Slashdot Mirror
Stuxnet Worm Claimed To Be Devastating In Iran
sciencewatcher writes "At debka.com, a website associated with intelligence communities focusing on the Middle East, the claim is made that Tehran this week secretly appealed to a number of computer security experts in West and East Europe with offers of handsome fees for consultations on ways to exorcise the Stuxnet worm spreading havoc through the computer networks and administrative software of its most important industrial complexes and military command centers."
Do you think the US did this in an official capacity, an "official" capacity, or had nothing to do with it?
Living With a Nerd
I'm not a fan of quoting anything from a website whose motto is "We start where the media stop".
I scream. You scream. I assume that means we're both acquainted with the problem. We proceed.
Or something like that. Could get a bit scary, push comes t5o shove and all that. I wonder who will get hit with the retaliatory strike?
Alternatively, I wonder if this is the retaliatory strike?
You are in a twisty maze of little passages, all alike...
Best Slashdot Co
The first thing the Iranians will want to do is to re-release this thing into the west.
This could hurt.
This is DEBKA. Completely ridiculous website, riddled with disinfo.
Example:
Not only have their own attempts to defeat the invading worm failed, but they made matters worse: The malworm became more aggressive and returned to the attack on parts of the systems damaged in the initial attack.
'nuff said.
Of course, that does not mean Iran is not hit hard by Stuxnet - just that everything you read at this site should be taken with a big grain of salt.
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
My impression of Debkafile is that they have sources for just about everything they report, but that they are often used by various individuals and groups to get stories out there that are not true. On the other hand, every now and again, they break some story that every other news organization has ignored/missed because there are no solid sources, but once the story breaks, solid sources turn up. What that means is that if you see something on Debkafile, look around for other sources before you take it as true (although this may take some time).
The truth is that all men having power ought to be mistrusted. James Madison
It targets two specific models of Seimens programable logic controllers (by targeting the Windows software used to program those PLC's). PLC's are used to control very time-intensive industrial processes. Pretty much every power plant, nuke plant, modern manufacturing plant, etc. uses these, and they control very dangerous physical equipment. Reeking havoc with these processes can cause explosions, radiation leaks, major industrial accidents, etc. (it could even cause nuclear reactors to go critical). That's very bad stuff. Best case scenario, it could cause serious damage to equipment. Worse case scenario, it could cause significant lose of life.
In other words, tampering with a PLC can make things go BOOM. In 1982, the CIA purported did this with the Siberian pipeline, and the resulting explosion was so powerful it set off missile launch alarms in the U.S.
SJW: Someone who has run out of real oppression, and has to fake it.
Go ahead and mod me down, but it's only a matter of time before this happens again. You either accept the liability and put your trust in microsoft for patches, or do something else. It's not a stretch to expect more of the same.
"At the same time, the company said it would not patch Windows because doing so would cripple existing applications."
http://www.computerworlduk.com/news/applications/3236953/microsoft-confirms-unpatched-vulnerabilities-in-key-enterprise-programs/
"The security firms also notified Microsoft of two other unpatched bugs that the Stuxnet worm exploited"..."Microsoft said last week. It has not set a timetable for the fixes, however."
http://www.techworld.com.au/article/361843/microsoft_confirms_it_missed_stuxnet_print_spooler_zero-day
"was first identified by information security researchers in June"
http://www.gartner.com/DisplayDocument?doc_cd=207166&ref=g_homelink
boycott slashdot February 10th - 17th check out: altSlashdot.org
Having looked carefully at this worm (I'm preparing for a presentation on it at a local security conference), I can tell you it almost certainly wasn't written by one guy. It's the most complex piece of malware I've ever seen. It's written in three languages (C and C++ on the Windows side, MC 7 assembly language on the PLC side), it uses four different Windows exploits and two stolen code-signing certificates from companies in Taiwan (both of which read as legit until just recently), and it has one of the most aggressive and clever rootkits I've ever seen. And that's not even getting into how it can update itself. Unless said disgruntled employee was the goddamn jedi master of hackers in addition to his day-job, I would say this is definitely a major team effort (a very specialized team).
SJW: Someone who has run out of real oppression, and has to fake it.
Any modern-day reactor should have an out-of-band method of SCRAMing that doesn't rely on computer control of any sort. A common approach is to have control rods held physically over the nuclear fuel by electromagnets. If power is cut to the electromagnets for any reason then gravity drops them into place and the reaction ceases. If monitoring systems don't automatically cut power to the SCRAM system then it would just take a worker pushing a button. Heck, they may even have fuses located around the reactor that would melt in the presences of excessive heat or the presence of radiation, causing power to the magnets to be cut. So the likelihood of a computer worm causing a meltdown is highly unlikely unless the Iranians are stupid enough to disable the SCRAM system.
Too bad, so sad. Beats a nuclear war between Israel and Iran.
You're frighteningly insane. If you think this would PREVENT a nuclear war, you need to think it through again.
1) Domestic reactors go Chernobyl due to well known virus
2) Source of virus is established, either credibly or not
3) Iran petitions the UN for military retribution/economic restitution/etc, and it get vetoed
4) Everyone chooses sides and WWIII begins
This isn't even close to being far-fetched. And before we assume '4' results in 'Iran vs Everyone', do understand that going against Iran means going against the freedom to live in something other than a third world nation. Power is relatively essential, and all things considered this virus is of a TERRORISTIC nature because it seeks to attack the civilian infrastructure to achieve political goals. Do you really to side with the terrorists?
Unsubstantiated?
"We must expel Arabs and take their places."
– David Ben Gurion, 1937, Ben Gurion and the Palestine Arabs, Oxford University Press, 1985.
"We must use terror, assassination, intimidation, land confiscation, and the cutting of all social services to rid the Galilee of its Arab population."
– David Ben-Gurion, May 1948, to the General Staff. From Ben-Gurion, A Biography, by Michael Ben-Zohar, Delacorte, New York 1978.
"If we thought that instead of 200 Palestinian fatalities, 2,000 dead would put an end to the fighting at a stroke, we would use much more force."
– Israeli Prime Minister Ehud Barak, quoted in Associated Press, November 16, 2000.
"I would have joined a terrorist organization."
– Ehud Barak's response to Gideon Levy, a columnist for the Ha'aretz newspaper, when Barak was asked what he would have done if he had been born a Palestinian
have a look at the whois for debka
Registrant:
DEBKAfile Ltd.
4, Hamaapilim St.
Jerusalem, 92545
Israel
why should anyone trust news about Arabic interests that is published by people living in Israel ?
it would certainly suit Israeli interests to discredit the security of Iran and its the kind of racism that
seems to be all too common in Israel .
Toodle-pip
Amias
[site]
The Air Force was recruiting hackers at DEFCON this year. The recruiter actually said they will take anyone, regardless of criminal record.
It seems reasonable that you wouldn't let criminal hackers work on your own defensive systems. So what *would* you do with them? You would develop offensive technology--that doesn't require the developers have any access to your own infrastructure.
A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
In any case, are you saying they don't have a right to defend themselves from Israel's IDF paramilitary terrorists?
The IDF are not paramilitary, they are Israel's military.
Is there any evidence that the IDF attacked Iran with this worm? No.
The notorious war criminal Ariel Sharon said that all Arabs should be exterminated (yes, I know the Iranians are Persians, not Arabs).
Alleged to be a war criminal by some. Never prosecuted.
And if Ariel Sharon said that, you correctly point out that it doesn't apply to Iran. Incidentally, Ariel Sharon hasn't been prime minister of Israel for many many years. In fact, he is in a coma, and has no influence on current affairs.
The present Israeli government seems to be doing a good job of herding the Palestinians into ghettos
Not true. There are many types of "Palestinians".
1. There are those who live in Israel and are citizens of Israel.
These people have Israeli passports, they vote, run for office (some are elected), and serve on the Israeli supreme court.
2. There are those who live in the West Bank and Gaza.
These people fall under the Palestinian Authority.
3. There are those that live in other countries.
If these people live in Arab countries, they are treated like dogs.
Plus, you need to define who Palestinians are, because that word predates the arrival of Arabs & Muslims to what is currently called Israel, Gaza & West Bank. If you are referring to Arab residents of the British Mandate of Palestine, then a Palestinian state exists - it's called Jordan.
And read the words of the current Palestinian Authority Chairman, Mahmoud Abbas (also called Abu Mazen). In the words of Abbas:
"I am among those who were born in the city of Tzfat (Safed). We were a family of means. I studied in elementary school, and then came the naqba [calamity, namely, the founding of the State of Israel - ed.]. At night, we left by foot from Tzfat, to the Jordan River, where we remained for a month. Then we went to Damascus, and then to our relatives in Jordan, and then we settled in Damascus.
"My father had money, and he spent his money systematically, and after a year, the money ran out and we began to work.
"The people's basic motives brought them to run away for their lives and with their property. These [motives] were very important, for they feared the violence of the Zionist terrorist organizations - and especially those of us from Tzfat felt that there was an old desire for revenge from the rebellion of 1929, and this was in the memory of our families and parents."
The "rebellion" Abbas referred to was a series of brutal Arab attacks on Jewish towns in the summer of 1929. Nearly 70 Jews were slaughtered in their homes in Hevron, 20 in Tzfat, 17 in Jerusalem, and others were murdered in Motza, Kfar Uriah and Tel Aviv.