F-Secure Report: Another SCADA Attack in Iran — This Time With AC/DC

An anonymous reader writes "F-Secure antivirus company of Finland has reported receiving e-mails from an Iranian nuclear scientist, who says Persian uranium-235 isotope refining efforts have just been hit with yet another cyber strike. (Stuxnet, Duqu and Flamer-Skywiper being the previous iterations of the same Operation Project Olympic attack plan.) Last month, President Obama's staff has admitted to the New York Times that there is a joint Israel-U.S. cybermilitary operation was behind the mishaps Iranians have recently been suffering with their UF6 gas refining centrifuge systems in the Natanz and Fordo plants. This time, the unverified e-mail claims, a new Metasploit-based malware owns Iranian VPNs, causes fault in the nuclear plants' Siemens-based industrial control systems, and randomly starts to play AC/DC's 'Thunderstruck' aloud via the infected computers' speakers."

\m/ ( w ) \m/

[Quakeulf]

Rock and revolt!

Thunderstruck

[sageres]

Sound of the drums
Beatin' in my heart
The thunder of guns
Tore me apart
You've been - thunderstruck

disinformation?

This somehow seems like a disinformation campaign by the iranians. With the refinement Flame/Stuxnet had, it seems a bit too amateurish that all of a sudden the attack methods would become so much more primitive and obvious to the victims (I mean, seriously, playing loud music in the middle of the night?)

RIAA vs US gov't

[MoogMan]

I hope the malware writers (or the US gov't) have agreed their license fees with the respective record companies, otherwise they'll find themselves in a world of pain!

Bullshit

[slb]

Yeah, so suddenly the guys who did a lot of work to be undetected will use Metasploit code and disclose their owning of the computers with an AC/DC song .... Methinks someone is not reaching his objectives and found a good scapegoat as an excuse... The alternative of course would be that script kiddies are owning Iran's nuclear researchs lab infrastructure ...

Factual Corrections

I have a few bones to pick with the summary, of a factual nature. Corrections are in bold, I have not corrected the grammatical errors.

"F-Secure antivirus company of Finland has reported receiving e-mails from an Iranian nuclear scientist, who says Persian uranium-235 isotope refining efforts have just been hit with yet another cyber strike. (Stuxnet, Duqu and Flamer-Skywiper allegedly being the previous iterations of the same Operation Project Olympic attack plan.) Last month, an anonymous member of President Obama's staff has allegedly admitted to the New York Times that there is a joint Israel-U.S. cybermilitary operation was behind the mishaps Iranians have recently been suffering with their UF6 gas refining centrifuge systems in the Natanz and Fordo plants. This time, the unverified e-mail claims, a new Metasploit-based malware owns iranian VPNs, causes fault in the nuclear plants' Siemens-based industrial control systems, and randomly starts to play AC/DC's 'Thunderstruck' aloud via the infected computers' speakers."

I'm not saying the Times is wrong, but I don't trust their source completely. I also am not claiming he's wrong, but the press has a very bad habit of really fucking up critical details of technology-related stories. For example, I find it pretty hard to swallow that such an operation would only involve the US and Israel. It's all very convenient, and tidy, and in real life the real story is very rarely wrapped up in such a pretty little package. We certainly need at least an independent confirmation of the source's information.

Pandora's Box

It's been opened.

The US will not encounter foreign boots on the ground but cyber retaliation... and I promise it could get very ugly. As a former Network Admin, Accelerator Designer, and now Siemens Programmer I can tell you that these viruses can be turned back on us. Much of the world runs on Siemens programming. Oil rigs, chemical mixers, MRI scanners, food prep, power grids, water treatment, and manufacturing assembly of all kinds (right off the top of my head) all run on Siemens hardware/software and we don't have the ability to defend against it.

However, I am not worried about Iran. It's China who already has their digital boots on the ground.

Re:Springsteen, weaponized.

[Muad'Dave]

I would've gone with Hava Nagila.

Re:Springsteen, weaponized.

[Bill,+Shooter+of+Bul]

Yeah, but that song is about how bad the USA is at taking care of people, not how awesome it is to live here.

Re:Awesome!

[Zocalo]

The Police's "Every Breath You Take (I'll be watching you)" should raise paranoia levels nicely.

Re:Awesome!

[Quiet_Desperation]

That might violate the Geneva Conventions.

Re:Iron Man

[Hsien-Ko]

Too many women with too many pills?

Re:Sarcasm!

Indeed. I wonder how long until the RIAA and Co. will take until they send their regards for each computer playing to a group of people without licensing rights.

Re:Springsteen, weaponized.

[H0p313ss]

You only think that because you're thinking in english rather than the newspeak.

Interstate running through his front yard and he think's he's got it so good. But ain't that America?

As a Canadian I found it pretty funny at the time that the song not only charted but became an anthem for (clueless?) patriots.