Slashdot Mirror

← Back to Stories (view on slashdot.org)

Stuxnet Struck Five Targets In Iran

Posted by CmdrTaco on from the behind-the-scenes dept.

Batblue writes "Researchers at Symantec said that the notorious Stuxnet worm targeted five separate organizations, and attacks against those objectives — all with a presence in Iran — started in June 2009, more than a year before independent experts raised the alarm."

11 of 59 comments (clear)

  1. Re:Watch for Falling Regime by nedlohs · · Score: 3, Informative

    Iranians aren't arabs, so whether something "makes arabs more or less inclined" is irrelevant to them.

  2. Just remember, everyone by wiredog · · Score: 3, Interesting

    "Cyberwar" is just a propaganda term, and doesn't really exist.

    Right?

    --

    Best Slashdot Co
    1. Re:Just remember, everyone by SimonTheSoundMan · · Score: 2

      Cloud war? That any better?

  3. Re:Well... by DigiShaman · · Score: 4, Insightful

    Of course, most anti-virus software is reactionary based off previous viri found in the wild. They're reversed engineered and a solution is rolled up into the next set of scheduled updates. Most of the time, anti-virus is good to have for the home user and/or small and medium business. But if your organization is explicitly targeted with custom code, most anti-virus software will do squat to help unless you provide them exploited code to reverse engineer.

    --
    Life is not for the lazy.
  4. Re:The nice thing about attacking Arab countries.. by oodaloop · · Score: 2

    Did Iran suddenly become an Arab country or something?

    --
    Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
  5. No solution by should_be_linear · · Score: 2

    Doing this kind of shit (and plain terrorist assassinations of physicists) only re-enforces Ahmadinejaad's power in Iran. It is not too difficult for state media there to display US, CIA and Israel as evil entities. So, this stupid "solution" to Iranian A-bomb problem actually made problem almost impossible to solve now.

    --
    839*929
    1. Re:No solution by Anonymous Coward · · Score: 3, Insightful

      You're assuming the US, CIA, or Israel did this. Iran has everything to gain while they're "developing" an atomic bomb; if they actually gain one the US will be forced to plant 3 carrier groups off their coast and bomb them into submission, and they know it. Since Stuxnet set their program back allowing them to continue in the "development" phase, and it gives a talking point to the Iranian government to blame the West for their piss poor economy strengthening their oppressive regime, it seems those who had the most to gain was the Iranian Government. I've always maintained this was a false flag operation.

      I mean, what does the US or Israel gain by unleashing stuxnet? If they want to stop the program, it would be far better to attack it. They can't do it as the world will condemn them (because Iran's stance has always been it's a peaceful nuclear power program to solve their energy problems), and while it's in development if they attack it then the various Muslim administrations can use that as a pretext to incite Muslims against the West even more, strengthening those regimes. It's in Israel's and the US's interests for Iran to complete the program, because then Iran is the evil one with WMDs and the West was forced to act in the name of world peace. From the beginning Iran had everything to gain from stuxnet, and the US/Israel had nothing to gain from it.

      People don't realize that this atomic weapon program of Iran's has always been an Ace in Iran's hand at the negotiation table, but it's not their only card. What happens if they develop a weapon? On their own, at best it's a low grade device, maybe 3-5 kilotons. And they would likely only get 1 - 3. They'd hurt Israel with that but they wouldn't wipe them out, and then the entire world would turn on them and Iran's government would be no more. However, the threat of developing a weapon has brought the 6 most powerful nations in the world to the negotiation table with them on numerous occasions, and gotten them all sorts of concessions and allowed them to play the major world powers off each other (US, Russia, and China all have different approaches to Iran). This is the same playbook used by Kim Jong Il, and it works beautifully.

  6. Re:1992 is calling it wants its virus back .. by Arker · · Score: 2

    You first paragraph is great. The second is insane.

    Any language which gives the programmer the power to write a good program, also gives the power to write a poor one. A language which was 'immune to exploitation' would be a language which was impossible to write a decent (non-trivial) program in as well. It would be so crippled that nothing of consequence could be done without invoking incredible overhead and redirection costs.

    Security is the job of the system architect first, the coder second, the user third. To create a system where all three can neglect their responsibility without consequence all three would have to be essentially neutered in favour of a god-like compiler that, even if perfectly executed, would still produce the most bloated object code imaginable. And then what happens when someone finds a flaw in the compiler itself? Instead of vulnerabilities affecting a single program, they would affect a whole class of programs, and even better, a class of programs likely exempted from normal oversight and limitations since they are presumed secure.

    The only entities that would benefit from that would be the hardware manufacturers (since you would need incredible hardware to run any non-trivial program produced in this way) and the crackers.

    --
    =-=-=-=-=-=-=-=-=-=-=-=-=-=-
    Friends don't let friends enable ecmascript.
  7. Re:Stuxnet can't be ignored by Coldmoon · · Score: 2

    "Then we can use appropriate measures to remove it from any systems that didnâ(TM)t detect it. Is this good enough for now? Too extreme? Other ideas?"

    You need to block and be able to reset/restore any effected system quickly as well. If you have to clean up afterwords, the deed/damage may already be done. Your idea of virtualization is a good one, but it does not go far enough, in that VMs are not security but simulation with potential for leakage in one form or another.

    Also, relying on AVs as your core protection ignores the fact that you are only going to snag 30% - 50% of the total population of potential malware on average; and when talking about critical industrial control systems, this represents and unacceptable level of risk. This means that you need to research a more robust, intelligent layering approach where the weaknesses in any given security measure/solution are backed up by the other solutions and control measures you use in the whole.

    So this would be virtualization with antiexecute/HIPS, System/image restore on the fly, and physical/policy restrictions on dangerous activities that could lead to infection. It is not enough to be reactive which has been proven over and over again.

    --
    Coldmoon over Dark water...
  8. Re:1992 is calling it wants its virus back .. by Arker · · Score: 2

    Thinking that the lack of ability to directly manipulate pointers makes better programs strikes me as very much like thinking that non-removable training-wheels would make better bicycles.

    Also I cannot help but laugh when I see people calling C++ a "low level" language. You realise the original "high-level" language was Assembler?

    --
    =-=-=-=-=-=-=-=-=-=-=-=-=-=-
    Friends don't let friends enable ecmascript.
  9. Re:1992 is calling it wants its virus back .. by Yaur · · Score: 2

    in C# you can manipulate pointers and p/invoke to unmanaged code for performance critical bits of your app... these are just not capabilities that are not needed for most problems.