in their version of Rapture and they believe it will be triggered by Israel's attack on Iran. Iran cannot be the aggressor here - that's the belief at least. Iran will then be saved by the 12th Imam. And that's the Islamic version of Rapture.
"Our revolution's main mission is to pave the way for the reappearance of the 12th Imam, the Mahdi," Ahmadinejad said in the speech to Friday Prayers leaders from across the country.
http://analysis.threatswatch.org/2005/11/understanding-ahmadinejad/
There are a number of crazzy sites that "predict" stuff about him,
http://www.satansrapture.com/hitler2.htm
"Bush said: 'God said to me, attack Afghanistan and attack Iraq.' The mentality of Mr. Bush and Mr. Ahmadinejad is the same here - both think God tells them what to do," says Mr. Mohebian, noting that end-of-time beliefs have similar roots in Christian and Muslim theology."
http://www.csmonitor.com/2005/1221/p01s04-wome.html
Iran will not start hostilities :)
Apparently you have never called an Iranian "Arab". Iranians take it personally.
Iranian's don't like being called Arabs; A) They are Persians, B) They feel proud being associated with the Persian empire and the culture they inherited.
In fact, during my miss-fortunate discussion calling an Iranian an Arab, I felt the individual almost felt insulted.
It is the developer's tools available.
The 'mission critical control system' in this case is a PLC, which directly controls the equipment. It doesn't even require that any consumer computer be involved for that to happen, although they often are to provide for data collection or operator interfaces or the like.
But to get the PLC to control the hardware a person has to write logic for it, which was probably done in this case with Simatic S7, which is Windows only. The bulk of the above mentioned interface and data collection packages are Windows only as well.
With a good design an industrial control system, because it is the PLC that does the work, will run along just fine even if PC based nodes crash. The new development with Stuxnet is that the virus is running on the PLC itself.
"Sacrifice for the good of The State" - The State
It seems like you've been drinking too much media Kool Aid without bothering to do your own research or critical thinking. All well thought out analysis points to Iran wanting nuclear weapons as a defensive measure. Despite what you see portrayed on television, the Iranians are a bit smarter than you seem to give them credit for. Nuking Israel would result in the total annihilation of Iran. Even if they manage to get a nuke to Hamas, nuclear forensics are very advanced these days and it would be traced back to Iran.
It seems like you've been drinking too much media Kool Aid without bothering to do your own research or critical thinking. All well thought out analysis points to Iran wanting nuclear weapons as a defensive measure. Despite what you see portrayed on television, the Iranians are a bit smarter than you seem to give them credit for. Nuking Israel would result in the total annihilation of Iran. Even if they manage to get a nuke to Hamas, nuclear forensics are very advanced these days and it would be traced back to Iran.
Nuclear weapons, by their very nature are NOT defensive. Land mines are defensive. Bunkers are defensive. Nuclear weapons are a means of attack, thus offensive.
Nuking Israel would result in the total annihilation of Iran.
All part of the big plan. The fifth imam, or whichever number he is, can not return until the "world" is destroyed, much as Jesus will not return until Israel is destroyed. The difference is that Christians are not trying to destroy Israel to hasten the Second Coming.
There is no "I disagree" mod for a reason. Flamebait, Troll, and Overrated are not substitutes.
Actually, I have seen some claims that it wasn't even based on military estimates as actual military estimates put the estimated loss of life for a mainland invasion at FAR LESS than the fanciful public numbers. Howard Zinn have a great talk on this called "Three Holy Wars".
Not to mention that the invasion of the mainland wasn't necessary, Japan was pretty much defeated before the first bomb dropped.
I liked Zinns way of asking what if we reverse the question and ask "What if we could end WWII right this moment, today, but to do it, we would have to kill 100,000 American children." Why are japanese ok to kill but, Americans are somehow deserving of life?
I don't buy the whole us vs them meme. For me "them" is anyone who believes that fighting a war ever helped anyone.
-Steve
"I opened my eyes, and everything went dark again"
Yeah, that sounds familiar. Several years ago there was an article in National Geographic about Persia and the current Persians. It was a very interesting read, much of it talked about the ability to lie or deceive, which is a very important trait to have. Since Persians as a people have been conquered or invaded so many times, they have learned that they cannot speak openly about what they believe. They make a big show of being hospitable (and actually are), they smile and talk, but the people interviewed mentioned how this isn't actually what they're like. In private they're different, but in a culture that is constantly being invaded and attacked, they've learned that it is in their interests not to openly talk about what they really believe. No doubt many Persians harbor ill feelings towards Arabs and the religion they brought with them, they still see them as invaders.
"Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
What everyone including parent post has so far overlooked is that the announcement of this story is ALL BY ITSELF damaging to the Iran nuclear development effort.
Whatever the goal of Stuxnet might be, Iran must now spend time and effort checking whether all kinds of computer control systems include hidden time bombs... things that might do anything from overspinning centrifuges until they break to overheating core enough to warp the fuel rods and force their replacement. And the only sure way that Iran can proceed from this point is to replace all the PLCs with homegrown technology... but it would take them a decade or more to develop that technology on their own. I don't think they have any microchip manufacturing capability at all.
All this has been accomplished at the very low cost of publicizing a few factoids within a very suggestive framing in such a way that third parties are going to fall all over themselves to do further investigation in ways that can only magnify the perceived risks. This is a perfect con game. The more so because even if someone comes out and says its a con, Iran cannot afford to rely on that. Stuxnet might not even have a payload, but it will still cause the Iran nuclear effort months of delay. Long enough, probably, to lay the groundwork for Son Of Stuxnet, whatever that might be.
Will