Slashdot Mirror

← Back to Stories (view on slashdot.org)

Stuxnet Was Designed To Subtly Interfere With Uranium Enrichment

Posted by Soulskill on from the well-thank-god-it-didn't-infect-my-pc dept.

ceswiedler writes "Wired is reporting that the Stuxnet worm was apparently designed to subtly interfere with uranium enrichment by periodically speeding or slowing specific frequency converter drives spinning between 807Hz and 1210Hz. The goal was not to cause a major malfunction (which would be quickly noticed), but rather to degrade the quality of the enriched uranium to the point where much of it wouldn't be useful in atomic weapons. Statistics from 2009 show that the number of enriched centrifuges operational in Iran mysteriously declined from about 4,700 to about 3,900 at around the time the worm was spreading in Iran."

20 of 334 comments (clear)

  1. The problem with computer sabotage... by Anonymous Coward · · Score: 5, Insightful

    ..is that you leave one hell of a forensic trail, and so lose the inevitable propaganda war that follows your activities....

    Having said that, I still welcome our variable but rapidly spinning overlords...

    1. Re:The problem with computer sabotage... by Anonymous Coward · · Score: 5, Insightful

      "...3) Why would they care about the public finding out? They were very careful to make sure it wasn't found for as long as possible, but once the Iranians know about it why would they care who else knows about it?..."

      Because international affairs are NOT like a Hollywood action film, where the hero blows the villain up in the last 15 minutes of action, and then rides off happily into the sunset with the girl. In real life actions have results. Look at the state the US got into on the international scene when all the stories about deception and torture in Iraq started coming out. Don't you think that the Iranians will present this as an act of war, and use it in every diplomatic conference for the next 20 years?

  2. Re:Resources, will, and motive by Chrisq · · Score: 5, Insightful

    There are only two nations with the resources, will, and motive to attack Iran's nuclear ambitions in this way: America and Israel.

    It figures that hegemony would lead either state to such an antagonistic stance.

    While I agree that they are teh most likely candidates, I think Russia and China would be quite capable of doing this too if they turned their mind to it. Probably the UK, France, Gremany and maybe India. All have both nuclear and computer technology

  3. This story by Anonymous Coward · · Score: 5, Funny

    This story made my head spin. Slowly at first, but then faster, than slower again.

  4. Re:Resources, will, and motive by ciderbrew · · Score: 5, Funny

    Budget cuts in Britain would put a stop to that sort of thing. We can't even get a James Bond film off the ground with American money!

  5. Too good to be true. by johncadengo · · Score: 4, Funny

    Can't wait for the movie adaptation. I heard they got a book in the works too???

    --
    My page.
    1. Re:Too good to be true. by Ihmhi · · Score: 4, Funny

      Hackers 4: One Half-Life To Live

      Starring Shia LeBeouf, Robert Pattinson, Michael Cera, Nicole "Snooki" Polizzi, and Megan Fox

      --
      Random Thoughts From A Diseased Mind (Not For Dummies)
  6. probably the commies by Trepidity · · Score: 4, Funny

    They're ideologically opposed to enrichment.

    --
    10 PRINT CHR$(205.5+RND(1)); : GOTO 10
  7. Re:frequency converter drives ? by dattaway · · Score: 4, Informative

    AC motors require these drives to get their speed. 60Hz would be about 1800 or 3600 rpm, depending how its wound. Most industrial drives can be programmed for 400Hz, which will spin the armature quite fast. Enrichment is like spinning glassware on a dentist's drill. Those frequencies at that high of voltage (480 volts typical) has a very high switching rate that requires exotic transistor designs. Given that these controllers aren't very common, say for a juice mixer, they can be tracked and sabotaged by the distributor quite easily.

  8. Re:Resources, will, and motive by dpilot · · Score: 5, Insightful

    It's equally likely neither Russia nor China would be very happy to see a nuclear Iran, but not want to be visibly seen discouraging them on the international stage. Stuxnet, lets either of them slow Iran's nuclear program, test a new concept of warfare, and leave the US and Israel holding the bad as "most likely." For them it's a win-win-win. Beyond that, intelligence orgainizations in the West now have a small taste of what someone else can do. It's going to keep the West in knots for a few years, hardening against "the last threat," while they've got the next threat now, and are working on the one beyond that.

    --
    The living have better things to do than to continue hating the dead.
  9. Re:Resources, will, and motive by makomk · · Score: 5, Informative

    I doubt that you would really need that many resources to do something like this.

    Aside from the problem that maxwell demon points out with the huge amount of secret internal information required, the attackers also obtained and used several zero-day vulnerabilities and driver signing certificates from two different hardware manufacturers. That's hardly trivial.

  10. Re:Resources, will, and motive by sigxcpu · · Score: 5, Informative

    I concur,
    Also note that whoever wrote the virus had very specific knowledge of the target.
    It would only act if more than 33 devices of one of two manufacturers were linked to one controller.
    It would act one way if the majority of the devices were from one manufacturer and do something else if there were from the other kind.
    I would guess that someone that worked there or someone that supplied parts to the project had a major hand in this.
    My guess would be that this is at least to some extent an inside job.

    --
    As of Postgres v6.2, time travel is no longer supported.
  11. Re:Resources, will, and motive by kestasjk · · Score: 5, Insightful

    I would not rule out Russia or China. Both have no interest in a strong Iran but every interest in an Iran that appears strong, since this ties and diverts US and Israeli attention and resources. It also sets a "benchmark" of aggression; as long as esp. China is less of a threat that Iran it can get away with quite a lot, barely noticed. A perceived Iranian nuclear threat can then also serve as justification for building missile defense systems and implementing other military measures that would previously have set off tensions with the Western nuclear powers.

    A simple case of cui bono?.

    Ugh.. This assumes that

    • Intelligence agencies will ignore other superpowers because they are distracted by Iran,
    • That continuing to enrich uranium is somehow more aggressive than ships sunk by North Korea, hostages taken by Somalian pirates, economic wars by China over a prisoner taken by Japan from a disputed island, etc, etc, etc
    • That Russia or China are smart enough to set this intricate double-trap just so that they can raise the "benchmark of aggression" but that other powers aren't smart enough to just continue to monitor other powers as always,
    • That China and Russia are secretly using Iran as a reason to build controversial missile defense systems when until recently that's exactly what the US was going do openly,
    • And that by launching this attack they are somehow keeping Iran weak while it still looks strong, when Iran's enrichment facilities are the subject of such intense scrutiny that when the attack occurred the "weakening" of Iran was apparent long before anyone in the public even knew of the attack

    I am just at a loss.. It really is like each response after the next is competing to think of a more convoluted, absurd way that someone you don't suspect could be involved in it.
    I fully expect to scroll down and see some justification for why it's internal industrial sabotage of one Siemens subdivision versus another, or Iran launching it against themselves to get international sympathy.

    --
    // MD_Update(&m,buf,j);
  12. Re:I don't know whats more worrying... by Viol8 · · Score: 4, Funny

    Well thats ok then. as long as its only CONTROLLED by it. Perhaps we should put Windows in avionic packages then, after all, it will only CONTROL the flaps and engines. Would could possibly go wrong?

  13. More details by jimmyswimmy · · Score: 5, Informative

    There's a lot more detail in the symantec virus "dossier". A very interesting and detailed read.

    --

    Just my $0.55 (US inflation, 1774-2008, for $0.02)
  14. Re:Resources, will, and motive by TapeCutter · · Score: 4, Funny

    "It really is like each response after the next is competing to think of a more convoluted, absurd way that someone you don't suspect could be involved in it."

    It was Boris in the library with a commodore 64.

    --
    And did you exchange a walk on part in the war for a lead role in a cage? - Pink Floyd.
  15. There are many (more interesting) questions left by kestasjk · · Score: 4, Informative
    • It contains code written in Visual Studio 2005 and 2008, compiled long times apart.
    • It required the theft of two digital certificates from offices of electronics manufacturers in Korea.
    • It would have needed a lot of expertise on a very particular type of industrial controller.
    • It is found most widely in Iran, and has countdown timer to reduce the spread of infected machines, so was probably launched there (and I can't imagine it's easy to hop over on a plane from Israel to drop off a bunch of infected thumbdrives in Iranian offices)

    On the other hand the project name was apparently "myrtus", an east-Mediterranean flower, and a hard-coded value for the disable-flag was the date of an atrocity Iranians perpetrated against some Jews (I can't remember the details off-hand, but it's all in Symantec's fascinating report)

    It's all totally speculative of course, and probably the least technically interesting thing about this worm is the question of the author. But even besides that the effort and diverse skillsets that must have gone into this thing I feel somehow diminishes the importance of asking "was it country A or B?"


    If you think the only question left is was it Yanks or Jews here's a couple that I would raise:
    Is there a lesson here about putting too much faith in signed drivers? How about asking what SCADA systems closer to home might be vulnerable? If this thing hadn't been so picky about which controllers it altered what could it have done?

    --
    // MD_Update(&m,buf,j);
  16. Re:BS by SandFrog · · Score: 4, Funny

    So, are we talking Stuxnet, or Iocane powder?

    --
    Contentment is the greatest wealth
    - Sukhavagga Dhammapada
    Contentment is the goal behind all goals.
  17. Re:I don't know whats more worrying... by hairyfeet · · Score: 4, Insightful

    You don't seem to be getting the point dude. i don't care if the things were running Win9X the point is there is supposed to be an AIRGAP which the Iranians didn't bother with. It could have just as easily been an old Linux that hadn't been patched in forever (because the levels of paperwork to approve patches on those kinds of machines I'm sure is immense) or an old System 9 Mac, it don't matter because again it is supposed to be AIRGAPPED.

    An airgap means that there is NO net access and ANY device that is supposed to be brought from the unsafe side to the safe side needs to be treated as hostile and go through several levels of screening if allowed at all. Now from what I understand these machines have online activation (dumb) and have default passwords that can NOT be changed (really dumb) and then on top of that the Iranians didn't bother to securely lock down this attack vector nor get rid of even basic weaknesses like USB ports (super dumb) so trying to blame this clusterfuck of errors on ANY OS when the security team wasn't doing their job is just a waste of breath.

    Hell you could put an unpatched XP RTM as the controller and not have a SINGLE problem if proper airgap procedures are in place. But saying "If they only used X!" with whatever OS, be it real time or off the shelf, ignores the fact this was a highly targeted attack. If they would have used a RTOS I'm sure there would have been attack code written for it because the Iranians simply weren't following good security practices.

    --
    ACs don't waste your time replying, your posts are never seen by me.
  18. Re:Every country, and a lot of corps could do this by mlts · · Score: 4, Insightful

    The key here is knowledge. The knowledge to write Stuxnet is extremely hard to get (the holes in operating systems, the ability to jump from Windows to SCADA systems, knowing what speed the uranium was spinning), but this may not be impossible for someone who has a lot of connections, perhaps someone whose family has nuclear process engineers.

    There are a lot of people and organizations who don't like either Iran or Israel, and who would happily eat popcorn as both countries went to war with each other. It could be a guy in someone's basement who gets amusement from it the same way someone gets amusement from cracking root and rm-ing / on a university system.