Slashdot Mirror

← Back to Stories (view on slashdot.org)

Stuxnet Worm Claimed To Be Devastating In Iran

Posted by CmdrTaco on from the new-same-world dept.

sciencewatcher writes "At debka.com, a website associated with intelligence communities focusing on the Middle East, the claim is made that Tehran this week secretly appealed to a number of computer security experts in West and East Europe with offers of handsome fees for consultations on ways to exorcise the Stuxnet worm spreading havoc through the computer networks and administrative software of its most important industrial complexes and military command centers."

12 of 390 comments (clear)

  1. Re:why don't they by Ant+P. · · Score: 3, Informative

    Or computer systems certified for safety-critical installations, instead of Windows which flat out says not to use it for that in the EULA?

  2. Treat anything from Debka cautiously by Motard · · Score: 5, Informative

    This site has a lot of seemingly tantalizing information, but a lot of it is BS. It reported that one of Saddam's palaces had huge glass covered aquariums where sharks would swim under your feet. Now that all the palaces have been 'visited', there have been no reports of any such thing.

  3. Re:So what's the word, people. by xaxa · · Score: 5, Informative

    (and which they most likely had to pirate because there are export restrictions against iran).

    For the US -- there's nothing stopping me selling computer software to Iran, unless that software is of military/nuclear/etc use (you can see the full details of what's not allowed here (the PDF)).

  4. Re:So what's the word, people. by Trevelyan · · Score: 5, Informative

    It's more likely to have been Israel.

    For example this story, note that its from 2009 but still make a pretty good description of how stuxnet works. Google or following the links on stuxnet news stories will bring up other possible links to Israel.

  5. Re:So what's the word, people. by chill · · Score: 4, Informative

    Crypto in U.S. law was removed from the munitions classification back in 1996 by then President Clinton.

    Shortly thereafter one of the exemptions granted was for open source. If the source code was freely available, you don't need an export license.

    --
    Learning HOW to think is more important than learning WHAT to think.
  6. Re:So what's the word, people. by gyranthir · · Score: 4, Informative

    For the US, Cuba, Iran, Syria, Libia and a bunch of other countries are under an embargo, where american companies cannot export to them...

  7. Re:why don't they by Hijacked+Public · · Score: 4, Informative

    You don't understand industrial control systems. It isn't Windows that does any safety-critical controlling, it is a PLC, which is the target of Stuxnet's payload. Stuxnet just happens to use Windows to propagate, which is a good choice because nearly all PLC programming and interface software is Windows only. Anyone this telented could have written a Linux worm that did the same thing, but it would have been ineffective because Linux is hardly ever connected to a Siemens PLC. Windows being a bottomless pit of zero days doesn't help, of course.

    --
    "Sacrifice for the good of The State" - The State
  8. Also by Sycraft-fu · · Score: 4, Informative

    Most modern reactor designs have a difficult time going critical. They are made such that if coolant goes away, they stop working. Depending on the kind of fuel you use you can set it up so that when the coolant goes away the excess heat causes things to spread out and thus the reaction slows. It gets hot, but not hot enough to melt down. Not fool proof, nothing is of course, but makes it pretty hard for things to go critical even in a worst case scenario.

    It also should be noted that often the SCRAM systems go beyond that. The rods will have springs behind them to force them in quicker, and there are usually secondary systems to drive them in as well, should the primaries fail.

    Over all, the world did a pretty good job learning from the problems of early reactors and it is pretty hard to cause a meltdown these days, with a modern reactor design at least.

    Do remember that the people who build these have a large vested interest in making sure they DON'T go critical, even in adverse situations. Safeties are taken seriously.

    1. Re:Also by BlueParrot · · Score: 4, Informative

      makes it pretty hard for things to go critical even in a worst case scenario.

      All power reactors in the world today go critical as part of their normal operation. That's why they can sustain a chain reaction. However, they are all designed in such a way that their criticality is not sufficient to allow the reactor to remain critical without the contribution from so called delayed-neutrons. These are neutrons emitted by the fission products some time after the fission event. It's because the release of these neutrons is much slower than the release of fission neutrons that it is possible to build a stable nuclear reactor. Without them the reactor would either be sub-critical and hence not produce any power without an external neutron source, or it would be prompt-critical, which pretty much means you would not be able to control the rate of the chain reaction rapidly enough to prevent dangerous power fluctuations.

      Modern pressurized water reactors typically can't go prompt critical, since the quantity of relatively low enriched uranium is too small.

  9. Re:Spreading havoc? by elrous0 · · Score: 4, Informative

    These models of PLC have a function block at OB 35 that automatically executes every 100 milliseconds. Stuxnet hides its own code at the beginning of this block (while also allowing the original code to run afterward). This allows it to mimic the original functions of the PLC, while it quietly runs in the background.

    --
    SJW: Someone who has run out of real oppression, and has to fake it.
  10. This is just pure lie, see proves below... by XARG · · Score: 5, Informative

    All this quotes are pure lies:
    search for "must expel Arabs and take" in
    http://en.wikiquote.org/wiki/David_Ben-Gurion

    search for "We must use terror, assassination, intimidation"
    http://www.camera.org/index.asp?x_context=22&x_article=775

    etc...

    some arab supported seem to just LOVE using lies as the best weapon.

  11. Re:Perhaps it's just me... by KevinIsOwn · · Score: 4, Informative
    Actual quote:

    We do not wish, we do not need to expel the Arabs and take their place. All our aspirations are built upon the assumption -- proven throughout all our activity in the Land -- that there is enough room in the country for ourselves and the Arabs.

    Go fuck yourself.