F-Secure Report: Another SCADA Attack in Iran — This Time With AC/DC

An anonymous reader writes "F-Secure antivirus company of Finland has reported receiving e-mails from an Iranian nuclear scientist, who says Persian uranium-235 isotope refining efforts have just been hit with yet another cyber strike. (Stuxnet, Duqu and Flamer-Skywiper being the previous iterations of the same Operation Project Olympic attack plan.) Last month, President Obama's staff has admitted to the New York Times that there is a joint Israel-U.S. cybermilitary operation was behind the mishaps Iranians have recently been suffering with their UF6 gas refining centrifuge systems in the Natanz and Fordo plants. This time, the unverified e-mail claims, a new Metasploit-based malware owns Iranian VPNs, causes fault in the nuclear plants' Siemens-based industrial control systems, and randomly starts to play AC/DC's 'Thunderstruck' aloud via the infected computers' speakers."

\m/ ( w ) \m/

[Quakeulf]

Rock and revolt!

Re:\m/ ( w ) \m/

[camperslo]

Well there's really nothing to fear until people start getting Rick-rolled

Re:\m/ ( w ) \m/

[SomePgmr]

Noriega compound, Fallujah siege, Iranian computer systems... weaponizing AC/DC must work. ;)

Re:\m/ ( w ) \m/

[realityimpaired]

Noriega was Panama, not AC/DC.

And they should have gone with The Clash, not AC/DC this time... while the song Rock the Casbah was actually about a situation in Afghanistan, the situation in Iran today is very similar to the circumstances in Afghanistan that led to that song being written in the first place. :)

Re:\m/ ( w ) \m/

[SomePgmr]

They played more than one song it seems. I wasn't there.

http://nofearofthefuture.blogspot.com/2006/12/noriega-playlist.html

Re:\m/ ( w ) \m/

[gtall]

It could have been worse, how about Muskrat Love? That would have been truly diabolical.

Re:\m/ ( w ) \m/

[gtall]

Funny, that song mentions the Sheik (or the King, I forget which) calling out his jet fighters...pretty sure that wasn't Afghanistan, but then geography probably wasn't the Clash's strong point.

Re:\m/ ( w ) \m/

[sumdumass]

Maybe it will start playing white wedding then?
http://www.youtube.com/watch?v=x9j6DE6RnSk

Re:\m/ ( w ) \m/

[russotto]

It could have been worse, how about Muskrat Love? That would have been truly diabolical.

The penultimate album in the playlist is "Celine Dion's Greatest Hits". The final album is a custom mix including Memories, both the Streisand version and the Manilow version -- if that doesn't work, we go to DEFCON 1. Since these last two arguably violate the Geneva Conventions, they're to be used only in the direst extreme.

Re:\m/ ( w ) \m/

[Clived]

catchy tune :))

Re:\m/ ( w ) \m/

[drkim]

The horror.

The horror.

Re:\m/ ( w ) \m/

[Jeremiah+Cornelius]

These "cyber attacks" are criminal activity by the AmeriCIA/Israel government confab - directed against the LEGAL and compliant activity by a signatory of the non-proliferation treaty.

Israel is NOT signatory - and actually DOES produce weapons, in violation of international law.

So does India an NPT violator.

Who will stop these rogue regimes, that pursue their agenda, not through binding treaty obligations or courts of justice, but through rampant sabotage and a program of civilian assassinations?

Re:\m/ ( w ) \m/

[Mike+Buddha]

How is not signing a treaty, then not abiding by said treaty violating international law?

Re:\m/ ( w ) \m/

[sumdumass]

You forgot Pakistan and China in that ramble. You also forgot that the states who did sign the treaty and agreed to be bound by it, the same states who benefited from the signing of the treaties, only one is openly hostile towards another nation. Of course India and Pakistan are or was openly hostile to each other but they didn't sign.

Also, international law is not some imposing legal system that strips the sovereignty of nations just because a few states get together and declare something. Imagine if they got together and outlawed the Muslim religions or sodomy by declaration or something.

The states in question by your comment have to agree to be bound by the treaty creating the international law or defeated by force and subjected to the ramifications of it ex postfacto. Should one of these non bound countries become openly hostile against another country or threaten the use of Nuclear or Chemical and/or biological weapons, I'm sure the focus of the world will change a bit. Until then, crying that they aren't being troubled is a bit like saying, why am I being arrested for robbing the bank, banks get robbed all the time and those people don't get caught.

Re:\m/ ( w ) \m/

[RockDoctor]

the song Rock the Casbah was actually about a situation in Afghanistan,

I'd always thought that it was about Morocco carrying out internal repression around the time they were also invading and annexing, ummm ... Western Sahara? Long before any Western interest in Afghanistan.

[Wikis]

Oh, boring - just a smart-alek comment by their manager getting free-associated. How dull. I guess I'll just have sit back and enjoy the song for itself.

Re:\m/ ( w ) \m/

[camperslo]

Maybe it will start playing white wedding then?

Could a wedding help? Whatever happened to the ancient idea of a princess from one country marrying a price from another and then all the conflicts or religious differences being set aside?
(the modern movie version might have two princes, but whatever works?)

Best to stay away from those sections of religious texts where people do bad things to non-believers, and even their animals. Someone wrote about the section of the bible the other day, but got the spelling wrong "Dude Iran N' Me"

A while back Bill Moyers had a guest on with a different insightful perspective on evolution of religious beliefs and some things done bridging differing cultures. He has a book. He compares some behavior using gaming theory (zero sum acts versus not)

The Evolution of God by Robert Wright
http://www.pbs.org/moyers/journal/07172009/profile.html
http://www.youtube.com/watch?v=JisN9t504IU

something different than a hit tune, musically political
Gil-Scott Heron (passed away May 2011)
http://www.youtube.com/watch?v=kcHOq8i5Pyk

Thunderstruck

[sageres]

Sound of the drums
Beatin' in my heart
The thunder of guns
Tore me apart
You've been - thunderstruck

Re:Thunderstruck

Tore me apart

To the authors of this hack: I see what you did there, I LOL'd, and I will never listen to that song again without thinking of a cascade failure :)

You came, you saw, kicked its ass!

Of Ownership

"This time, the unverified e-mail claims, a new Metasploit-based malware owns iranian VPNs..."

Might as well have put "pwns" instead.

Iron Man

It sounds like Tony Stark may have had a hand in this one.

Re:Iron Man

[ackthpt]

It sounds like Tony Stark may have had a hand in this one.

What happens when Tony Stark/Iron man becomes infected by a virus?

Re:Iron Man

[RaceProUK]

But did he build it in a cave?

Re:Iron Man

[Hsien-Ko]

Too many women with too many pills?

Re:Iron Man

[TWX]

I think the parent comment meant the result, not the cause...

Re:Iron Man

[ShadowEFX]

The result of that many women will likely be pills...many 7-day courses of pills....

Re:Iron Man

[AragornSonOfArathorn]

It sounds like Tony Stark may have had a hand in this one.

What happens when Tony Stark/Iron man becomes infected by a virus?

Didn't you see Iron Man 2? Granted, it wasn't Tony Stark, but it was one of his suits.

Re:Iron Man

[Nom+du+Keyboard]

What happens when Tony Stark/Iron man becomes infected by a virus?

Her name is Jocasta and she's a wonderful AI.

Sarcasm!

[EliSowash]

That's quality craftsmanship, right there. In addition to delivering it's payload, the malware effs with with the target a little. Style over stealth FTW!

Re:Sarcasm!

[EliSowash]

...delivering it's payload...

*its....sheesh

Re:Sarcasm!

Indeed. I wonder how long until the RIAA and Co. will take until they send their regards for each computer playing to a group of people without licensing rights.

Re:Sarcasm!

No, you had it right the first time. The payload does belong to "it" so using an apostrophe to show possession is correct.

Sorry, but no. In the English language, possessive pronouns do not have apostrophes. Examples (the first word in each sentence is the possessive pronoun):

Her luggage was stolen.
His efforts were futile.
Its paint was fading.
Their team failed.

The word "it's" with an apostrophe is the contraction for "it is".
The word "its" without an apostrophe is the non-gender singular possessive pronoun.

English is a weird and convoluted language!

Re:Sarcasm!

[icebike]

Actually, playing the music, and calling attention to the exploit is a sign of kiddies at play, and nothing to do
with any professional or state backed efforts. Why would you reveal your exploit?

Its possible this is a diversionary tactic to hide something serious going on at different workstations. But I doubt it.
It could also be an inside prank, because unless you are there to see the panic ensue, why play music. But I doubt that as well.

The story is just as likely to be totally bogus: Unverified email form a nuclear scientist, Really!?, Like these guys get to send mail unguarded, un-scanned, un-censored?

Re:Sarcasm!

[icebike]

Oh, and here's an apostrophe for the punctuation police: '

Re:Sarcasm!

[penix1]

My thoughts exactly... Well played sir!

Re:Sarcasm!

[larpon]

its payload was sheesh kebab?

Re:Sarcasm!

[Citizen+of+Earth]

At $150k per virus copy made, Uncle Sam will owe even more $trillions than he does now. On the plus side, he'll be scrapping the 300,000x-actual-damages statutory award.

Springsteen, weaponized.

[gestalt_n_pepper]

I would have gone for "Born in the USA"

Re:Springsteen, weaponized.

[Muad'Dave]

I would've gone with Hava Nagila.

Re:Springsteen, weaponized.

[Bill,+Shooter+of+Bul]

Yeah, but that song is about how bad the USA is at taking care of people, not how awesome it is to live here.

Re:Springsteen, weaponized.

[fuzzyfuzzyfungus]

I would have gone for "Born in the USA"

A song chronicling the disillusionment of Vietnam veterans is probably not what the people who wrote that code are going for.

(Of course, a lot of people, including some politicians, seem to think that it's a pro-government patriotic song. Patriotic, maybe, but I'm guessing they never listened to anything but the chorus. Or perhaps the title.)

I'd like to think that 'Born in the USA' is considered patriotic because people are idiots; but I can never quite shake the nagging feeling that some of its proponents understand, and approve of, its celebration of America as a country where you can cynically throw away the human resources when they are no longer useful...

Re:Springsteen, weaponized.

[mounthood]

You only think that because you're thinking in english rather than the newspeak.

Re:Springsteen, weaponized.

[dpilot]

One side thinks their country can be the greatest place on Earth, and wants to work on the needed changes to get it there.

The other side thinks it already is, and doesn't want to change a single thing - only roll back some of the changes the first group has already managed.

I'd prefer to think that "Born in the USA" was cast in the first mold, because recognition is the first step toward fixing. Also, any citizen of any nation can take the first view, and probably should. But then I just might be a little biased.

Re:Springsteen, weaponized.

I would have gone with some Justin Bieber or Nickelback.

The constitution forbids cruel and unusual punishment.

Re:Springsteen, weaponized.

[H0p313ss]

You only think that because you're thinking in english rather than the newspeak.

Interstate running through his front yard and he think's he's got it so good. But ain't that America?

As a Canadian I found it pretty funny at the time that the song not only charted but became an anthem for (clueless?) patriots.

Re:Springsteen, weaponized.

[Mister+Whirly]

Someone probably should have explained this to Reagan as he wanted to use it for his campaign song in 1984. Maybe someone should have looked at the lyrics, and not just the title? Needless to say Springsteen did not allow his song to be used by Reagan.

Re:Springsteen, weaponized.

[X0563511]

Yea, well, when write a catchy hook saying something (in a non-sarcastic tone) patriotic, you've got no right to bitch and whine when the general public ignores the rest of it.

That's why you get anti-war songs used as title music for Vietnam War games, etc.

Make your message the hook, not the counterpoint, or you WILL be misunderstood.

Re:Springsteen, weaponized.

[slashmydots]

In case you didn't know, it was based 100% on the latest Iron Man appearance in The Avengers. He hacks speakers to play that song in the movie.
By the way, Persia? Did they do the research for the article in the Bible? Most other sources call it Iran now.

Re:Springsteen, weaponized.

[drinkypoo]

That's why you get anti-war songs used as title music for Vietnam War games, etc.

Uh no, you get anti-war songs used as title music for the Viet Nam War because that war is almost universally hated, despised, and regretted. When you play a game about that war you know what the outcome is and you know it won't be happy. Irony, it's not just for breakfast any more, but it is for your comment.

Re:Springsteen, weaponized.

[Sparticus789]

The real answer is obvious..... Soundtrack from Team America: World Police

Re:Springsteen, weaponized.

[jo42]

Some cRap or Hip Hop would do wonders.

Then wack them over the head with Celine Dion...

Re:Springsteen, weaponized.

[jason.sweet]

It seems to me that hook expressed the sentiments of many soldiers in the Vietnam War.

Re:Springsteen, weaponized.

[icebike]

Make your message the hook, not the counterpoint, or you WILL be misunderstood.

Had the hook been the main message the song would never have been played. How would that have served any purpose?

The idea was to get the song on every radio station, and sell records (and make money). It worked.

Once out there, people listen more closely, and when they do the message won't be misunderstood. That you still see it used today, inappropriately simply indicated people new to the song haven't yet listened to much beyond the hook. These are useful idiots, serving the song writer's purpose.

Now don't get me started on Pumped Up Kicks. Not after Aurora.

Re:Springsteen, weaponized.

[u38cg]

It seems a common issue. Look at the amount of airplay London Calling is getting on the back of a certain burger-advertising sporting event in East London.

Re:Springsteen, weaponized.

[Mister+Whirly]

In the US songs are covered under US Copyright laws already - they are basically considered written poetry. But those rights can be transferred and as such many of the people who originally wrote the words do not "own" them anymore. In this particular case Springsteen did own the rights to the song so had final say how it can be used.

Re:Springsteen, weaponized.

[sjames]

Nah, people will hear what they want to hear every time no matter what you do. Or they just won't notice at all. That's why they used "16 Tons" in the "Clean Coal" commercials. One might think that's not the message they want. Meanwhile, a pill commercial used a bit That's also why you have fundamentalists angry about a song where a man makes a deal with the devil and regrets it, calling to God for help.

Re:Springsteen, weaponized.

[The+Askylist]

That would be Neil Young, the Canadian?

Re:Springsteen, weaponized.

[Decker-Mage]

My personal favorite has always been "One Tin Soldier" by Coven. Most recognize it as the theme song to the movie "Billy Jack." Pretty poignant statement for anyone that's been in uniform.

Re:Springsteen, weaponized.

[sumdumass]

Iranians will proudly tell you they are Persian. One of the easiest ways to insult some of them is to call them Arabs. The Persia comment was probably borne from that.

Re:Springsteen, weaponized.

Uh no, you get anti-war songs used as title music for the Viet Nam War because that war is almost universally hated, despised, and regretted.

I wish that was true. All the conservatives I know are still pro Viet Nam War, especially the baby boomers. They live through it and will never admit they made the wrong choice. Many can't accept that "filthy hippies" might have been right about something. George W Bush defend what we did in Asia as an excuse for what he did in the Middle East.

I honestly wish there was some serious regret. People wouldn't be holding fake "pro troop" rallies in response to anti-war rallies.

Re:Springsteen, weaponized.

[drinkypoo]

I wish that was true. All the conservatives I know are still pro Viet Nam War, especially the baby boomers.

Well, all the conservatives I know are very much anti Viet Nam. The people I know who have been there either still don't know what we were doing there, or are very cynical and unhappy about it. Maybe the conservative people who hang out with you are assholes? If you absorb the medium you operate in, I can safely assume that they are anonymous and cowardly.

George W Bush defend what we did in Asia as an excuse for what he did in the Middle East.

You don't get to cite GWB except as an example of stupidity theater.

I honestly wish there was some serious regret. People wouldn't be holding fake "pro troop" rallies in response to anti-war rallies.

That's orthogonal to the issue of regretting Viet Nam. People who hold a "pro-troop" rally believing it's in opposition to an "anti-war" rally aren't necessarily either regretful about Viet Nam or not. What they are is stupid. If you want to support the troops you'll oppose endless war. Support the troops, bring them home.

Re:Springsteen, weaponized.

[H0p313ss]

But ain't that Mellencamp (not Springsteen)?
http://en.wikipedia.org/wiki/Pink_Houses

Correct, it just popped into my head when I saw the original post and the comment about newspeak.

Perhaps I should have explained more about how my brain doesn't work rather than just jumping in to quote another example.

Re:Springsteen, weaponized.

[H0p313ss]

... George W Bush defend what we did in Asia as an excuse for what he did in the Middle East.

I spoke about the ideological struggle that our Nation faces in the 21st century and the lessons we can draw from the advance of freedom in Asia in the 20th century. America's enduring presence and perseverance on that continent aided the rise of democracy, helped transform American enemies into American allies, and made our country safer.

I suspect he was referring to Korea more than Vietnam, but then he's not often considered as the clearest of thinkers.

Re:Springsteen, weaponized.

[drinkypoo]

So says Mr. drinkypoo. Right back at ya. If you absorb the medium you operate in, I can safely assume that you are full of ....

Alcohol. In this case, Hop Rod and Double Daddy. Wow, that sounds supergay. Awesome beers, though.

ROCK!

[LordGr8one]

Noriega has company now. This wouldn't be the first time the US has used rock music against its enemies.

Re:ROCK!

I'd still go for Wagner

Re:ROCK!

[CSMoran]

... or our old friend, Ludwig van.

disinformation?

This somehow seems like a disinformation campaign by the iranians. With the refinement Flame/Stuxnet had, it seems a bit too amateurish that all of a sudden the attack methods would become so much more primitive and obvious to the victims (I mean, seriously, playing loud music in the middle of the night?)

Re:disinformation?

[fuzzyfuzzyfungus]

Given that it is already de-facto-proven-even-for-official-purposes that the US has no qualms about fucking with Iran's computer systems, what would Iran have to gain by some sort of false-flag style thing?

If there were actually some lingering doubt about the US's willingness, I could see trying to score some points; but there really isn't. The explanations that it was either an attack pulled off by a much less sophisticated actor(hacking isn't totally newb stuff; but the list of people who can make trouble with metasploit is a whole hell of a lot longer than that of people who could pull off stuxnet or flame....) or by a sophisticated actor who found a relatively easy attack and thus has no reason to risk exposing any really cool exploits until the low-hanging fruit has been picked...

Re:disinformation?

[vlm]

More likely some poor bastard on the night shift was intentionally and willfully listening to evil mp3s he downloaded from the great satan over livewire, and when he got caught doing air guitar instead of whatever the hell a centrifuge operator does in his spare time, rather than taking the fall for it, commited yet another sin by blaming the CIA.

The disinfo part is I've worked in industrial plants on networks, and later for decades in companies with airgapped production and IT networks, and the first thing you do after the first infection is airgap IT and everything else you can away from production, then you disassemble production.

So the scales of upper management weigh:
1) On one side the ops when they're bored want to check facebook, email, and play angry birds online
2) On the other side the plant might be destroyed in an explosion that kills us all and the dictator will kill my family as punishment even though I'm already dead.

Yeah I can see how the local equivalent of mahogany row decided to leave plant equipment accessible. Yeah, totally realistic. Not PR BS at all. Uh huh.

Re:disinformation?

[AmiMoJo]

Well it's hardly a secret or cold war any more, so subtlety is no longer required.

Eventually Iran will retaliate and then all hell will break loose. Just hope they send viruses and not cruise missiles.

Re:disinformation?

[deKernel]

There is nothing tangible to gain in the sense that it helps prove one particular country was the source of the attack. What they are doing is causing doubts as to the progress, if any, in their program. Translation: we are talking mind games with analysis as to just where they stand in the development cycle. Plus, the people within the Iranian program can use this to cover their butts if they are running behind or have something worse happen like explosions at plants and such.
Make no doubt about it, though the leader of Iran is a nut job, not all behind him have his same sense of craziness.

Re:disinformation?

[sumdumass]

Or they could be watching for IP traffic and waiting for the accused to log in and see the chaos for themselves in order to detect and close holes in their systems.

Awesome!

[Quiet_Desperation]

What other songs could the virus rock out with?

"Stranglehold"
"Eve Of Destruction"
"Dogs Of War"
"Born In The USA"
Pretty much anything off Dark Side Of The Moon

Re:Awesome!

Something by Celine Dion.

Re:Awesome!

[only_human]

What other songs could the virus rock out with?

How about rickrolling?

Re:Awesome!

Just throwing this idea out there:

"I'll be honest with you, I love his music. I do. I'm a Michael Bolton fan! For my money, I don't know if it gets any better than when he sings, 'When A Man Loves A Woman'."

Re:Awesome!

[Teresita]

I study nuclear science
I love my classes
I got a crazy teacher,
He wears dark glasses.
Things are going great,
And they're only getting better.
I'm doing all right, getting good grades.
The future's so bright
I gotta wear shades.

Re:Awesome!

[Zocalo]

The Police's "Every Breath You Take (I'll be watching you)" should raise paranoia levels nicely.

Re:Awesome!

[doubleplusungodly]

How about something obnoxious like "America, Fuck Yeah" or "Trololol"?

Re:Awesome!

[Quiet_Desperation]

That might violate the Geneva Conventions.

Re:Awesome!

[magarity]

No, no, no, you're thinking all wrong. Iran is a strict Islamic state. Songs to play over their nuclear program's computer speakers include:
"Girls Just Want to have Fun" by Cyndi Lauper
"Erotica" by Madonna ...etc

Re:Awesome!

[RaceProUK]

'Blame Canada'

Re:Awesome!

[MickyTheIdiot]

Hairstyles and attitudes... how to they relate?

Re:Awesome!

[fuzzyfuzzyfungus]

Inertia might prevent this; but (if the virus has access to PLCs) rocking some unlistenable ambient industrial exclusively using PLC-controlled hardware being operated in a manner egregiously beyond its design specs would be fairly entertaining.

A computer attempting the DJ-style turntable 'scratching' effect on a bank of ultracentrifuges would be fun while it lasted...

Re:Awesome!

[fast+turtle]

"If I Had a Hammer" by Peter, Paul, Mary

Latin Love of Mine by?

How about the standard disconnected/unreachable phone number "We're sorry, that number is unavailable. Please check your number and dial again." though I'd change the message to We're Sorry but God is Unavailabe. You can leave a message or Hang Up."

Re:Awesome!

[gman003]

Why not do something actually about nuclear war?

"Fight Fire With Fire" or "Rust in Peace... Polaris" might do nicely, as a sort of "hey, this thing you're building will kill millions of people, you know" message.

Re:Awesome!

[MarkGriz]

What other songs could the virus rock out with?

"America, Fuck Yea!"

Re:Awesome!

[Phrogman]

Armageddon
When you're Hot, you're Hot

Re:Awesome!

[HexaByte]

Even better, it should just open a browser to a porn site.

Imagine how well their research will go when all their top scientists are beheaded for being perverts under Islamic Law!

Re:Awesome!

[leonardluen]

i would be more impressed if they the music was coming from the centrifuges themselves. anyone can make a computer speaker play sound!

something like this ghostbuster theme on a tesla coil or imperial march of the floppies

Re:Awesome!

[maroberts]

Orchestral Maneuvers in the Dark (OMD) - Enola Gay

Re:Awesome!

[SonnyDog09]

I would have used The Who -- The Punk and the Godfather, which contains these lyrics....."Now you know that we own you."

Re:Awesome!

[AragornSonOfArathorn]

Dirty Deeds Done Dirt Cheap

Re:Awesome!

[Cyko_01]

Smooth criminal - michael jackson
"you've been hit by, you've been struck by, a smoooth criminal"...ok maybe not that smooth

Re:Awesome!

[SonnyDog09]

That's a nice angle. How about "We'll meet again" by Vera Lynn? Think of the ending scenes from Doctor Strangelove.

Re:Awesome!

[funwithBSD]

Cities in Dust - Siouxie Sioux and the Banshees.

We found you hiding we found you lying
Choking on the dirt and sand
Your former glories and all the stories
Dragged and washed with eager hands

But oh your city lies in dust, my friend

Hot and burning in your nostrils
Pouring down your gaping mouth
Your molten bodies blanket of cinders
Caught in the throes .......

And your city lies in dust

Re:Awesome!

[garbut]

Thanks for those, check out HP ScanJet Ode To Joy

Re:Awesome!

[Bob+the+Super+Hamste]

Continuing the AC/DC theme I would have thought these would have been funnier:
"Dirty Deeds Done Dirt Cheap"
"Big Balls"

Re:Awesome!

[DroolTwist]

I celebrate the man's entire catalog.

Re:Awesome!

[mcgrew]

The army used Stranglehold against the Iraquis in the first Iraq war. They showed them on TV, the gunners firing their cannons with huge speakers blasting out the evil Nugent. And if your house gets in my way baby, you know I'll burn it down...

Your other choices, though... I don't know. Eve of destruction? That was an anti-US establishment, anti-war song. DSOM was also anti-war "Forward!" He cried from the rear, and the front rank died. The general sat, and the lines on the map moved from side to side

As someone else pointed out, Born in the USA was about the downfall of the US after Vietnam.

Re:Awesome!

[Quiet_Desperation]

When I first heard it on the radio as a kid a million years ago I thought on "done dirt cheap" they were saying "thunder chief".

Thought the song was about a train or the F-105 something.

Re:Awesome!

[Quiet_Desperation]

Yeah, I know, but I figured the virus payload is limited and would just play the "Born In The USA" bit over and over. :-)

As for the others, you're over thinking it. :-D

Re:Awesome!

[dwye]

Even better, it should just open a browser to a porn site.

Imagine how well their research will go when all their top scientists are beheaded for being perverts under Islamic Law!

Don't be too sure. All the Al Quaida (sp?) computers are supposedly loaded with porn. After all, if the men get bad thoughts, it is the fault of the whorish Western women (which is why their women wear burkhas, rather than their men getting blinded for looking).

Re:Awesome!

[mcgrew]

As for the others, you're over thinking it

It's a fault of mine. My mom used to tell me "Steve, you think too much."

RIAA vs US gov't

[MoogMan]

I hope the malware writers (or the US gov't) have agreed their license fees with the respective record companies, otherwise they'll find themselves in a world of pain!

Re:RIAA vs US gov't

[captainpanic]

First thing I thought too, lol.

There's something comforting about it though. Even when employed by the government, hackers are just hackers. :-)

Re:RIAA vs US gov't

[Quiet_Desperation]

No worries. The Men In Black have already paid the industry lawyers a little visit. A courtesy call, if you will.

Re:RIAA vs US gov't

Sovereign immunity, biatch.

Re:RIAA vs US gov't

[gmuslera]

Thats the genious part of the attack. Those infected computers were found playing unlicensed music, the RIAA will sue them overseas. Is a blended attack, not only just hack them, but also take out all their money.

Re:RIAA vs US gov't

[Sulphur]

The playing of that music is the actual damage action because it is then clear that those infected facilities will be attacked by the RIAA fur unlicensed music playing.

How many bummers does the RIAA have?

Escalating the war

[SJester]

If Iran continues its weapons program the virus escalates to playing "Rock the Casbah."

Re:Escalating the war

[SJHillman]

And if all else fails, it goes to "The Final Countdown"

Re:Escalating the war

[MickyTheIdiot]

how about Two Suns in the Sunset?

We didn't start the fire

[gmuslera]

Will be amazing the variations of the "Cyberwar, wrong" message from the government in the next months/years, specially every time a hack widespreads or they want to catch even more private information from people of all countries. The key to be the victim in any conflict is dismiss/deny every time you were the attacker.

Bullshit

[slb]

Yeah, so suddenly the guys who did a lot of work to be undetected will use Metasploit code and disclose their owning of the computers with an AC/DC song .... Methinks someone is not reaching his objectives and found a good scapegoat as an excuse... The alternative of course would be that script kiddies are owning Iran's nuclear researchs lab infrastructure ...

Re:Bullshit

[dbIII]

It's a dirty deed done dirt cheap.
If they are caught they'll only make it out with a bullet in the back.

Re:Bullshit

[zrbyte]

Yeah. My bet would be on script kiddies as well. This is just somebody trolling the Iranians. The US and Israel tried to stay undetected for as long as possible and in the mean time do as much damage as they possibly could.

Re:Bullshit

[RaceProUK]

Only with 5000% more talent :P

Re:Bullshit

[Bill,+Shooter+of+Bul]

Five thousand percent of an infinitesimally small number is still an infinitesimally small number ... ;P

Re:Bullshit

[leonardluen]

no, you see the US is just trying to unleash the RIAA's fury...hey those guys over there are playing your songs without paying! sic em boy!

Piracy

[doubleplusungodly]

I wonder what the RIAA thinks of all these copies of 'Thunderstruck' on the Iranian computers. If it wasn't the US government making this malware they'd probably demand a license fee for each playing of 'Thunderstruck' on a computer in Iran.

Factual Corrections

I have a few bones to pick with the summary, of a factual nature. Corrections are in bold, I have not corrected the grammatical errors.

"F-Secure antivirus company of Finland has reported receiving e-mails from an Iranian nuclear scientist, who says Persian uranium-235 isotope refining efforts have just been hit with yet another cyber strike. (Stuxnet, Duqu and Flamer-Skywiper allegedly being the previous iterations of the same Operation Project Olympic attack plan.) Last month, an anonymous member of President Obama's staff has allegedly admitted to the New York Times that there is a joint Israel-U.S. cybermilitary operation was behind the mishaps Iranians have recently been suffering with their UF6 gas refining centrifuge systems in the Natanz and Fordo plants. This time, the unverified e-mail claims, a new Metasploit-based malware owns iranian VPNs, causes fault in the nuclear plants' Siemens-based industrial control systems, and randomly starts to play AC/DC's 'Thunderstruck' aloud via the infected computers' speakers."

I'm not saying the Times is wrong, but I don't trust their source completely. I also am not claiming he's wrong, but the press has a very bad habit of really fucking up critical details of technology-related stories. For example, I find it pretty hard to swallow that such an operation would only involve the US and Israel. It's all very convenient, and tidy, and in real life the real story is very rarely wrapped up in such a pretty little package. We certainly need at least an independent confirmation of the source's information.

Act of War

They are seriously dancing around if this is an act of war. If Iran started hitting the US I suspect these actions would have a different spin. Of course the US is a super power so war with them is on a completely different level than the smaller countries.

Pandora's Box

It's been opened.

The US will not encounter foreign boots on the ground but cyber retaliation... and I promise it could get very ugly. As a former Network Admin, Accelerator Designer, and now Siemens Programmer I can tell you that these viruses can be turned back on us. Much of the world runs on Siemens programming. Oil rigs, chemical mixers, MRI scanners, food prep, power grids, water treatment, and manufacturing assembly of all kinds (right off the top of my head) all run on Siemens hardware/software and we don't have the ability to defend against it.

However, I am not worried about Iran. It's China who already has their digital boots on the ground.

Re:Pandora's Box

[organgtool]

Much of the world runs on Siemens

My God! The world is covered in Siemen!

Re:Pandora's Box

[Kyont]

I've just got to imagine that when the German executives meet with the American sales team, to discuss market penetration of Siemens into new openings, that the American contingent spends most of their energy trying not to giggle.

Re:Pandora's Box

[jellomizer]

Much of the world runs on Siemens programming.
This makes me very scared.
Most of my experience is with Siemens Health Care Solutions. The fact that the world is running on Siemens makes me scared, outside the viruses. Just the POS quality Siemens puts out. I don't know how you people can sleep at night.

Re:Pandora's Box

[Da_Biz]

Organgtool: +42 to you!

Re:Pandora's Box

[DigitalSorceress]

Good thing we used Allen-Bradley controllers in our production lines at my previous job then. ;)

I'm with you on the China thing: In order to implement a bunch of data collection, I had to bridge the air gap we had between our production lines and our internal network... with a certain 5 letter brand name of routers which doubtless were produced in a Chinese factory.

On the plus side, the routers were not actually publicly exposed, so unless their backdoor "phoned home" and could work its way around the VLANs I set up, I think my former employer's production lines are relatively safe.

(We made stuff used in the manufacture of solar panels... nothing to do with Nuclear energy or weapons and the like)

Re:Pandora's Box

[DroolTwist]

Much of the world runs on Siemens programming. This makes me very scared. Most of my experience is with Siemens Health Care Solutions. The fact that the world is running on Siemens makes me scared, outside the viruses. Just the POS quality Siemens puts out. I don't know how you people can sleep at night.

After Organgtool's post, reading this just has me in hysterics. Siemens Health Care, viruses, quality. So much good stuff. wipes tears

The obvious question...

[jonwil]

Will the RIAA be sending the Iranian government a cease and desist notice for violating its copyright on the song?

Re:The obvious question...

Given that this is a song by an Australian band being played in Iran -- neither of which are countries known as the USA, the country where the Recording Industry Association of America has power -- given, in short, the complete absence of any link to RIAA ...

yeah, probably.

who is the IT guy there...

[zome]

at some point they need to learn how to secure their infrastructure. I mean, they know they are under attack, and still another virus get thru? It's gonna be suck working in IT dept over there right now. they're gonna be asked what went wrong and how to make sure it won't happen again. If I were them, I would start by put some glue in empty USB ports. Given that Stuxnex got into their system via USB memory stick so it doesn't sound too bad.

So close...

[DdJ]

I weep at the lost opportunity for rickrolling.

She Blinded me with Science

[maroberts]

Thomas Dolby

Coursera

[robi5]

Federal agents must be going through iranian IP addresses of the Cryptography course on Coursera.

Come again?

[Indigo]

> President Obama's staff has admitted to the New York Times that there is a joint Israel-U.S. cybermilitary operation was behind the mishaps Iranians have recently been suffering with their UF6 gas refining centrifuge systems in the Natanz and Fordo plants.

Remind me, when and where exactly did Obama's staff admit this? Is there anything at all besides one article with unsourced allegations?

No doubt the U.S. is behind behind this. But I'm getting damned tired of the shoddy journalism. I've seen so many claims that "the President has confirmed that the U.S. is behind the cyber attacks on Iraq nuclear facilities" with absolutely nothing to back them up. C'mon folks, stick to the facts.

Re:Come again?

[drinkypoo]

Besides. The obvious culprit here is Israel. They have the talent and motivation.

The US is just a spectator by comparison.

That's supposed to be some kind of joke, right? Israel wouldn't even still be there if not for our support, for good or ill.

You must admit it

This malware rocks. :-)

In five years

[rvw]

In five years time, Iran will have the best SCADA cyber security engineers in the world. I bet they will give this full priority. And when they have these skills, they have the skills to attack as well. Then think of what will happen. The US should better be sure that they are able to *destroy* those machines, so Iran cannot use them to test, otherwise... And how about Germany and Italy - are they still delivering systems to Iran? I wouldn't be surprised!

Re:In five years

[ceoyoyo]

Or perhaps Iran will discover air gap security and desoldering USB ports.

The hardware in a secret nuclear plant is hackable over the Internet (or by spreading around USB drives)? Seriously?

Re:In five years

[inasity_rules]

They're running Siemens. A stupid, though common mistake. Siemens claim to sell PLCs, but in reality sell general purpose CPUs with craptacular software and specs. It is redundant to hack a Siemens system, since I'd be surprised if it were stable without the virus. I'm not talking out of my arse here, I have used toshiba, omron, siemens, Mitsubishi and even Rockwell PLC and scada systems. While toshiba comes close (good hardware, windows 3.1 era software), nothing sucks harder than Siemens. Microsoft has nothing on them. And never did.

If true, it's very bad news

[guanxi]

If it is true, it's bad news:

Assuming that the Stuxnet/Flame attackers are trying to avoid being detected and are not announcing their presence with cheap pranks, the report, if true, would mean someone else has broken into Iranian nuclear weapons research systems, and that it's someone so unprofessional and unskilled that they are doing it as a prank.

Those systems may contain data that nuclear proliferators would love. If they are that insecure, then everything the Iranians have learned could spread rapidly.

Re:Government sponsored file sharing!

[vlm]

Hey government, so it's illegal when I share Thunderstruck with my friends, but it's OK for you to spend my tax dollars giving it away to douchebag weapons scientists who don't even like AC/DC? Whatever!

There's a pretty good analogy with automatic weapons in that I'm not allowed to "permanent loan" a buddy something shiny and fun without the tax stamp and going thru a FFL dealer, but foreign aid regularly delivers weapons to foreigners for free, even if the locals don't like the dictators thugs to be better armed. Its not all that unusual of a situation.

Pleading the Fifth: takings

[tepples]

The Fifth Amendment provides an exception to sovereign immunity, allowing copyright owners to recover "just compensation" for the U.S. Government's use of their works.

T.n.T

[fluffythedestroyer]

I would go with AC/DC - T.n.t. instead lol

Too Stupid To Be Believable

[Zamphatta]

This reminds me of April 1st. I highly doubt anyone using malware to slow down or halt the Iranians nuclear efforts, would do it in a way that makes them clearly realize they're infected with something. That's more of a newbie prank or a troll ("unverified email" should keep this story from being news), than a real attempt to stop anything. The whole reason Stuxnext & Duqu were so successful is because of their ninja-like quietness in the systems.

Countdown before the lawsuit

[Phrogman]

from the RIAA over the money due each time this virus strikes, I mean sheesh, that could amount to a lot of cash right? And the recording industry is hurting what with the trillions of dollars they say they are losing every year to piracy.
Or maybe thats the idea, they will sic the RIAA on the Iranians and save the US military the effort :P

Re:Parent Up

(AC because I'm posting at work)

So from home, you would have posted as DC? :-)

Junis, is that you?

[Thud457]

(AC because I'm posting at work)

I wish I could use some of my mod points to mod parent up. "Using (or having insiders create) multiple 0-days for Stuxnet" vs. "Metasploit and proclaiming victory by playing a .mp3" show two completely different models of operating. There isn't anything like Defcon or Black Hat going on this week, is there? ;)

(DC because I'm posting from my C64 on battery power from Afghanistan)

no

Re:How to look like asses

[seanzig]

I know, right! These mean Americans/Israelis won't let those poor Iranian regime leaders build their nuclear bombs! I cry myself to sleep at night.

That's Not Right

[organgtool]

randomly starts to play AC/DC's 'Thunderstruck'

Doesn't that violate the Geneva Convention's policy against torture?

GET YOUR SYSTEMS OFFLINE.

[Severus+Snape]

Idiots.

Hoax

[Culture20]

The dude's trying to convince the morality police that he wasn't blasting AC/DC. Remember to plug in the earphones next time!

Evergreen FTW!

[HiggsBison]

Evergreen!

Yes, sure, she has a pure, wonderful, beautiful voice, blah blah blah. But that's the point. In my experience, the notes she sings travel hundreds of yards down the corridor and infect everyone's office.

Play it over and over and over and over and over and ... people will be tearing their hair out. We could call it ... I don't know ... the Streisand Effect?

Man....

[Cosgrach]

is the R.I.A.A. going to be pissed. Good luck with that lawsuit.

lyrics?

[Jeffrey_Walsh+VA]

The words to a single song comprise a single lyric.

Re:lyrics?

[Mister+Whirly]

Indeed. And to get a context for what a singer is all about, looking at more than one of their songs, you would probably want to look at lyrics, you know, the plural of lyric? If I were a politician wanting to endorse a particular artist, I would want to look at more than just the words to a single song.

Re:lyrics?

[sumdumass]

I doubt politicians are trying endorse a particular artist but rather ride the coat tails of their popularity or the catchy lyrics of a particular song. Its pretty much the same as how proms select their theme songs.

Hush Hush

[TimothyDavis]

What? What?

I can't believe that we tricked their accountant into installing the virus.

Oh... THAT AC/DC

[nighthawk243]

It isn't nearly as bad if it was the band... now if it was the other AC/DC, then it would probably be worse.

Time to charge

[Nyder]

The U.S. Government and Isreal Government for illegal performance of copyrighted materal.

Not The Same People -- Why Not Anonymous?

[Nom+du+Keyboard]

I would have to say that this attack is not the same people. They were never so obvious in telling you that you've just been pwned.

Instead of going after Australia for their data retention law (which is pretty small potatoes compared to a nuclear device in the hands of a rogue state run by religious fanatics) why hasn't Anonymous gone after Iran? Iran can't build their weapon without computers and Anonymous has been basically overall useless, if not annoying, since they gave up on attacking Scientology.

I can't deal with this

[steelyeyedmissileman]

<rant>

Stuxnet, Duqu and Flamer-Skywiper being the previous iterations of the same Operation Project Olympic attack plan.

This is not a complete sentence; there's no verb.

Last month, President Obama's staff has admitted to the New York Times...

We use present perfect tense for referring to events that happened at an unspecified time in the past. You can't use it when you specify that the event happened last month.

...there is a joint Israel-U.S. cybermilitary operation was behind the mishaps Iranians have recently been suffering with their UF6 gas refining centrifuge systems in the Natanz and Fordo plants.

The rest of this sentence is too long and complicated. In addition, it has two verbs. Compounding the problem, the two verbs have opposing tenses.

I really do dislike grammar nazis, and I try to avoid ever saying anything about errors since I make plenty myself, but these kinds of errors are hard to read and understand. Timothy, do you even read things before they get posted?!

</rant, hopefully forever.>

Seriously, I do appreciate what all the /. editors do. It's hard to parse through all the article submissions that you get and make sure everything makes sense. It's also hard for us to parse the posted article summaries when the grammar mistakes make one's head spin.

My request

[dgreer]

May I respectfully suggest "Hell's Bells" for version 2.0?

pysops

[schlachter]

Shit...owning your enemy's machines and blasting American music rather than quietly stealing their data...that's some serious psyops. They've got to be feeling vulnerable now.

team america

[schlachter]

Team America...Fuck Yea!

see, like the "Flying Elvises"!

[Thud457]

The Men In Black

They've cloned Johnny Cash?

Re:see, like the "Flying Elvises"!

[Quiet_Desperation]

OK, now they'll be paying *you* a courtesy call. Ya *had* to go blabbing!

Next version

[buybuydandavis]

Dirty Deeds Done Dirt Cheap!

Payment?

[craigminah]

I wonder if whoever did this arranged to pay AC/DC somehow or if the perpetrator stole copyrighted material. Hacking nuclear weapons facilities across international borders AND pirating a songs is a bad combination.

The RIAA and Iran

[Zcar]

On the same side of thing. Who woulda thunk it? Iran wants to get the virus writers because of the damage to their nuclear program, the RIAA for unauthroized use of songs.

You Really Want to Piss Them Off

[Greyfox]

Make their computers play Shel nonstop. Ugh I can't even think of that. It's too horrible!