Slashdot Mirror
A Finnish-Chinese Connection For Stuxnet?
Lingenfelter writes "I recently wrote a white paper entitled 'Dragons, Tigers, Pearls, and Yellowcake' in which I proposed four alternative scenarios for the Stuxnet worm other than the commonly held assumption that it was Israel or the US targeting Iran's Bushehr or Natanz facilities."
Since everyone else is taking credit, I might as well...
In which, i will blame stuxnet worm on late Marilyn Monroe.
Read radical news here
Israel is (by far) the most nervous about Iran's nuclear program, and already had one pre-emptive attack on a nuclear plant under it's belt that (in their worldview) was a resounding success and is a point of national pride.
So one of the drives targeted by stuxnet is manufactured in China...I hate to state the obvious, but what isn't?
On the presumption that this is some electronic device with a user-modifiable firmware (how else would the worm be able to modify it?) - what would stop Iran from taking an unaffected piece, dumping the firmware, and re-uploading it?
Do a clean reinstall of Windows, and you're set to go.
Is there something I am missing?
China is actually worrying about Irans nuclear ambitions but for different reasons than most of the west is. They arent worried too much about Iran attacking any of its interest but dont want to see US influence continue to grow in the region
Its already well established(and the leaked cables support this) that many of the other countries in the area are quite wary of Iran and its ambitions, and a nuclear armed Iran would give the US and these countries a rationale for increasing US presence and influence in the region. China does not see this as being beneficial in the long run as it sees the US as its biggest, and really only, potential rival. Therefore they are against a nuclear armed Iran but on the other hand Iran is one of Chinas biggest oil suppliers and it really does not want to piss them off. So Chinas position is to try to prevent Iran from getting nukes while at the same time looking like the `good guy`. They often times abstain when it comes time to vote on Iranian sanctions in the security counsel. This essentially gives them an out, they can continue to see sanctions and pressure put on the Iranian nuke program without looking like a bad guy to Iran. They can always tell the Iranians that they were worried about vague and unspecified reprecussions if asked why they didnt vote no.
Monstar L
Because they have visited, and some have stayed on, as well. They are amongst us now. Aliens. Believe it !! Or not. I won't tell. They'll lock me up and throw away the key this time !!
A spectacularly worthless summary.
Iran not only gets money but also Chinese coal in exchange for their crude oil that they sell to China. Now when Iran finishes their reactors, Iran needs less coal for making electric energy. But China will still need the oil. Thus they have to pay more for the oil. Even worse, the less coal Iran needs the less dependent they become on China, so they are more likely to sell thei oil to other countries.
Sabotaging the nuclear plants of Iran is a cheap way to sustain the co-dependancy between Iran and China.
"Most people who have followed the Stuxnet investigation know that the international headquarters for Vacon is in Finland, but surprisingly, Finland isn’t where Vacon’s frequency converter drives are manufactured. Vacon’s manufacturing plant is actually located in the Peoples Republic of China (PRC) "
Um. how is this surprising?
This will go against the entire business mantra, but if he is right the West really needs to pull back manufacturing of electronic devices and make more serious efforts to combat Chinese electronic warfare, because in this case they were either incompetent or simply didn't give a shit about collateral damage. Either option is exceedingly worrying,
From scarped cliff or quarried stone she cries "A thousand types are gone, I care for nothing, no not one."
Interesting article, which (indirectly) raises an even more interesting question:
If China was behind the StuxNet worm, why would they risk undoing all of their careful origin-obfuscation work by subsequently carrying out two high-risk meat-space operations against high-level Iranian engineers?
One possibility is that they simply didn't . Once the worm came to light, some other intelligence agency with a more direct way of handling things may have decided to seize the opportunity to increase the worm's lifespan by eliminating the people most likely to stop it.
If two different parties were behind the worm and the assassinations, TFA's China theory might indeed be plausible.
A conspiracy theory, particularly one which is as convoluted and as baseless as this is, does not gain any magic credibility if the loony that devised it happens to write it down in a document which then proceeds to refer to it as a "white paper". I understand his desperate need to sell his little pet conspiracy theory on the authoritativeness of the "white paper" label alone but that doesn't make it any more true.
One of the world's most prolific spammers has hid out in Finland from time to time. While his hiding out there does not make an argument for Finland supporting his actions, it does suggest that it may be a place where computer criminals can hide out fairly effectively. Being as he was controlling a botnet from there to pump spam, it would not be hard to envision him using the same botnet to attack someone he views as an enemy - regardless of whether or not they have any negative affiliations with anything he does directly.
Of course if it really is Kuvayev - who makes most of his money selling counterfeit prescription drugs - he may actually be acting very short-sighted here. He may be concerned that radiation accident victims wouldn't want to buy his counterfeit viagra, while really he should be thinking of all the other drugs he could sell those people...
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
Iran needs nuclear weapons to be sure US and Israel wont invade. Those two knows that the minute Iran has nuclear weapons as a deterrent, they cant invade. This is an endless loop where Usrael says invasion is the only solution because Iran is trying to get nuclears to deter an invasion.
The only really path to getting Iran off the path to nuclears are that the US and Israel promises to not invade Iran. Since thats their goal they wont.
One can hope China will step in and assure the freedom of Iran from US/Israeli aggression and thus disarm the situation. Thus far China have taken a very laid back aproach to the rest of the world and tried to not interfere with other countries policies. Maybe the time has come to rethink that.
HTTP/1.1 400
That would be home made Kombucha.
But whoever mixed together Stuxnet had a very clear idea about the facility they were targeting. That's what makes this thriller so interesting.
Its already well established(and the leaked cables support this) that many of the other countries in the area are quite wary of Iran and its ambitions, and a nuclear armed Iran would give the US and these countries a rationale for increasing US presence and influence in the region. China does not see this as being beneficial in the long run as it sees the US as its biggest, and really only, potential rival.
A rival that is not only it's biggest market, who if it went bankrupt would render all the debt China purchased worthless.
Besides the attack has probably been devised using an operating system originating from Finland!
China is an intriguing idea as the source for the malware.. if you think about it, China's interests are in no way served by the nuclear ambitions of Iran and North Korea. Western military action against either could be disastrous for the status quo that China depends on, but equally they might not want to side with the west. So quietly sabotaging the nuclear programmes of either or both might be an example of Realpolitik - that is, practical politics that achieves useful results rather than grand gestures.
Never email donotemail@WeAreSpammers.com
China would be far more likely to imbed this in the motherboard or nic than to rely on USB as a delivery vehicle.
I think you need to include the
Stuxnet Israel Wikileaks connection that was anounced in the last couple of days
That the date of death (19790509 or 9th of May 1979) for a jewish martyr, lynched during the iranian islamic revolution is hardcoded in a registry key used by Stuxnet. QED
I don't see the Chinese ticking off a major oil supplier. China has nothing to win and much to lose in doing so. Stux (sounds like Tux) looks to me like the work of Nixie! Nixiepixel. Mother of All Evil.
I guess I found one point of reasoning in the article somewhat contradictory: that "Furthermore, in March 2010, China’s Customs ministry started an audit at Vacon’s Suzhou facility and took two employees into custody thereby providing further access to Vacon’s manufacturing specifications" ... but the first sample of the Stuxnet virus (which did contain a Siemens DLL) was found on June 2009 according to the Symantec dossier http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_stuxnet_dossier.pdf referenced in the paper of the article.
This virus may have been first seen in the wild in June 17, 2010, but apparently it's been around before that. Did China really only weaponize it that late in the game, post-March 2010? Or if it occurred before then, the whole March 2010 incident is irrelevant as to China's culpability, but mildly interesting in terms of indicating increased capability. I figure the article's author seems smart enough that he would recognize this so I don't understand if I'm missing something, or he's overly padding his argument with irrelevant-but-interesting datapoints and overlooked this logic, or if I should consider this as disinformation.
Other scenarios that I've wondered about along the way (admittedly more motive-based than evidence-based) :
* Israel routes many attacks or probes (not just this Stuxnet one but perhaps it also) through China (or Russia) because there are a lot of PCs there not-well-protected, their cyber-defense/tracing/auditing is weak(?), and it makes for a plausible cover story given the advanced capabilities, and is less likely to implicate its closest ally (US) and the explanation will serve its closest ally's interests (US fears against China and/or Russia just help with increasing defense budgets in the US thus providing more advanced weapons for Israel.)
* Stuxnet is really a coverup for a previous, perhaps-more-effective sabotage mechanism still-unveiled. Reasoning: as mentioned in the paper referenced by the article, Iran's Natanz's uranium-processing efficiency started to drop in 2008 for reasons still unknown/unrevealed. Let's posit that Stuxnet didn't arrive until later (true given the current evidence.) Iran, having not figured it out the true nature of its vulnerability/ies, now has a culprit that they appear to be eagerly investigating... but the attacker has led them to focus their attention and efforts on a vulnerability that is not the most significant one.
You leave a dog alone with a steak. When you later come back, the steak is eaten.
Who ate the steak? It could of course be anyone or anything. It could even be the FSM.
In all recent stuxnet-stories I've read on slashdot I've found a lot of comments (modded +5) beginning like this:
I don't know why everyone is so quick to assume it's {USA,Israel} behind this. It could be {Random country, the Yeti}...
Which is of course true. If you don't know who did it, you don't know who did it. BUT! That doesn't mean every possibility has the same probability.
Sometimes the obvious answer is the right answer.
Did you get the tungsten-carbide coated tinfoil idea from me?
Either way, how about going into business together?
There's money to be made from paranoid people..
Glenn Beck and talk radio do the prep work for us and we do Cha-ching!
I'm sure I could concoct any number of scenarios if I really wanted to. But Israel is far-and-away the obvious suspect--with the obvious motive, means, and opportunity. Of course, they could have been framed--but then so could have O.J. and pretty much every guy on death row. It all comes down to whether you want to accept the simplest and most obvious solution, or construct a big conspiracy theory because you're such an Israel fan that you just WILL NOT accept that they might have done something like this.
SJW: Someone who has run out of real oppression, and has to fake it.
There is no room for amateur speculators here.
In my professional opinion, the following are the most likely sources of Stuxnet (in decreasing order):
(1) snooki
(2) JWOWW
(3) the "situation"
(4) Pauly D
This operation was much more in the Israeli Character, than the Chinese one. Chinese are usually very unoriginal in the technology field ,and undaring and cautious in personality. That is why they copy everything created by the west, and do very little innovation of their own. They are not motivated to do vast clandestine operations, that does not directly benefet the careers of those in the comunist party. This is directly opposite of the israeli personality, thay seeks to be creative.
Regardless of who actually did the deed, chances are a lot of folks where involved by knowing what was happening and deciding not to say anything to the Iranians about it. Sometimes the most effective spying is when you known, but say nothing.
There are a lot of parties that stand to lose from a nuclear Iran.
"The problem with socialism is eventually you run out of other people's money" - Thatcher.
The sabotaged facilities were for mainting nuclear power, not for producing bombs. There's yet to survive any the evidince that Iran has a nuclear weapons program.
But China never cared about the US-imposed trade embargoes. They won't certainly start to care in the future. The leverage of the US is simply too weak on them, to force them to stop trading Oil with Iran, for example.
Less dependent on China's coal, is enough for Iran to buy less of China's coal, which is bad for China.
The reason China may export coal to Iran is not because they need to make money selling coal, but because they have to sell it to Iran in order to get the Iranian oil.