Slashdot Mirror

← Back to Stories (view on slashdot.org)

Stuxnet Worm Claimed To Be Devastating In Iran

Posted by CmdrTaco on from the new-same-world dept.

sciencewatcher writes "At debka.com, a website associated with intelligence communities focusing on the Middle East, the claim is made that Tehran this week secretly appealed to a number of computer security experts in West and East Europe with offers of handsome fees for consultations on ways to exorcise the Stuxnet worm spreading havoc through the computer networks and administrative software of its most important industrial complexes and military command centers."

15 of 390 comments (clear)

  1. So what's the word, people. by Pojut · · Score: 4, Interesting

    Do you think the US did this in an official capacity, an "official" capacity, or had nothing to do with it?

    --
    Living With a Nerd
    1. Re:So what's the word, people. by MyLongNickName · · Score: 3, Interesting

      You might want to read about a similar feat performed by the U.S. Government here

      --
      See my journal for slashdot ID's by year. Mine created in 2005. http://slashdot.org/journal/289875/slashdot-ids-by-year
    2. Re:So what's the word, people. by GooberToo · · Score: 4, Interesting

      So access to windows source and Siemens PLC seems a must, so the really only leaves two suspects.

      Actually, access to Window's source absolutely does not seem a must. But regardless, obtaining it is likely trivial. I know I've seen references to it on the net before. Any student and/or spy attending any number of various universities have access to it. Accordingly, it has been periodically freed on the Internet.

      You're also missing the fact that Iranians themselves have reason to do this type of thing. Iranians, on average, are far more educated than the average American. Lots work in industry. They likely have no shortage of people who are fully capable and qualified to pull off such worms. Not to mention, politically speaking, they have almost endless justification.

      If you want to be honest about it, the Iranian people themselves are the number one group which have reasons to pull this off. Next are the Israelis, followed by other surrounding Arab nations, Europe, and then lastly the US, followed by lots of smaller, less interested parties.

      People seem to be in a hurry to forget that with the fall of Iraq, Iran now has center stage for regional power and authority. This is absolutely not acceptable to other Arab countries in the region.

    3. Re:So what's the word, people. by divisionbyzero · · Score: 2, Interesting

      Now if the worm in industrials plants result of industrial accidents that kill people, then clearly it would be an act of war, which would be pretty stupid because there are far more effective means of crippling infrastructure with far more primitive methods.

      Not if it is built into the side of a mountain, like, say, a nuclear fuel processing plant.

    4. Re:So what's the word, people. by thegameiam · · Score: 2, Interesting

      well said, with very minor nitpick: s/other Arab/Arab/ - whether Iraq is an Arab country (or Persian country) depends on who you ask, but I don't know of anyone with any knowledge of Iranian history who would call Iran an Arab country.

      I have no knowledge of who's responsible for the worm, but Steve Bellovin wrote about it very intelligently.

      --
      Need Geek Rock? Try The Franchise!
  2. Anyone else find that site a litte skeevy? by SlappyBastard · · Score: 2, Interesting

    I'm not a fan of quoting anything from a website whose motto is "We start where the media stop".

    --
    I scream. You scream. I assume that means we're both acquainted with the problem. We proceed.
  3. Cyber World War 2 and a Half... by wiredog · · Score: 2, Interesting

    Or something like that. Could get a bit scary, push comes t5o shove and all that. I wonder who will get hit with the retaliatory strike?

    Alternatively, I wonder if this is the retaliatory strike?

    You are in a twisty maze of little passages, all alike...

    --

    Best Slashdot Co
  4. DEBKA is totally unreliable. by Noryungi · · Score: 5, Interesting

    This is DEBKA. Completely ridiculous website, riddled with disinfo.

    Example:

    Not only have their own attempts to defeat the invading worm failed, but they made matters worse: The malworm became more aggressive and returned to the attack on parts of the systems damaged in the initial attack.

    'nuff said.

    Of course, that does not mean Iran is not hit hard by Stuxnet - just that everything you read at this site should be taken with a big grain of salt.

    --
    The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
  5. Re:DEBKAfile by Attila+Dimedici · · Score: 4, Interesting

    My impression of Debkafile is that they have sources for just about everything they report, but that they are often used by various individuals and groups to get stories out there that are not true. On the other hand, every now and again, they break some story that every other news organization has ignored/missed because there are no solid sources, but once the story breaks, solid sources turn up. What that means is that if you see something on Debkafile, look around for other sources before you take it as true (although this may take some time).

    --
    The truth is that all men having power ought to be mistrusted. James Madison
  6. Re:Spreading havoc? by elrous0 · · Score: 4, Interesting

    It targets two specific models of Seimens programable logic controllers (by targeting the Windows software used to program those PLC's). PLC's are used to control very time-intensive industrial processes. Pretty much every power plant, nuke plant, modern manufacturing plant, etc. uses these, and they control very dangerous physical equipment. Reeking havoc with these processes can cause explosions, radiation leaks, major industrial accidents, etc. (it could even cause nuclear reactors to go critical). That's very bad stuff. Best case scenario, it could cause serious damage to equipment. Worse case scenario, it could cause significant lose of life.

    In other words, tampering with a PLC can make things go BOOM. In 1982, the CIA purported did this with the Siberian pipeline, and the resulting explosion was so powerful it set off missile launch alarms in the U.S.

    --
    SJW: Someone who has run out of real oppression, and has to fake it.
  7. Re:Spreading havoc? by elrous0 · · Score: 5, Interesting

    Having looked carefully at this worm (I'm preparing for a presentation on it at a local security conference), I can tell you it almost certainly wasn't written by one guy. It's the most complex piece of malware I've ever seen. It's written in three languages (C and C++ on the Windows side, MC 7 assembly language on the PLC side), it uses four different Windows exploits and two stolen code-signing certificates from companies in Taiwan (both of which read as legit until just recently), and it has one of the most aggressive and clever rootkits I've ever seen. And that's not even getting into how it can update itself. Unless said disgruntled employee was the goddamn jedi master of hackers in addition to his day-job, I would say this is definitely a major team effort (a very specialized team).

    --
    SJW: Someone who has run out of real oppression, and has to fake it.
  8. Re:Perhaps it's just me... by Iphtashu+Fitz · · Score: 5, Interesting

    Any modern-day reactor should have an out-of-band method of SCRAMing that doesn't rely on computer control of any sort. A common approach is to have control rods held physically over the nuclear fuel by electromagnets. If power is cut to the electromagnets for any reason then gravity drops them into place and the reaction ceases. If monitoring systems don't automatically cut power to the SCRAM system then it would just take a worker pushing a button. Heck, they may even have fuses located around the reactor that would melt in the presences of excessive heat or the presence of radiation, causing power to the magnets to be cut. So the likelihood of a computer worm causing a meltdown is highly unlikely unless the Iranians are stupid enough to disable the SCRAM system.

  9. Re:Perhaps it's just me... by BobMcD · · Score: 3, Interesting

    Too bad, so sad. Beats a nuclear war between Israel and Iran.

    You're frighteningly insane. If you think this would PREVENT a nuclear war, you need to think it through again.

    1) Domestic reactors go Chernobyl due to well known virus

    2) Source of virus is established, either credibly or not

    3) Iran petitions the UN for military retribution/economic restitution/etc, and it get vetoed

    4) Everyone chooses sides and WWIII begins

    This isn't even close to being far-fetched. And before we assume '4' results in 'Iran vs Everyone', do understand that going against Iran means going against the freedom to live in something other than a third world nation. Power is relatively essential, and all things considered this virus is of a TERRORISTIC nature because it seeks to attack the civilian infrastructure to achieve political goals. Do you really to side with the terrorists?

  10. smells like more israeli racism than news to me by amias · · Score: 3, Interesting

    have a look at the whois for debka

    Registrant:
          DEBKAfile Ltd.
          4, Hamaapilim St.
          Jerusalem, 92545
          Israel

    why should anyone trust news about Arabic interests that is published by people living in Israel ?

    it would certainly suit Israeli interests to discredit the security of Iran and its the kind of racism that
    seems to be all too common in Israel .

    Toodle-pip
    Amias

    --
    [site]
  11. Re:Spreading havoc? by Lord+Ender · · Score: 5, Interesting

    The Air Force was recruiting hackers at DEFCON this year. The recruiter actually said they will take anyone, regardless of criminal record.

    It seems reasonable that you wouldn't let criminal hackers work on your own defensive systems. So what *would* you do with them? You would develop offensive technology--that doesn't require the developers have any access to your own infrastructure.

    --
    A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.