Slashdot Mirror

← Back to Stories (view on slashdot.org)

F-Secure Report: Another SCADA Attack in Iran — This Time With AC/DC

Posted by timothy on from the either-true-or-a-funny-movie-plot dept.

An anonymous reader writes "F-Secure antivirus company of Finland has reported receiving e-mails from an Iranian nuclear scientist, who says Persian uranium-235 isotope refining efforts have just been hit with yet another cyber strike. (Stuxnet, Duqu and Flamer-Skywiper being the previous iterations of the same Operation Project Olympic attack plan.) Last month, President Obama's staff has admitted to the New York Times that there is a joint Israel-U.S. cybermilitary operation was behind the mishaps Iranians have recently been suffering with their UF6 gas refining centrifuge systems in the Natanz and Fordo plants. This time, the unverified e-mail claims, a new Metasploit-based malware owns Iranian VPNs, causes fault in the nuclear plants' Siemens-based industrial control systems, and randomly starts to play AC/DC's 'Thunderstruck' aloud via the infected computers' speakers."

22 of 253 comments (clear)

  1. \m/ ( w ) \m/ by Quakeulf · · Score: 5, Funny

    Rock and revolt!

    1. Re:\m/ ( w ) \m/ by camperslo · · Score: 4, Funny

      Well there's really nothing to fear until people start getting Rick-rolled

  2. Thunderstruck by sageres · · Score: 5, Funny

    Sound of the drums
    Beatin' in my heart
    The thunder of guns
    Tore me apart
    You've been - thunderstruck

    1. Re:Thunderstruck by Anonymous Coward · · Score: 4, Funny

      Tore me apart

      To the authors of this hack: I see what you did there, I LOL'd, and I will never listen to that song again without thinking of a cascade failure :)

      You came, you saw, kicked its ass!

  3. Springsteen, weaponized. by gestalt_n_pepper · · Score: 4, Funny

    I would have gone for "Born in the USA"

    --
    Please do not read this sig. Thank you.
    1. Re:Springsteen, weaponized. by Muad'Dave · · Score: 5, Funny

      I would've gone with Hava Nagila.

      --
      Tiller's Rule: Never use a word in written form that you've only heard and never read. You will end up looking foolish.
    2. Re:Springsteen, weaponized. by Bill,+Shooter+of+Bul · · Score: 5, Insightful

      Yeah, but that song is about how bad the USA is at taking care of people, not how awesome it is to live here.

      --
      Well.. maybe. Or Maybe not. But Definitely not sort of.
    3. Re:Springsteen, weaponized. by Anonymous Coward · · Score: 4, Funny

      I would have gone with some Justin Bieber or Nickelback.

      The constitution forbids cruel and unusual punishment.

    4. Re:Springsteen, weaponized. by H0p313ss · · Score: 5, Insightful

      You only think that because you're thinking in english rather than the newspeak.

      Interstate running through his front yard and he think's he's got it so good. But ain't that America?

      As a Canadian I found it pretty funny at the time that the song not only charted but became an anthem for (clueless?) patriots.

      --
      XML is a known as a key material required to create SMD: Software of Mass Destruction
  4. disinformation? by Anonymous Coward · · Score: 5, Insightful

    This somehow seems like a disinformation campaign by the iranians. With the refinement Flame/Stuxnet had, it seems a bit too amateurish that all of a sudden the attack methods would become so much more primitive and obvious to the victims (I mean, seriously, playing loud music in the middle of the night?)

  5. RIAA vs US gov't by MoogMan · · Score: 5, Funny

    I hope the malware writers (or the US gov't) have agreed their license fees with the respective record companies, otherwise they'll find themselves in a world of pain!

  6. Bullshit by slb · · Score: 5, Insightful

    Yeah, so suddenly the guys who did a lot of work to be undetected will use Metasploit code and disclose their owning of the computers with an AC/DC song .... Methinks someone is not reaching his objectives and found a good scapegoat as an excuse... The alternative of course would be that script kiddies are owning Iran's nuclear researchs lab infrastructure ...

    --
    http://www.transparency.org
  7. Re:Awesome! by only_human · · Score: 4, Funny

    What other songs could the virus rock out with?

    How about rickrolling?

  8. Factual Corrections by Anonymous Coward · · Score: 5, Interesting

    I have a few bones to pick with the summary, of a factual nature. Corrections are in bold, I have not corrected the grammatical errors.

    "F-Secure antivirus company of Finland has reported receiving e-mails from an Iranian nuclear scientist, who says Persian uranium-235 isotope refining efforts have just been hit with yet another cyber strike. (Stuxnet, Duqu and Flamer-Skywiper allegedly being the previous iterations of the same Operation Project Olympic attack plan.) Last month, an anonymous member of President Obama's staff has allegedly admitted to the New York Times that there is a joint Israel-U.S. cybermilitary operation was behind the mishaps Iranians have recently been suffering with their UF6 gas refining centrifuge systems in the Natanz and Fordo plants. This time, the unverified e-mail claims, a new Metasploit-based malware owns iranian VPNs, causes fault in the nuclear plants' Siemens-based industrial control systems, and randomly starts to play AC/DC's 'Thunderstruck' aloud via the infected computers' speakers."

    I'm not saying the Times is wrong, but I don't trust their source completely. I also am not claiming he's wrong, but the press has a very bad habit of really fucking up critical details of technology-related stories. For example, I find it pretty hard to swallow that such an operation would only involve the US and Israel. It's all very convenient, and tidy, and in real life the real story is very rarely wrapped up in such a pretty little package. We certainly need at least an independent confirmation of the source's information.

  9. Pandora's Box by Anonymous Coward · · Score: 5, Interesting

    It's been opened.

    The US will not encounter foreign boots on the ground but cyber retaliation... and I promise it could get very ugly. As a former Network Admin, Accelerator Designer, and now Siemens Programmer I can tell you that these viruses can be turned back on us. Much of the world runs on Siemens programming. Oil rigs, chemical mixers, MRI scanners, food prep, power grids, water treatment, and manufacturing assembly of all kinds (right off the top of my head) all run on Siemens hardware/software and we don't have the ability to defend against it.

    However, I am not worried about Iran. It's China who already has their digital boots on the ground.

    1. Re:Pandora's Box by organgtool · · Score: 4, Funny

      Much of the world runs on Siemens

      My God! The world is covered in Siemen!

  10. Re:Awesome! by Zocalo · · Score: 5, Funny

    The Police's "Every Breath You Take (I'll be watching you)" should raise paranoia levels nicely.

    --
    UNIX? They're not even circumcised! Savages!
  11. Re:Awesome! by Quiet_Desperation · · Score: 5, Funny

    That might violate the Geneva Conventions.

  12. Re:Iron Man by Hsien-Ko · · Score: 5, Funny

    Too many women with too many pills?

  13. Re:Awesome! by fuzzyfuzzyfungus · · Score: 4, Funny

    Inertia might prevent this; but (if the virus has access to PLCs) rocking some unlistenable ambient industrial exclusively using PLC-controlled hardware being operated in a manner egregiously beyond its design specs would be fairly entertaining.

    A computer attempting the DJ-style turntable 'scratching' effect on a bank of ultracentrifuges would be fun while it lasted...

  14. Re:Iron Man by TWX · · Score: 4, Funny

    I think the parent comment meant the result, not the cause...

    --
    Do not look into laser with remaining eye.
  15. Re:Sarcasm! by Anonymous Coward · · Score: 5, Funny

    Indeed. I wonder how long until the RIAA and Co. will take until they send their regards for each computer playing to a group of people without licensing rights.