Iranian Hackers Probe US Infrastructure Targets

Taco Cowboy points out reports in The Register and The Jerusalem Post (along with a paywalled article at the WSJ) that say "[Iranian hackers are] responsible for a wave of computer attacks on U.S. corporations, with targets including oil, gas and electricity companies. Unlike the cyber incursions from China, the goal of the Iranian attacks is sabotage rather than espionage. The cyber attacks are seen as attempts to gain control of critical processing systems. The attacks on oil, gas and power firms have so far concentrated on accruing information on how their systems work – a likely first step in a co-ordinated campaign that would eventually result in attacks aimed at disrupting or destroying such infrastructure."

WAR DRUMS A-Beatin'

Beat those drums of war! We're UNDER ATTACK from Iran! War War WAR! More money for Lockheed-Martin, more money for Boeing, more money for your congressman's buddies, austerity measures for you.

-- Ethanol-fueled

Re:WAR DRUMS A-Beatin'

Something happens in another country: I bet the USA did this.
Something happens in the USA: I bet the USA did this.

Re:WAR DRUMS A-Beatin'

moral of the story: usa does alot.

Re:WAR DRUMS A-Beatin'

[Jeremiah+Cornelius]

"We need to start this war with Iran. No one believes they have a bomb, and we've been saying they're 2 years away, since 1997. I know! Tell Cybercommand to "probe" US infrastructure, hopping from all the compromised router firmware, behind Iran's BGP space.

Give the story to Jerusalem Post - from "official sources". Don't worry about "leak prosecutions". We'll reserve those for the nosy bastards who try and discover that this is how we operate."

Re:WAR DRUMS A-Beatin'

It's spelled allot, you fucing moron.

Re:WAR DRUMS A-Beatin'

Maybe Iranians hacked themselves too, to get sympathy. Works both ways.

Re:WAR DRUMS A-Beatin'

[centipedes.in.my.vag]

I love the not-so-subtle anti-Jewish slant to this post. Bravo. It's a masterpiece of paranoid "world order" flavor in just a few sentences.

Re:WAR DRUMS A-Beatin'

Where in the world did you get the "anti-jewish slant" from, exactly?! The GP mentions Jerusalem Post which is an Israeli reference, but nothing about Jews. You realize people can dislike Israel and their actions without disliking all Jews or the Jewish religion. You also realize that Israel continues to be one of the most negatively viewed countries in the world according to a BBC World Service poll, so you can cry all you want but when so many people dislike a country over so many years, something's wrong with that country and not the people.

Re:WAR DRUMS A-Beatin'

You realize people can dislike Israel and their actions without disliking all Jews or the Jewish religion.

Well when I get to dislike various Muslim nations without being accused of being anti-Islam, then we can have a discussion.
In the meantime, most people are aware that religion and politics in Israel and most Islamic nations has a very weak line of separation. Why do you think they all hate each other so much? Hint- it's not about nationality, it's about religion and culture and it has been that way for several thousand years now.

Re:WAR DRUMS A-Beatin'

[cold+fjord]

No one believes they have a bomb,

Iran nuclear report: IAEA claims Tehran working on advanced warhead

Your "anti-Zionist" / anti-Israeli trolling does grow tedious at times.

Re:WAR DRUMS A-Beatin'

[GameboyRMH]

I allot you 1 week of suspension from the spelling nazi corps.

Re:WAR DRUMS A-Beatin'

[cold+fjord]

You also realize that Israel continues to be one of the most negatively viewed countries in the world according to a BBC World Service poll [bbc.co.uk], so you can cry all you want but when so many people dislike a country over so many years, something's wrong with that country and not the people.

The problem in those people's eyes is easy to identify: Israel is full of Jews. That is a huge problem for some people. It is sort of like the problem that many Germans had with Jews in the 1920s-1940s.

And don't overlook the fact that the reading tastes are similar:

Cut-rate 'Mein Kampf' sells well in Turkey, spurring concerns
Mein Kampf in pride of place on bookshop shelves
Their Kampf - Hitler’s book in Arab hands.

Re:WAR DRUMS A-Beatin'

[cheekyjohnson]

Well when I get to dislike various Muslim nations without being accused of being anti-Islam, then we can have a discussion.

A discussion can be had right now. Both statements are illogical.

Re: WAR DRUMS A-Beatin'

Actually it's Israel.

Re:WAR DRUMS A-Beatin'

[kilfarsnar]

My problem with Israel is their treatment of the Palestinians and their continued creation of illegal settlements. It has noting to do with their religion.

Re:WAR DRUMS A-Beatin'

Nice tinfoil hat bro

Re:WAR DRUMS A-Beatin'

[Jeremiah+Cornelius]

You are the troll. And a very low-value poster. The Guardian link refers to a nano-diamond creation device supplied by Russia for industry, and which "western" intelligence tried to spin as related to weapons research. Here is the thorough debunking from Moon of Alabama. The "reporting" on nano diamonds was spanked SO BADLY by this blog, that all traces disappeared from press and punditry before November ended.

The whole issue is a misrepresentation of the highest order - from 11/11. Let me update you, with an analysis that is independent, not mere military/government stenography. Concerning the IAEA findings more recently, in August of 2012:

IAEA: Iranian "Nuclear Danger" Decreased

The International Atomic Energy Agency (IAEA) just released its most recent report (GOV/2012/37) on the state of Irans nuclear program.

As usual this report is used to hype up the "nuclear Iran" scare. The London Times even headlines Iran is stockpiling weapons grade uranium, a new reported finds (sic) which is completely false as even its own report below that headline says:

The Israeli diplomat said that Iran was in the process of doubling its capacity at Fordow to about 1,500 centrifuges, increasing the amount of 20 per cent-enriched uranium it could produce. Uranium enriched to 20 per cent fuels Irans main research reactor, but it is also just below the level usable in nuclear bombs.

Not only is any Uranium Iran has below weapons grade but, according to the new IAEA report, Iran has today less enriched Uranium that could quickly be converted into a nuclear weapon than it had in May 2012, the time of the IAEAs last report (GOV/2012/23) on the issue.

Critics of Irans nuclear program are most concerned with the Uranium Iran enriches to a level of 20% U-235 isotope. This enriched Uranium, critics say, could be quickly enriched further to up to 95% and then be used to manufacture a nuclear explosion device.

But enriched Uranium can have several forms. For enrichment natural Uranium is converted into Uranium hexafluoride (UF6) and, slightly heated and under pressure, fed as a gas into centrifuges to separate out the U-238 isotopes. This increases the content of U-235 isotopes needed for nuclear reactions. The enrichment product with 20% U-235 is still in the form of UF6 which could be again fed into a centrifuge cascade for even higher enrichment levels.

But UF6 is not usable as nuclear reactor fuel. For reactor use the UF6 has to be converted into Triuranium oxtoxide (U3O8) and from there into Uranium dioxide UO2. These can be formed into fuel elements to be fed into a reactor. Once this is done there is no easy and quick process to convert these fuel elements back into UF6 for further enrichment. Enriched UF6 once converted into U3O8 and UO2 fuel plates is thereby not directly usable for producing bomb grade uranium and of little proliferation concern.

Iran needs fuel elements with 20% enrichment level for the Tehran Research Reactor (TRR) to produce nuclear isotopes for medical purposes.

According to the May 2012 IAEA report Iran had, at that time, enriched 110.1 kg 20% enriched UF6 at the Pilot Fuel Enrichment Plant (PFEP) in Natanz and 35.5 kg 20% UF6 in the Fuel Enrichment Plant (F

Re:WAR DRUMS A-Beatin'

[meglon]

I think its a lot less hatred of Jews than it is hatred for people who act like duochebags all the time, stealing their land, assassinating their leaders, murdering their children, and basically acting more like that group of Germans you brought up than they should... all the while causing more and more problems for the US (where i live) because, again, they seem to prefer being douchebags instead of acting like civilized people.

Me personally... i don't give a fuck what religion they are; if they act like little assholes all the time, then that's what they are.

Re:WAR DRUMS A-Beatin'

My problem with Israel is that it's a nuclear-armed rogue state ruled by a government that may be democratic, but has democratically elected a bunch of theocratic psychopaths. It consistently oppresses minorities, has attempted to sterilise unwanted groups, steals property and land that by any sane standard - international law, common sense, the very treaties that establish Israel's existence as a country - do not belong to it, and has a long-established history of extreme aggression towards its neighbours.

I'm Jewish. Fuck you.

Re:WAR DRUMS A-Beatin'

[Jeremiah+Cornelius]

Right. Sympathy. "Please feel bad for us, we are a target for ordinance."

I really don't think the soft-asset value of any such sympathy generated is a reasonable calculation vs. the risk incurred.

Let me tell you, I dislike the Iranian government for many political and personal reasons. But, unlike propagandists, I do not ascribe to them madness or irrationality. The mullahs are as canny as they come.

Re:WAR DRUMS A-Beatin'

Israel lost it's balls can only false flag some routers and won't bomb US warships anymore :-)

Re:WAR DRUMS A-Beatin'

They're not illegal settlements. They're undocumented settlements. Get the terminology right.

Re:WAR DRUMS A-Beatin'

[cold+fjord]

You are the troll. And a very low-value poster. The Guardian link refers to a nano-diamond creation device supplied by Russia for industry, and which "western" intelligence tried to spin as related to weapons research. Here is the thorough debunking from Moon of Alabama. [moonofalabama.org] The "reporting" on nano diamonds was spanked SO BADLY by this blog, that all traces disappeared from press and punditry before November ended.

My posts do tend to have a very low value for perpetuating the lies and distractions used to defend the terrorist sponsoring and would be genocidal Iranian regime. I don't see that as a negative. The MoonbatofAlabama blog didn't really serve much purpose other than to provide another distractions to fool the unwary.

Vyacheslav Danilenko – Background, Research, and Proliferation Concerns

In the debate about the November 11 International Atomic Energy Agency (IAEA) safeguards report, some have falsely implied that Vyacheslav Danilenko did not know anything about nuclear weapons, or that he worked solely on nanodiamonds from the beginning of his research career, even though he worked at Chelyabinsk-70 for almost thirty years.1 The open source record demonstrates that these statements are incorrect and that Danilenko was involved in developing and using inwardly converging high pressure explosions and diagnostic systems to measure their effectiveness vital to the development of Soviet nuclear weapons. As such, the open source record supports that when he assisted Iran in the 1990s, he was an ex-Soviet nuclear weapons expert. Given his background, Danilenko should have had reason to believe that his knowledge and expertise related to high explosive compression in nuclear weapons could be misused by the Iranians, even if he limited himself to advising on strictly non-nuclear weapon applications.

In his statement to the IAEA Danilenko denied helping Iran build nuclear weapons but he admitted that he could not exclude that the information he provided was used for other purposes. Despite his denials, the IAEA suspects he helped Iran more than he has admitted so far. . .

Russian scientist Vyacheslav Danilenko’s aid to Iran offers peek at nuclear program

Re:WAR DRUMS A-Beatin'

[budgenator]

Enriched UF6 once converted into U3O8 and UO2 fuel plates is thereby not directly usable for producing bomb grade uranium and of little proliferation concern.

Well ....

Preparation
Milled uranium ore—U3O8 or "yellowcake"—is dissolved in nitric acid, yielding a solution of uranyl nitrate UO2(NO3)2. Pure uranyl nitrate is obtained by solvent extraction, then treated with ammonia to produce ammonium diuranate ("ADU", (NH4)2U2O7). Reduction with hydrogen gives UO2, which is converted with hydrofluoric acid (HF) to uranium tetrafluoride, UF4. Oxidation with fluorine yields UF6.
During nuclear reprocessing, uranium is reacted with chlorine trifluoride to give UF6:
U + 2 ClF3 UF6 + Cl2 Uranium hexafluoride

wikipedia suggests that converting Uranium Oxides into >Uranium Hexafluoride is pretty straight forward, a first semester quantitative chemistry student with a glove box should be able to handle it.

Re:WAR DRUMS A-Beatin'

[hazah]

Under international law, they are legal. They aren't popular -- and this would be irrelevant to your point. There is a difference.

Re:WAR DRUMS A-Beatin'

[hazah]

http://en.wikipedia.org/wiki/Taqiyya ! What the fuck? Rogue state... rogue... you must be fucking retarded. Just the fact that you've even used that word is such a profound example of stupidity that I truly feel saddened. I do not say that for your benefit -- I care not for your opinion, fyi. Either you're really an idiot, or, more likely, you are not what you claim to be -- a fraud. You have a "moral" duty to lie, that's fine. It makes you a liar. There is no reason to trust you, and thank you for the proof that there shall be none. Idiot.

Re:WAR DRUMS A-Beatin'

[Falconhell]

It is ludcrous to suggest that Israels theft of Palesinian land in the Wets Bank is legal under international law.

Re:WAR DRUMS A-Beatin'

[Falconhell]

The evidence for the posters statement is obvious, as is your total ignoring of Israels many war crimes. Its typical of the Israeli sycophants to try any tactic to distract from Israels appalling behavior. If it was any country or any religious group behaving badly I would call it exactly the same. Im sick to death of any criticism of Israel being framed as a race issue.It may have worked for you for a long time but the world is slowly awakening to just how evil the behaviour of Israel is.

Re:WAR DRUMS A-Beatin'

[DigiShaman]

I'm proud to be anti-Islam. Islam, is a social cancer to humanity. Its "infection" needs to be stopped.

Re:WAR DRUMS A-Beatin'

[228e2]

Simpsons did it

Re:WAR DRUMS A-Beatin'

[Jeremiah+Cornelius]

Genocidal Iranian regime.

Genocidal?

Hyperbole becomes you. Evidence?

Re:WAR DRUMS A-Beatin'

[cold+fjord]

It may have worked for you for a long time but the world is slowly awakening to just how evil the behaviour of Israel is.

Given your views, you should probably hope that the world isn't awakening to evil behavior, otherwise the there some unexpected drubbings that are going to be handed out.

Palestinians Celebrate after Brutal Murder of Fogel Family
The Jews Were Brought to Palestine for the Great Massacre
Palestinian Myth Machine
Fighting the Lies Harder Than Fighting the War
Goldstone: You Cannon Undo a Slander
The European Left and Its Trouble With Jews
Why the al-Dura Blood Libel Still Matters

Yes, much of the world joins to condemn Israel, often based on lies, but either passes in silence over true horrors of the genuine mass murdering regimes in the Middle East, or actually defends the real butchers.

Hama 1982 – The Syrian massacre you never heard about
Commentary: Remembering Iraq's mass graves

What happened to Iraq's 'human shields'?

If Israel was only as evil as Iraq or Syria, the Paelstinians would have disappeared into mass graves long ago. That clearly hasn't happened.

Re:WAR DRUMS A-Beatin'

[cold+fjord]

The exact phrase I used was: "would be genocidal Iranian regime"

Evidence?

UN chief denounces Iran to its face over calls to destroy Israel
Iran Steps Up Threats to Rub Out Israel

At present they lack the means, such as working nuclear weapons, not the desire. I have to say that I find it astonishing that this might somehow be news to you. It is a fairly widely held goal in the region.

The Jews Were Brought to Palestine for the Great Massacre
Hamas video: Killing Jews is 'worship that draws us close to Allah'
Judgment Day - When the Muslims Kill the Jews

After all, the book by you-know-who is disgustingly popular in certain circles among kindred spirits.

Cut-rate 'Mein Kampf' sells well in Turkey, spurring concerns
Mein Kampf in pride of place on bookshop shelves
Their Kampf - Hitler’s book in Arab hands

Unrelated, but since I have your attention - I expect these topics percolate at the back of your mind:

Jenin: Palestinian Myth Machine
Goldstone: Fighting the Lies Harder Than Fighting the War

Re:WAR DRUMS A-Beatin'

[Falconhell]

And as usual the next hasbara tactic is to say someone else is worse so it excuses my behaviour. Delusional. There is no need to lie to make Israel look bad the facts are plain to any non sycophant.

Re:WAR DRUMS A-Beatin'

[cold+fjord]

Oh no, you have that completely wrong. There clearly are far worse regimes in the Middle, including those that kill and mistreat Palestinians. Many of the allegations against Israel, on the other hand, are simply fabricated or greatly exaggerated, so there is often little if anything that needs to be excused. It makes no sense to appologize for an imaginary massacre.

For some reason there are people that prefer to condemn Israel over a fabricated claim of mass murder than the genuine mass murder by other regimes. I guess there is some comfort to know that the "devil" you confront isn't really a devil, so the hazard to you is small. I expect this is why Jenin and Goldstone are such popular clubs to beat Israel being as they are so greatly blown out of proportion and essentially constitute lies. On the other hand, Jordan's Black September is passed over in silence. That points to the fact that it generally isn't the actual welfare of the Arabs of Palestine that people really care about, but simply beating on Israel.

Although that may be true in general, apparently the Palestinians and various assorted "anti-Zionists" and anti-Semites have their own sycophants as well. What a curious world. Why you would choose such a role is quite strange.

You speak of facts, but appear to ignore them. Perhaps you might start with the following links above:

Palestinian Myth Machine
Fighting the Lies Harder Than Fighting the War
Goldstone: You Cannon Undo a Slander
Why the al-Dura Blood Libel Still Matters

Please let us know when you intend to be serious rather than faux indignant over imaginary crimes.

Re:WAR DRUMS A-Beatin'

[Jeremiah+Cornelius]

You eat propaganda for breakfast, do not speak Farsi, and accept the fulminations of biased intermediaries without evidence or examination.

You are unworthy to engage in argument.

Re:WAR DRUMS A-Beatin'

It would be so easy to see it from cold fjord's perspective if you would just sit down with him and do a big fat rail of Ziocaine.

Re:WAR DRUMS A-Beatin'

[Jeremiah+Cornelius]

While listening to Michelle Bachman coo sweet nothings...

Re: WAR DRUMS A-Beatin'

ROFL you don't think that their leaders are religious fanatic wackos?

Cause most Iranians do. I don't know why I even bother to read the retard drool that winds up in there comments anymore.

Re: WAR DRUMS A-Beatin'

Of course they are religious wackos, but they are very rational about staying alive and keeping themselves in power. That's why all the bluster about Iran threatening Israel is so ridiculous; Iran is very aware it would get vaporized should it raise a finger against them. They are also very rational about how their neighbors have been invaded by the same folks who threaten them and how that definitely won't happen if there is any chance the invaders will get nuked.

Re: WAR DRUMS A-Beatin'

Wrong. Religious fanaticism is an infectious "self-righting" epidemic that is not a favor of good decision making. Even if not state sponsored, the disparity between rule of islamic law and the will of the people create and unstable state that should never have nukes. Not to mention constantly threatening your neighbors and other countries based on religious fallacies.

Re: WAR DRUMS A-Beatin'

That's bc nearly half of the UK are Muslims. Skewed poll is skewed.

Re: WAR DRUMS A-Beatin'

[Jeremiah+Cornelius]

They are NOT "religious wackos".

They are powerful gangsters, with a militarized party-apparatus, who use the cultural cues for religious piety to validate their rule.

These are the same people that perfected the rules of chess. They managed to "sacrifice a bishop" in the 19th century and avoided becoming a part of the British empire.

Cannier that you think. Including playing religion as a card.

Re:WAR DRUMS A-Beatin'

[hi-endian]

lol, not sure that I trust a "publication" that uses comic sans in its logo.

Re:WAR DRUMS A-Beatin'

[hazah]

It's ludicrous to suggest that Israel is involved in any "theft" what so ever.

Re:WAR DRUMS A-Beatin'

[hazah]

"total ignoring of Israels many war crimes" Name them. Name the genuine war crimes Israel is currently facing trial for. Put up.

Re:WAR DRUMS A-Beatin'

[hazah]

That's rich... especially on the "no need to lie assertion," so tell me, then, why *DO* you lie? If you are so virtous, then why do you have to *fake* videos to make them seem eventful rather than benighn? Because you are obligated to lie, it's your duty -- its your scripture -- I understand. You have a book to tell you what is and what isn't moral, and you must surrender reason to it, then look down upon your fellow man through the eyes of delusions of grandure.

I'm bored...

Can we nuke iran yet?

Come on... it'll be fun.. So much more to 'rebuild'. And the anti-nuke whiners would have something new to talk about for awhile.

Plus... free suntans!

Fox News vs. the Cult of Obama

Accordingly, Obama and his supporters refuse to be judged on normal criteria, such as the president's actual record in office. Though he is quick to claim credit on the rare occasion--such as the bin Laden raid--when things go right, President Obama typically adopts a prophetic distance from the office he holds that insulates him from criticism and allows him to attack the very Washington he leads, the very political games he plays.

The heresy of Fox News is not just that it criticizes the Obama administration or that it provides a platform for conservative opinion, but that it rejects the attempt to place Obama beyond politics and accountability. It refuses, in other words, to endorse the idea that Obama inhabits a unique category, beyond the obvious (and, for most governing purposes, meaningless) historic fact that he is the nation's first black president.

Re:Fox News vs. the Cult of Obama

[fredrated]

The problem with Fox is that they are liars and obfuscators and people that use them for a source of anything are ignorant.

Re:Fox News vs. the Cult of Obama

Making an assertion does not equal winning an argument.

You like to eat shit, it's true because I say so.

You see, I can do it to.

Now go shine your weenie.

Re:Fox News vs. the Cult of Obama

You used wrong "too"....argument invalidated. move along.

Re:Fox News vs. the Cult of Obama

is that what Fox news told you to do? Better get to it, they're watching you.

Re:Fox News vs. the Cult of Obama

Ohh whining about typos, such genius.

Fail.

Re: Fox News vs. the Cult of Obama

Too stupid to spell, too stupid to matter.

Re:Fox News vs. the Cult of Obama

[DFurno2003]

In your opinion.

Re:Fox News vs. the Cult of Obama

[ganjadude]

I suppose you have the same views toward their polar opposite MSNBC correct? Because CNN seems to be the only network who at least pretends to be reporters these days

Re:Fox News vs. the Cult of Obama

Hmm. I've always found them to be pretty balanced. You might have them confused with MSNBC. You know the folks who edit video and audio clips to incite racial hatred? Also the folks who tend to fall over themselves praising Obama throwing all objectivity to the wind.

Re:Fox News vs. the Cult of Obama

[ganjadude]

to be fair fox has also been shown to edit clips.

Re:Fox News vs. the Cult of Obama

[Synerg1y]

Ah CNN, the stuff rich white men like to read over a glass of scotch and laugh.

Re:Fox News vs. the Cult of Obama

You are correct. Anyone who watches Fox News is a fucking imbecile

Re:Fox News vs. the Cult of Obama

All of the networks are equal parts horse shit propaganda.

Re:Fox News vs. the Cult of Obama

[Wookact]

You've found them to be pretty balanced?

Try foxnewslies.net

Now don't get me wrong they all lie, fox news is head and shoulders above the rest in that department though.

Re:Fox News vs. the Cult of Obama

Hmm. I've always found them to be pretty balanced.

Sorry, but if you think anything on Fox News even approaches balance, you have a serious problem with your inner ear. They are the "AM Talk Radio" of cable TV news shows, everything on that network is designed to get conservatives worked into a moral outrage. Any delivery of actual news or facts is incidental.

Ya, MSNBC sucks a fat donkey cock, I agree with you. But they are not anywhere near the level of bullshit that Fox pulls off, and even if they were it's still no excuse.

Re: Fox News vs. the Cult of Obama

[fast+turtle]

Oh Shut up you damn air breathers. Us water breathers are still working on killing all of you off. Just you wait until our master plan with Global Warming comes through. You'll soon be swiming. Good eatings to you.

Re:Fox News vs. the Cult of Obama

foxnewslies.net returns nothing but an empty page. Does that mean that they couldn't find any lies?

Re: Fox News vs. the Cult of Obama

Foxfag found

Re:Fox News vs. the Cult of Obama

[interval1066]

But they are not anywhere near the level of bullshit that Fox pulls off...

MSNBC is horribly slanted and incorrect in AS MANY stories as fox news. AS MANY.

Re:Fox News vs. the Cult of Obama

[meglon]

http://www.businessinsider.com/study-watching-fox-news-makes-you-less-informed-than-watching-no-news-at-all-2012-5

....just saying.

Re:Fox News vs. the Cult of Obama

[ganjadude]

so what of the 3 main news networks do you find to be the most fair??

Re:Fox News vs. the Cult of Obama

[ganjadude]

agreed. but as i said at least CNN tries

Re: Fox News vs. the Cult of Obama

Obama's DoD forces took it down!

Oh wait....

Re:Fox News vs. the Cult of Obama

[hi-endian]

Comedy Central

And no, that's (sadly) not a joke.

Re:Fox News vs. the Cult of Obama

[Synerg1y]

I don't really watch TV for the news, I read slashdot for the lulz and news.google.com for actual news. CNN has some good stories, but reading their main articles I feel like they're trying to sway me towards their POV rather than saying what actually happened (ex. ban guns after every shooting).

LiveLeaks & VICE has interesting stuff sometimes too.

blowback

Maybe launching destructive malware at Iranian infrastructure wasn't such a good idea.

Re:blowback

[DNS-and-BIND]

Maybe a functional theocracy with an end-of-the-world complex developing nuclear weapons wasn't such a good idea.

Re:blowback

[TubeSteak]

Google's Cache works 99% of the time:
http://webcache.googleusercontent.com/search?q=cache:http://online.wsj.com/article/SB10001424127887323336104578501601108021968.html

Iran Hacks Energy Firms, U.S. Says
Oil-and-Gas, Power Companies' Control Systems Believed to Be Infiltrated; Fear of Sabotage Potential
By SIOBHAN GORMAN and DANNY YADRON

WASHINGTON--Iranian-backed hackers have escalated a campaign of cyberassaults against U.S. corporations by launching infiltration and surveillance missions against the computer networks running energy companies, according to current and former U.S. officials.

In the latest operations, the Iranian hackers were able to gain access to control-system software that could allow them to manipulate oil or gas pipelines. They proceeded "far enough to worry people," one former official said.

The developments show that while Chinese hackers pose widespread intellectual-property-theft and espionage concerns, the Iranian assaults have emerged as far more worrisome because of their apparent hostile intent and potential for damage or sabotage.

U.S. officials consider this set of Iranian infiltrations to be more alarming than another continuing campaign, also believed to be backed by Tehran, that disrupts bank websites by "denial of service" strikes. Unlike those, the more recent campaigns actually have broken into computer systems to gain information on the controls running company operations and, through reconnaissance, acquired the means to disrupt or destroy them in the future, the U.S. officials said.

In response, U.S. officials warn that Iran is edging closer to provoking U.S. retaliation.

"This is representative of stepped-up cyber activity by the Iranian regime. The more they do this, the more our concerns grow," a U.S. official said. "What they have done so far has certainly been noticed, and they should be cautious."

The U.S. has previously launched its own cyberattacks against Iran. The Stuxnet worm, developed and launched by the U.S. and Israel, sabotaged an Iranian nuclear facility.

The latest campaign, which the U.S. believes has direct backing from the Iranian government, has focused on the control systems that run oil and gas companies and, more recently, power companies, current and former officials said. Control systems run the operations of critical infrastructure, regulating the flow of oil and gas or electricity, turning systems on and off, and controlling key functions.

In theory, manipulating the software could be used to delete important data or turn off key safety features such as the automatic lubrication of a generator, experts said.

Current and former U.S. officials wouldn't name the energy companies involved in the attacks. or say how many there were. But among the targets were oil and gas companies along the Canadian border, where many firms have operations, two former officials said.

The officials also wouldn't detail the precise nature of the evidence of Iranian involvement. But the U.S. has "technical evidence" directly linking the hacking of energy companies to Iran, one former U.S. official said.

Iranian officials deny any involvement in hacking. "Although Iran has been repeatedly the target of state-sponsored cyberattacks, attempting to target Iran's civilian nuclear facilities, power grids, oil terminals and other industrial sectors, Iran has not ever retaliated against those illegal cyberattacks," said Iran's spokesman at the United Nations, Alireza Miryousefi. "In the lack of international legal instruments to address cyberwarfare, Iran has been at the forefront of calling for creating such instruments. We categorically reject these baseless allegations used only to divert attentions."

So far, the infiltrations don't appear to have involved theft of data or disruption of operations. But officials worry the reconn

Re:blowback

[Rob+Riggs]

Maybe a functional theocracy with an end-of-the-world complex developing nuclear weapons wasn't such a good idea.

They have an end-of-the-world complex? Citation please? I'm only familiar with the doomsday preppers here in the U.S. Something similar going on in Iran?

Re:blowback

Recent papers suggest this is exactly the case. The force failures of their enrichment processing made them look harder at what they were doing and how. They are now further ahead than they would have been, according to the experts, had the West left them alone.

Don't forget kids, Iran is a Western level society, Iraq it ain't!

Re:blowback

Maybe overthrowing their democratically elected oil-nationalizing government and installing/propping-up a dictator for decades wasn't such a good idea.

Re:blowback

[lxs]

Note the past tense. I think GP was talking about the US.

Re:blowback

[DNS-and-BIND]

I don't know if anyone noticed, but the Iranians had a revolution in 1979. A revolution supported by the US government. You remember when Carter abandoned the Shah? And a revolutionary Islamic government took over? And massacred Iranian liberals JUST LIKE YOU? Or do we have selective memory now?

Re:blowback

[DNS-and-BIND]

http://www.alarabiya.net/articles/2008/05/07/49515.html

http://www.boulevard-exterieur.com/article.php?rubrique=1&ssCat=&id=2368&PHPSESSID=846dd80b96699a235f52dbf35a11f837

Note that this is a real-live world leader who said this. What would the reaction be if Obama said the same? That the return of the Messiah is imminent and will bring about the End of the World?

And for comedy:

http://www.guardian.co.uk/world/iran-blog/2013/mar/07/ahmadinejad-chavez-resurrected-too-far

Again, a genuine world leader saying this sort of thing. Yeah, I'm totally comfortable with this sort of nation having nuclear weapons! derp derp BUT BU$HITLER!!@#!@#$#$%@$!

Re:blowback

[tukang]

Can you provide any citation that the 1979 revolution was supported by the US gov't because from what I've read the US gov't supported the Shah from the beginning to end - that is from overthrowing the democratically elected government and reinstating the Shah to providing CIA assistance to SAVAK in order to suppress dissidents all the way to providing asylum to the Shah when it all fell apart.

I don't think it's a stretch to say that by overthrowing a democratic government instated by moderates and helping suppress dissidents via a secret police that regularly resorted to torture, the US played a role in radicalizing the Shah's opposition and helped form the theocracy that's in power today.

Re:blowback

[HornWumpus]

That's just nonsense. Someone wants it to be true. Never read the source that fed you this shit ever again.

Re:blowback

[cold+fjord]

Maybe launching destructive malware at Iranian infrastructure wasn't such a good idea.

If you are referring to "stuxnet," it wasn't launched against the Iranian infrastructure, but against Iran's nuclear program, which includes clandestine work on nuclear weapons.

Iran nuclear report: IAEA claims Tehran working on advanced warhead

I you think that Iran's behavior with just software is disagreeable, I don't think you want to see them with nuclear weapons.

UN chief denounces Iran to its face over calls to destroy Israel
'Cancerous tumour' Israel will soon be destroyed, says Ahmadinejad

Israel’s existence is an “insult to all humanity,” Iranian President Mahmoud Ahmadinejad said on Friday, in one of his sharpest attacks yet against the Jewish state, which is currently debating whether to attack Iran over its nuclear program.

AFP - Israel is a "cancerous tumour" that will soon be finished off, Iranian President Mahmoud Ahmadinejad on Friday told demonstrators holding an annual protest against the existence of the Jewish state.

"The Zionist regime and the Zionists are a cancerous tumour. Even if one cell of them is left in one inch of (Palestinian) land, in the future this story (of Israel's existence) will repeat," he said in a speech in Tehran marking Iran's Quds Day that was broadcast on state television.

"The nations of the region will soon finish off the usurper Zionists in the Palestinian land.... A new Middle East will definitely be formed. With the grace of God and help of the nations, in the new Middle East there will be no trace of the Americans and Zionists," he said.

Iran Steps Up Threats to Rub Out Israel

The main factor behind the upsurge in threats is the Iranian state-sponsored celebration of its annihilation policy towards Israel, which occurs on the fourth and last Friday of Ramadan every year.

The event is called "Al-Quds (Jerusalem) Day," and involves mass rallies, speeches by Iranian leaders, chants of "Death to Israel," and placards bearing the same intent. Last week, Khamenei described Israel as a "cancerous tumor" and "the biggest problem confronting Muslim countries today," according to Iranian media reports.

"Many of the Islamic world's problems come from the existence of the sham Zionist regime," Khamenei added, in comments that are reminiscent of traditional anti-Semitic comments that could be heard everywhere before the Holocaust. . .

Also last week, Brig.- Gen. Gholamreza Jalali, who heads Iran's Passive Civil Defense Organization and is a former commander of the Revolutionary Guards, said there was "no other option but to destroy Israel."

Nuclear weapons have a form of "blow back" all their own due to the intense blast effects. Iran may discover this, as well as other disagreeable forms, if it continues down its present course.

The present circumstances are all the sadder given that Israel and Iran were once allies, until the Islamic revolution in 1979. After that, Iran declared Israel an enemy to be destroyed. The current bad relationship filled with Iran's barely veiled threats of genocide is entirely Iran's choice. Israel did nothing to deserve it.

Re:blowback

[cavreader]

The dissidents SAVAK was busy with consisted of the radical Islamists and the oh so liberal knot heads who were doing everything in their power to give the Islamists another shot at running the country. While the liberal college students were busy playing with US hostages the hardliner Islamists were busy killing the old guard and taking all the power. When they were firmly ensconced in power the liberals who started the whole revolution were killed, imprisoned, or run out of the country. And for the record in 1953 it was the British who had a beef with the Iranian government over the nationalizing of their oil industry. Up to the point where they blockaded the oil exports in an effort to raise support for the IRANIANS who wanted a change in government. It was those IRANIANS who were responsible for making sure the Shah was brought back. The US did not hold a gun to anyone's head and give them an ultimatum. As a matter of fact the US military had it's hands full in Korea at the time. There are multiple power blocks in every government who court incentives from others in order to empower them to act in what they feel are their best interests. Every deal between foreign countries requires acceptance of the deal by both parties. Military threats never work but trade deals and the promise of lucrative future business deals can work wonders. But in 1953 the Iranians involved could have told the US or Britain to pound sand but they didn't did they? And compare the Iran being ruled by the Shah to the Iran being ruled by those who replaced him. It looks like someone made a mistake in 1979.

Re:blowback

[cheesybagel]

There was more than the Stuxnet attack on the uranium centrifugues. Iran alleges there were cyberwarfare attacks on their oil pipeline infrastructure. Plus there have been targeted assassinations of Iranian nuclear scientists.

The US sowed this so now they must reap it.

Re:blowback

Israel did nothing to deserve it.

Is that because you're genuinely unaware of the Zionist project or is it because you think the Palestinians are untermenschen who don't deserve to return to their own homes, vote for the government that controls their lives, import as much food as they want, export the food they produce, drive on the same roads as everyone else, not have their land and water "redeemed" and held in trust for some other ethnic group, etc...

Re:blowback

[tukang]

Obviously the Shah himself was Iranian and he had Iranian supporters who wanted to remain in power just as Kim Jong Il is Korean and has Korean supporters who want him to remain in power but the point is that those Iranians were a political minority just as I suspect that North Koreans who are in favor of the current regime are a minority.

Suppose that tomorrow North Koreans overthrow Kim Jong Il and a foreign government helps reinstate him against the will of the majority - do you not see anything wrong with that and how that could radicalize and unite his opponents? Your response seems to be "Well, it's not the foreign government's fault, it's Kim Jong Il's fault and that of his supporters after all they're Korean and they could have told the US gov't to "pound sand" - and yes, those Koreans that support Kim Jong Il's reinstatement would deserve blame but to completely absolve the foreign government of any responsibility isn't right.

Re:blowback

[interval1066]

Maybe launching destructive malware at Iranian infrastructure wasn't such a good idea.

Oh? Why? Curious to know exactly why trying to keep Iran from having nukes is a bad idea.

Re:blowback

[interval1066]

Something similar going on in Iran?

Support for Hezbollah and destabilization of Lebanon going on 30 years now, exportation of militant Islam and terrorism, a pact with North Korea to share nuclear bomb technology, "Since the 1980s North Korea has become known as a reliable supplier of arms to other countries including Iran." And of course Iran's repeated threats and calling for the destruction of Israel, a threat which you may not take seriously but if Iran did actually act on it would result in the entire middle east going up like a pool of gasoline. Yes, something similar is going on in Iran. And you're acting like an idiot. You should start taking the problems in the middle east seriously. The region is about to turn very ugly very quickly, more so than in the past.

Re:blowback

[cold+fjord]

I'm afraid you have it backwards. It is Iran that is reaping what it has sown. It is now trying for an upper. It might get that, much to its regret.

Re:blowback

[lennier]

an end-of-the-world complex

... You mean like Mount Weather or Raven Rock?

Oh, I'm sorry, this is the persecution complex. Have a nice day, and don't go out that door- that's the Pit of 1,000 Youtube Commenters. Best you don't let them see you, they haven't been fed yet. Mind the chainsaws! Bye now! We'll be seeing you!

Re:blowback

[interval1066]

Don't forget kids, Iran is a Western level society, Iraq it ain't!

Actually, from a military perspective, Iran shares a lot with Iraq under Sadam Hussein. Hussein with the support of the Ba'ath party installed a lot of loyal generals and political insiders, but the lower ranks hated him. Same thing is going on now in Iran; you have a number of religious zealot loyalists who are close to the "supreme leader" Ali Khamenei and his closest imams, and the lower ranks could'nt give a shit. Plus 2/3rds of Iran's population is under 30, and they're wanting iPods, not Jihads. Iran's foriegn policy is driven almost solely by a single-minded hate for Israel and the west (not just the US), and its entirely piloted by a group of conservative, religious, old men. Most of the population doesn't give a fuck about that crap. If there wa enough time everyone in charge of hating everything will die and Iran could join the rest of the world and get its ass out of the middle ages. The leadership knows this, so they're amping for a show-down now. Unfortunately.

Re:blowback

[cold+fjord]

As is common in this matter, you have things badly confused. Israel did nothing to Iran to deserve they way the new Iranian government turned on them. If you think otherwise, please provide a list. One hint to reduce the chances of you going down the wrong path again: the Palestinians are not Iranian, and the Iranians are not Arabs.

As to "untermenschen," that would be the view of post-revolution Iranian government, and many Arabs living in Palestine.

Reading Mein Kampf in Tehran

On Monday, the Iranian Foreign Ministry held an international conference. Nothing unusual in that: Foreign ministries hold conferences, mostly dull ones, all the time. But this one was different. For one, "Review of the Holocaust: Global Vision" dealt with history, not current politics. Instead of the usual suspects — deputy ministers and the like — the invitees seem to have included David Duke, a former Ku Klux Klan leader; Georges Theil, a Frenchman who has called the Holocaust "an enormous lie"; and Fredrick Toeben, a German-born Australian whose specialty is the denial of Nazi gas chambers.

The guest list was selective: No one with any academic eminence, or indeed any scholarly credentials, was invited. One Palestinian scholar, Khaled Mahameed, was asked to come but then barred because he holds an Israeli passport — and also perhaps because he, unlike other guests, believes that the Holocaust really did happen.

In response, Europe, America, and Israel expressed official outrage. The German government, to its credit, organized a counter-conference. ...

Hamas video: Killing Jews is 'worship that draws us close to Allah'
The Jews Were Brought to Palestine for the Great Massacre

As to the rest, you should catch up on some reading and get back to me.

UN agency stops aid imports to Gaza, cites Hamas 'thefts'
Looters strip Gaza greenhouses
Gazans seethe over taxes and blackouts
Sewage flood causes Gaza deaths
Hamas Bulldozes UN-Designated Historical Site to Make Room for Terrorist Training Camp
In Gaza, Hamas rule has not turned out as many expected
Rights watchdog accuses Hamas of torture, abuse of Palestinians
Hamas accused of routine torture of detainees in Gaza Strip
Palestinian Authority: Still Stealing "Hundreds of Millions," Hamas Taking Over
NY Times ignores Gaza's millionaires, hypes poverty, blames Israel (natch)

According to reports in the Arab press, a thriving smuggling economy in Gaza has produced no fewer than 600 millionaires. Hundreds of tunnels to Egypt have become bustling export and import conduits -- with the ruling Hamas elite siphoning off milli

Re:blowback

[cheesybagel]

For what? Wanting to develop nuclear weapons in order to maintain their regime in power and not be susceptible to foreign intervention? Even those people in the right wing of the US political spectrum aren't stupid enough not to recognize this for what it is. Plus after Saddam and Gaddafi (who voluntarily abandoned his nuclear weapons program to find himself and his family killed by a Western sponsored Al-Qaeda rebellion in Libya) do you honestly think they have any other path to follow?

Naive.

Re:blowback

[meglon]

I don't know if you noticed, but that revolution in 1979 was to overthrow the Shah... who we supported, and to kick our ass out (because we supported the Shah). Now, do i remember Carter abandoning the Shah? No, because it didn't happen. The Shah was here in the US when all the crap came down for medical treatment.

Re:blowback

[cheesybagel]

PS: I'm not interested in a nuclear Iran but it is quite clear this is nearly inevitable.

Re:blowback

[meglon]

http://www.u-s-history.com/pages/h2021.html

http://en.wikipedia.org/wiki/SAVAK

I'd suggest you are wrong. It's people like you, who are willing to defend murdering sociopaths, that caused this problem in the first place. THE reason Iran hates us today is because of what a bunch of sociopaths did to the country back in 1953. Sadly, sociopaths never seem to fucking learn.

Re:blowback

[meglon]

Curious to know who the fuck made us God to say who can have nuclear energy or not. You want to bitch and whine that the Iranians are flexing their cyberattack muscles, well, too fucking bad; we started it. You simply want to make some stupid fucking excuse as to why you are right, and they are wrong; that's something you really shouldn't do when you haven't taken the high road.

Re:blowback

Says a stupid fuck who in all likelihood wasn't even born before 1979 and who obviously went to public schools.

Those of us who were actually functioning adults then, know that the U.S. definitely did not support the "revolution">.

Re:blowback

Wikipedia cite FAIL.

Re:blowback

[interval1066]

The US sowed this so now they must reap it.

Reap what? A nuclear armed Iran? Yeah, we're scared. If Iran does produce a nuke it'll be squashed like a bug. You don't give a rabid dog a gun, you kill the dog.

Re:blowback

[interval1066]

the Zionist project

Here we go again. Some one who hates jews and is going to describe them like some kind of aliens from outer space who are inhabiting the bodies of humans to take over the world. The sooner you get rid of your idiotic ravings the better you and people like you will be. You're your own worst enemy, really.

Re:blowback

They're not aliens from outer space, they were Europeans and Americans with a blood and soil nationalist movement that wanted to create an ethnoreligiously pure state in Palestine. So far they have been very successful. They started by buying up land to be held in trust for Jews only (the blue and white tzadaka boxes) then accelerated things by expelling as many non-Jews as possible in 1947-1948. They created laws to take land from people who were expelled, even if they were still around ("present absentees.") Since 1967 they have been working to cleanse and annex the rest, particularly Jerusalem and the West Bank aquifer. The plan is quite clear to anyone who bothers to look into it and the actors really aren't that shy about it because they have been getting away with it for so long.

I know it's true because I believe my grandparents who lived on a kibbutz in the early 20th century, my parents, and the teachers at hebrew school. They told me they took Palestine because the natives were just nomads who didn't really value the land and didn't deserve it anyway because god promised it to the jews and all that BS. Ethnic cleansing is a-OK if the victims are dirty arabs and you make the desert bloom!

Re:blowback

[lzm_]

I can give some information. There is a theory between many Iranians that the US was one of the nations that actually helped stage the Iranian revolution in Iran in '79. I say a theory because, obviously, there is no direct proof, but many things that point towards it. But it is important to understand that USA was not the only involved nation, but also UK and France as well. One example is how the french intelligence agency told the Shah that Jimmy Carter had decided to overthrow him (de Marenches). Another example is how Mike Evans writes in his book that CIA funded Khomeini. Houchang Nahavandi writes in his book as well that Chinese officials warned the Shah of US involvement in overthrowing him. The Shah writes in his book "Answer to History" that after the revolution (no direct citation) that "It was now I understand the role of USA". Carter viewed Khomeini as more of a religious holy man in a grassroots revolution than a founding father of modern terrorism. Carter's ambassador to the UN, Andrew Young, said "Khomeini will eventually be hailed as a saint." Carter's Iranian ambassador, William Sullivan, said, "Khomeini is a Gandhi-like figure." Carter adviser James Bill proclaimed in a Newsweek interview on February 12, 1979 that Khomeini was not a mad mujahid, but a man of "impeccable integrity and honesty." One of the most obivious signs of western involvement is the fact that Khomieni was flown to Iran by french authorities, on a private Air France plane. What signals do that send? Why would even France involve themselves in Iranian matters? It is obivious they wanted Khomieni in Iran. In a book by Afkhami, you can also see the threatening USA letters to the Shah after he raises the oil prices by 3x. Of course it pissed them off, and they give him ultimatums. "In November 1978, President Carter named the Bilderberg group's George Ball, another member of the Trilateral Commission, to head a special White House Iran task force under the National Security Council's Brzezinski. Ball recommended that Washington drop support for the Shah of Iran and support the fundamentalistic Islamic opposition of Ayatollah Khomeini." There are of course, other signs too. A good question to ask is why western nations would want to see the Shah gone. We can go into that if you want.

Re:blowback

[lzm_]

I can give some information. There is a theory between many Iranians that the US was one of the nations that actually helped stage the Iranian revolution in Iran in '79. I say a theory because, obviously, there is no direct proof, but many things that point towards it. But it is important to understand that USA was not the only involved nation, but also UK and France as well.

One example is how the french intelligence agency told the Shah that Jimmy Carter had decided to overthrow him (de Marenches). Another example is how Mike Evans writes in his book that CIA funded Khomeini. Houchang Nahavandi writes in his book as well that Chinese officials warned the Shah of US involvement in overthrowing him. The Shah writes in his book "Answer to History" that after the revolution (no direct citation) that "It was now I understand the role of USA".

Carter viewed Khomeini as more of a religious holy man in a grassroots revolution than a founding father of modern terrorism. Carter's ambassador to the UN, Andrew Young, said "Khomeini will eventually be hailed as a saint."

Carter's Iranian ambassador, William Sullivan, said, "Khomeini is a Gandhi-like figure."

Carter adviser James Bill proclaimed in a Newsweek interview on February 12, 1979 that Khomeini was not a mad mujahid, but a man of "impeccable integrity and honesty."

One of the most obivious signs of western involvement is the fact that Khomieni was flown to Iran by french authorities, on a private Air France plane. What signals do that send? Why would even France involve themselves in Iranian matters? It is obivious they wanted Khomieni in Iran.

In a book by Afkhami, you can also see the threatening USA letters to the Shah after he raises the oil prices by 3x. Of course it pissed them off, and they give him ultimatums.

"In November 1978, President Carter named the Bilderberg group's George Ball, another member of the Trilateral Commission, to head a special White House Iran task force under the National Security Council's Brzezinski. Ball recommended that Washington drop support for the Shah of Iran and support the fundamentalistic Islamic opposition of Ayatollah Khomeini." There are of course, other signs too. A good question to ask is why western nations would want to see the Shah gone. We can go into that if you want.

Standard disclaimer

Iranian IPs are responsible for a wave of port scanning on US IP ranges.

Re:Standard disclaimer

"Iranian IPs are responsible for a wave of port scanning on US IP ranges."

And sometimes, under-sea cable tapping operations are confused with boat anchors.

Re:Standard disclaimer

[GameboyRMH]

Some bored geeks in a college computer lab just discovered nmap.

Internet facing?

The big question is why "critical" infrastructure is tied directly to the internet? Air gaps are (almost) hacker proof.

Re:Internet facing?

because the IT departments of these critical infrastructure are retarded.

Re:Internet facing?

* AIR GAP * AIR GAP * AIR GAP * AIR GAP * AIR GAP * AIR GAP *
* AIR GAP * AIR GAP * AIR GAP * AIR GAP * AIR GAP * AIR GAP *
but no, we have to spend a bazillion dollars to study the network infrastructure and create committees to come up with new policies and protocols. maybe new hardware from cisco could help. also the huge push for "smart meters" make air gaps unpossible. hmmm

Re:Internet facing?

[ShanghaiBill]

The big question is why "critical" infrastructure is tied directly to the internet?

Why not? "Critical" does not mean "vulnerable". IAAESE*. It is not that hard to create a system that is not "hackable" in a dangerous way. You just need to design in multiple levels of safety:

1. Top level GUI
2. Control system running in a separate process, that sanity checks any input from the GUI.
3. A firmware monitor running on a hardened 8-bit processor (8051, AVR, etc.), that runs a watchdog timer and scans the system to ensure all parameters are within safe limits.
4. Mechanical interlocks, governors, brakes, fuses, etc.

I have read plenty of stories about how hackers will drop elevators full of passengers into the basement, and turn traffic lights "all green". But anyone that works on those systems will tell you that it is all baloney. It is physically impossible to do that from software. That kind of sabotage would need at least a crowbar and a soldering iron.

I think that what is really going on is the industry is promoting these scare stories in the hope of getting government pork dollars to "fix the problem".

* I Am An Embedded System Engineer.

Re:Internet facing?

[ebno-10db]

The steps you mention are good ones, but an air gap is still a very good step in that defense in depth approach. Also, several of the steps you mention avoid damage to systems, which is always a good idea (even if just protecting against your own software problems). However, they don't necessarily guard against interruption of service. For things like the electrical grid that can be serious. Bonus points if you can cause a cascade failure.

I have read plenty of stories about how hackers will drop elevators full of passengers into the basement, and turn traffic lights "all green". But anyone that works on those systems will tell you that it is all baloney. It is physically impossible to do that from software.

Yes, the elevator thing is silly as they've all had mechanical safety features since the days of Elisha Otis. If by turning traffic lights all green you mean in both directions, then that's also probably silly. That doesn't mean that all scenarios, including the damage from the interruption of certain services, are silly.

Re:Internet facing?

[ShanghaiBill]

The steps you mention are good ones, but an air gap is still a very good step in that defense in depth approach.

Maybe in some situations. In others it can make the situation worse. If you disconnect everything, and have to send out a truck to make an adjustment at a substation, then you have a problem when there is a big storm and not enough trucks. For most sensibly designed systems, disconnecting from the network will likely cause more problems than it will prevent.

However, they don't necessarily guard against interruption of service.

I once worked on a control system for a hydroelectric dam. The software could adjust the gates to control the flow of water to adapt to electrical demand, but only within certain limits, which were set depending on expected demand. To go outside those limits, a worker had to manually extract and reinsert a steel rod. It is also common in coal/gas/nuke plants to require manual intervention to shutdown a generator, or even reduce the power into the "brown-out" zone. Since that is something that will almost never need to happen, requiring manual intervention is reasonable. Designing a system to prevent a denial of service is harder than just preventing catastrophic failure, but it is still possible.

Re:Internet facing?

[rbanzai]

Thank you for contributing to the overall naive attitude American industry has for securing critical systems.

Re:Internet facing?

[mlts]

I'm not an embedded system engineer, but I've done a system for low speed monitoring which has worked out well, allowing for information to be obtained, but keeping the private stuff private. It isn't a 100% perfect solution, but for a lot of needs, it functions well.

Create two network segments, one "public" in the sense that it is connected somehow to the Internet, and one "private" in that it has no connections.

Place two machines on each subnet. They are connected by a null-modem cable with the a set of Tx/Rx pins cut, so no traffic can flow back from the public subnet to the private one.

From there, one can use syslog or some other item to cat text data to the serial port on the private network, then on the public side, have something that constantly reads from it to a file.

Yes, this is slow (115200 bits max), but no matter how pwned the system on the receiving, public side winds up, an attack to the private network isn't going to happen without someone onsite to breach the gap.

Of course, there are variants of this that can be considered less secure: Two machines sharing the same iSCSI target that writes logs, and the one on the public network has read-only access while the public one has read-write.

Re:Internet facing?

[ShanghaiBill]

Thank you for contributing to the overall naive attitude American industry has for securing critical systems.

You're welcome. But my experience is that the people that design and operate critical systems are not at all naive. They have a very good appreciation for the risk. Let's look at some numbers:

Number of Americans deprived of power in the last year because of lightning: millions.
Number of Americans deprived of power in the last year because of flooding or storm surges: millions.
Number of Americans deprived of power in the last year because of TERRORISM: zero.

So maybe TERRORISM isn't really as big as a problem as you think. Or maybe industry is already doing a pretty good job of securing their systems. Maybe we should focus our efforts on building robust, fault-tolerant systems that will stand up to any source of problems, rather than focusing just on things like "air gaps" that only prevent the (so far) non-existent problem, while making it harder to deal with real problems like natural disasters.

Re:Internet facing?

[ebno-10db]

If you disconnect everything, and have to send out a truck to make an adjustment at a substation, then you have a problem when there is a big storm and not enough trucks.

Makes sense, but I still have to wonder how it was done before the Internet. More trucks, or was there an interim approach that used a communication link other than the Internet?

It is also common in coal/gas/nuke plants to require manual intervention to shutdown a generator, or even reduce the power into the "brown-out" zone.

Sensible and good to know, but let me play armchair terrorist. Admittedly this scenario is much more far fetched (if possible at all) but I wonder if playing with the automatic adjustments would let you mess up the stability of the grid.

What would happen if word went out to power stations to disconnect from the Internet? Correct me if I'm wrong, but I'd think it's possible to operate like that because a) the grid was around long before the Internet and b) Internet connectivity is not always the most reliable thing.

Lastly, while the systems that you've worked on may be well run, that doesn't necessarily mean that they're all well run. Unfortunately computer security is something that can go to hell in a real hurry if not continuously well maintained. Sometimes I wonder if using the Internet for anything more than news and blogs was a good idea.

Re:Internet facing?

[ciggieposeur]

I'm a chemical engineer with a bit of experience in designing control systems. Based on the systems I've seen in the field, I too would argue that air-gap-by-default is better in most circumstances.

Most plants have both vastly oversized equipment (especially heat exchangers and pumps) and catastrophic failure modes that can easily be reached by all those pieces operating within limits - it's the "swiss cheese" model of failure. Add a "pretty" control system like DeltaV or ABB that a) usually runs on Windows, and b) can almost always be modified if you have a engineering-acceess password, and I can see a path to a disaster. It would go like this:

1. The attacker gets access to the business-side Windows network.
2. They get access to a privileged account on that network.
3. They sift through the AD and find the instrument engineer accounts and personal workstations, and then install keyboard monitors on those workstations. Within a few days they have both the engineering passwords and access to the DCS.
4. They examine the DCS looking for weaknesses in the physical process itself: valves with lots more room on them, areas with lots of interlocks, exothermic reactor vessels, distillation columns that could rapidly overfill, etc.
5. Somewhere they will find a spot that has DCS interlocks but no corresponding SIS interlocks, and now it's game over. They could re-span one level indicator and disable one interlock and it would be Texas City 2005 all over again. Or they could make one temperature indicator lie and it would be Morganton NC 2006. If they wanted to get really evil they could just close a valve on a flare line while showing an open valve on the DCS screen.

A lot of this stuff can't be limited by mechanical safeties or more smarts at the PLC level. The only difference between a mission-critical exothermic reaction vessel and a bomb is how much stuff is put is into it before adding catalyst. And Iran has enough chemical engineers who could see this stuff if they had sufficient motivation.

The only thing we really have to protect the process is an independent SIL-rated SIS with its own indicators and solenoids, which is from this standpoint just an air-gapped DCS that can't be messed with.

Re:Internet facing?

[ebno-10db]

air-gap-by-default is better in most circumstances

Air gap as opposed to what? I'm unclear.

I was arguing for complete disconnection from the Internet, which ShanghaiBill was arguing was both impractical for a power plant (all the info they have to share, monitoring substations etc.) and unnecessary (manual intervention required for potentially destructive operations). It sounds like what you're saying is that it's practically impossible to have simple manual control requirements for everything in a chemical plant. Maybe complete Internet connect would be a good idea for a chemical plant but not a power plant?

Re:Internet facing?

Makes sense, but I still have to wonder how it was done before the Internet. More trucks, or was there an interim approach that used a communication link other than the Internet?

Was and still is: RS232, RS488, current-loop, fiber-optic, PWM/PDM loop, modem over dedicated circuit or PSTN, HF/VHF/UHF digital packet radio, mechanical semaphore arms, etc.

Re:Internet facing?

[ciggieposeur]

Air gap as opposed to what? I'm unclear.

I'm sorry, let's see if I can do better.

By air gap I mean that I think that DCS systems should by default be fully disconnected from the Internet, e.g. instrument engineer workstations should be on a different physical network and they have to have two computers to do their job - one to check email and do MSOffice stuff, and another that they develop the DCS logic on. This is very inconvenient for both the instrument engineers and the normal manufacturing engineers (who just need read-only access), leading to a loss of productivity.

Many systems are not air-gapped. Instead the DCS network is put on a separate VLAN with a firewall and either Windows Terminal Servers or an X11 client at the border. This is the alternative that I am arguing should be avoided in the future.

However, I have only seen an air-gapped network once, and that was mostly due to the age of the system: it was installed in the 1980's and barely even had TCP/IP between the operator consoles and the DCS servers. Last I heard it was in the process of upgrading to a more modern system and it would be connected at the border like the other plants in the company.

Maybe complete Internet connect would be a good idea for a chemical plant but not a power plant?

That could be true. SCADA systems -- where a single operator screen needs to control many stations miles apart from each other -- are probably economically infeasible to operate on a wholly independent set of physical wires. But even then I would push for a network design that forces the instrument engineers to use a different physical machine than the one they check email on.

In truth I am in the minority even in the chemical industry. People want the convenience of checking the true operator consoles from their desk, IT departments want the convenience of VLANs over separate physical wires, and (yay) there haven't been any significant events attributable to external network attacks to trigger action. I suspect that if we had another Texas City caused by (insert hostile hacker group here), it would either be treated like a typical industrial accident (meaning beef up the SIS), or an overt act of warfare (meaning go invade a country).

It's really tough to get ChemE's to believe that an intelligently lying DCS can even exist much less be capable of causing an accident that the SIS won't stop. OTOH it's tough to get buy-in from IT departments to keep these networks separate when all their ChemE clients are demanding convenience over security.

Dear Iran,

Continued activity may cause the U.S. to plug the analog hole in your systems.

Here is a picture of said plug.
http://upload.wikimedia.org/wikipedia/commons/7/78/MOAB_bomb.jpg

Re:Dear Iran,

How massively phallic and delightful. I'd like to stick that up my stink hole.

So why?

Why is it okay for the US to sponsor cyber attacks, but not the Iranians? If it is an act of war, then did Congress authorize the US act of war?

Re:So why?

AUMF

Re:So why?

Why is it okay for the US to sponsor cyber attacks, but not the Iranians?

For the same reason it was OK for Rome to conquer others but God forbid if someone gave them a taste of their own medicine - see Hannibal and Carthage.

Re:So why?

Why is it okay for Europeans to colonize and steal resources around the world, but not Americans?

Re:So why?

Why is it okay for the US to sponsor cyber attacks, but not the Iranians?

Where did you get this .. "information" .. about what's okay and not okay? Did you make it up, or did the Okay Bureau release a public service announcement which said that?

Re:So why?

[ebno-10db]

Why is it okay for the US to sponsor cyber attacks, but not the Iranians?

I'm not going to get all philosophical as that's not my shtick. I'm not even going to say it's "okay" for us to do it and not them (did somebody actually say that?). As an American I'd rather the US be successful in its attacks and the "enemy" not. I don't pretend it's anything more than that.

That doesn't mean I'm a bang the war drum type about Iran. However I'd rather they not get nuclear weapons. I'm not sure how far the US should go to prevent that (I'd certainly be opposed to a full blown war) but Stuxnet was a clever technique that didn't even hurt anyone. My attitude is "well done". I don't want Iran to be successful in a similar attack on the US. So far it seems they're only gathering intel, but the possibility of targeting our infrastructure is frightening. It's also potentially much more damaging than destroying some centrifuges.

Re:So why?

So far the international community does not consider these kinds of cyber attacks as an act of war. Which means no declaration is needed. When a large scale coordinated attack designed to actually cause harm to people occurs that will probably change. Right now it is a free for all.

Re:So why?

[Synerg1y]

Based on the nature of the internet... it could easily be US hackers hacking Iranian systems from which they could "test" US infrastructure and blame Iran in one fell swoop.

The scary thing here is my statement has as much plausible deniability built in as TFA.

Re:So why?

He was pointing out a flaw in the reporting newspaper's logic. Are you dense?

Re:So why?

[MrLizard]

For the same reason we arrest Russian/Chinese/Whatever spies in America, but send our own spies to Russia/China/Whatever.

I mean, seriously? How is this even a question? This got ranked "insightful"? Really, Slashdot?

I don't think anyone (well, anyone even half sane) would argue that it's objectively moral for the US to engage in espionage/cyberwarfare against another country, but objectively immoral for them to do it to us. It's equally moral (or immoral), no matter which direction it goes, so you make sure your side has every advantage, and assume (correctly) the other side(s) are doing the same.

"But, golly! Wouldn't it be nice if we all just agreed to not be big ol' meanies to each other?"

It sure would. And each side is eagerly trying to convince the masses on the other side that this is just what everyone wants, and to urge their governments to stop with all the saber rattling and a-feudin' and a-fussin'. However, a few thousand years of human history have taught us that those who beat their swords into plowshares will do the plowing for those who do not.

Re:So why?

So are you saying the US foreign policy is a lot like Mussolini invading Ethiopia in the '30s or that the US always turns up after the party is over?

Re:So why?

Why not bring up Denmark and Netherlands, since we like to praise northern Europe so much. By the logic that is often proposed on Slashdot (discussion of China vis-a-vis USA, for example) the USA is just following the footsteps of successful predecessors, and criticism would be biased without mentioning what others have done.

Re:So why?

[TubeSteak]

As an American I'd rather the US be successful in its attacks and the "enemy" not.

As an American I'd rather the US not attack anyone and the "enemy" not attack us either.

The real scandal is that hardening the IT infrastructure around these utilities is easy, it just costs money.
The first step is getting the SCADA industry to pull its head out of its ass and not sell anything that hasn't been aggressively vetted.

The government can create momentum for industry to design and build secure hardware interfaces.
All that's required is a timeline for uptake and a regulatory structure that mandates it.
Once these companies know that there will be a market for their product, they'll design and build it.

Finally, predicate the utilities' operating licenses on using secure command & control hardware + regular audits.
Meaningful consequences can bring about meaningful results.

Re:So why?

[jader3rd]

Why is it okay for the US to sponsor cyber attacks, but not the Iranians? If it is an act of war, then did Congress authorize the US act of war?

The difference is that the US was trying to prevent Iran from getting ahold of weapons/technology that it shouldn't have. Iran is out to destroy existing infrastructure. So the difference is scale. The US says "we'll try to stop X from happening", and Iran says "I'm a bull in a china shop trying to destroy everything".

Re:So why?

The Stuxnet virus attacked a military target (weapons research). The Iranians are probing civilian infrastructure. Huge difference.

Re:So why?

" I'm not sure how far the US should go to prevent that (I'd certainly be opposed to a full blown war) but Stuxnet was a clever technique that didn't even hurt anyone. My attitude is "well done"."

When is it ever a good idea to use a weapon against your enemy when that weapon remains intact and usable against you? When it completely destroys your enemy--that's it.

  Stuxnet did not do that. We merely cost them money and time. In exchange, we gave them the very same weapon to use and abuse as they see fit. Clever? Yes. Strategically advantageous? No.

Re:So why?

As an American I'd rather the US not attack anyone and the "enemy" not attack us either.

That's a nice dream, but how exactly do you plan on accomplishing that? History has shown that when we ignore the world, it ends up forcing itself on us.

Re:So why?

[AmiMoJo]

Don't you see the flaw in that attitude? Consider that your Iranian counterpart is taking exactly the same attitude. Damage the US economy and infrastructure to make invasion harder. Develop nuclear weapons as the ultimate deterrent.

I think of lot of Americans don't realize that the US currently has the most aggressive and threatening stance. Yeah, occasionally some Iranian politician or cleric makes a comment about wanting to destroy the US, but the the US actually does have the capability to carry out the threat of invasion. Not only that but it is on one side of Iran with bases in Iraq and it's best buddy Israel is on the other, with some ships off the coast for good measure.

You can't really expect any country to give up on defending itself, so it is up to the US to back down. Unfortunately I think we are now beyond the point where even a full scale withdrawal would stop Iran wanting nuclear weapons because there is no guarantee what will happen after the next election and Israel just might use theirs.

Re:So why?

[ebno-10db]

Don't you see the flaw in that attitude? Consider that your Iranian counterpart is taking exactly the same attitude. Damage the US economy and infrastructure to make invasion harder. Develop nuclear weapons as the ultimate deterrent.

I wish we could go back in time and not get involved in that idiotic coup to ensure BP's profits (Truman refused to do it). Unfortunately we can't. Since 1979 there has been a lot of (thankfully) low level hostilities between the US and Iran. Stuxnet, while one can debate its effectiveness, was a very low level "hostility" (no one hurt) and at least intended to serve a decent purpose.

The Iraq war probably did 100x as much as Stuxnet to make the Iranians leery. "Gee, the Great Satan will invade countries without any good reason". I can't blame them for coming to that conclusion - I have too and I'm an American! However you also shouldn't get too US-centric. There are plenty of reasons besides the US why countries might want to develop nukes. Israel has them, and whatever you think of Israeli policies, nothing the US can do would make them get rid of the nukes. India and Pakistan are the most likely place for a little nuclear war, and they developed nukes for reasons that have nothing to do with the US or Israel. Nukes are also a prestige item (personally I'd recommend a Rolex instead). Not everything Iran does is in response to the US.

Re:So why?

[meglon]

They can have whatever weapons/technology they can develop. You're trying to make an excuse for the US being dicks to them, again.

Re:So why?

Not only that but it is on one side of Iran with bases in Iraq and it's best buddy Israel is on the other, with some ships off the coast for good measure.

Have you looked at a map? Israel and Iraq are on the same side of Iran.

However,

The US has bases in Iraq, Saudi Arabia, Turkey, Afghanistan and Pakistan and Qatar. Their NATO ally Russia has bases in Georgia, Armenia, Azerbaijan and Turkmenistan. Together they have them completely surrounded.

I know, I know!

[ColdWetDog]

Iran is annoyed at Adobe's new subscription pricing model. They're just looking for some valid serial numbers for Photoshop so they can keep expanding their military prowess.

Re:I know, I know!

[ebno-10db]

I'm nominating you for Secretary of State. It's a brilliant diplomatic strategy. The US and Iran can become allies in a war against Adobe. Then in the spirit of George Washington's advice about international affairs, we can say we're sorry about the shah, they can say they're sorry about the hostages, and we can put the whole mess behind us. Bonus points for destroying Adobe.

Re:I know, I know!

For the sake of all that is good, don't destroy Adobe! Just humble them. It's one thing to keep them from screwing with you, it's another thing to actually have to use The Gimp for real work!

Re:I know, I know!

[jasper160]

You are a genius!

Airgap?

[skomorokh]

I don't understand. Is this actually a threat or is it just an attempt to break into some webservers/desktops? Why would the SCADA system controlling things like gas and power be connected to any machine with an Internet routable IP or that is able to connect to any machine with an Internet routable IP? Is it impractical to only use bright red network cables for Important Things and, in those situations where it's worth the compromise, traverse a wireless link or a leased line (ie. phone system directly, not Internet) through a carefully configured VPN with more bright red cables on the other end? If you want access at your desk... another machine with bright red cables. And glue in all the usb ports. Power plants right? They don't do this do they? Why?

Re:Airgap?

[ColdWetDog]

Why would the SCADA system controlling things like gas and power be connected to any machine with an Internet routable IP or that is able to connect to any machine with an Internet routable IP?

Like most topics, we've beat this one to death in the past. Yes, anyone with half a brain wouldn't do that. Unfortunately, among persons setting up SCADA systems, having some functional neurons seems to be something of an edge case.

Re:Airgap?

[Antipater]

Because people take network security about as seriously as they take nutrition. Everyone says they want to do the right thing, but then at the first sign of inconvenience they're back to their bad habits.

Re:Airgap?

[ebno-10db]

And I thought that "what do Twinkies and Internet connections have in common" was just a philosophical question.

Re:Airgap?

[gstoddart]

Why would the SCADA system controlling things like gas and power be connected to any machine with an Internet routable IP or that is able to connect to any machine with an Internet routable IP?

And the answer never changes -- incompetence and laziness.

We all know you shouldn't have your critical infrastructure on the web, but that never really seems to change anything.

Re:Airgap?

[skomorokh]

Um, do you speak from experience with infrastructure engineers or this is just the vague impression you get from Internet fora? I don't quite have the hubris to assert one way or another, I was hoping to better understand. Like most things I haven't done, I imagine than actually doing it is a lot more complicated than imagining it and there are some real-world aspects that make this far less impractical than it seems. Were I to guess, it wouldn't be the people setting up the system I'd blame. I imagine that no one wants to pay for it because it's not a guarantee and isn't noticable until it's too late which is probably after next quarter. Is brightly coloured plastic and some redundant VPNs and commodity PCs it really THAT expensive though in the context of generators and such?

Re:Airgap?

And you're an uninformed doofus. As a guy responsible for a SCADA system I'll tell you that one of the first things I wanted to do was disconnect all external connectivity. That was when I got hired and before I understood all of the intricacies of what the requirements are. We have to share real time data with all of our neighboring utilities as per federal law. Marketers and accountants need access to data to make decisions in real time. Federal agencies such as WECC demand that we provide them with things like load forecast data, spinning reserve schedules, tie-line outages, etc so that they can perform real time studies. We have a security in depth approach that limits exposure, but disconnecting is just not possible. Our own government is really creating the largest holes that we have.

Re:Airgap?

[ebno-10db]

And you're an uninformed doofus. As a guy responsible for a SCADA system I'll tell you that one of the first things I wanted to do was disconnect all external connectivity. That was when I got hired and before I understood all of the intricacies of what the requirements are.

Sounds like you started out as an uninformed doofus too.

We have to share real time data with all of our neighboring utilities as per federal law. Marketers and accountants need access to data to make decisions in real time. Federal agencies such as WECC demand that we provide them with things like load forecast data, spinning reserve schedules, tie-line outages, etc so that they can perform real time studies.

1. This may be a naive question, but it sounds like all that data is stuff that is an output from the actual SCADA part of your plant. Cut a few wires and you can convert a two-way link into a one-way link. Read all you want but you can't control the plant from an external network. Would that work?

2. How was this stuff handled before the Internet?

3. If worse comes to worse maybe we need a WAN other than the Internet for this type of stuff.

Our own government is really creating the largest holes that we have.

Sounds like the stuff the government requires serves a real purpose. Are there cases where that's not true?

Re:Airgap?

[HornWumpus]

In my experience running utility simulation models and querying system conditions for model initial conditions, that is exactly what SCADA does. SCADA runs controls, every 15 minutes or so SCADA dumps integrated data to the system condition database.

Of course that means there is no air gap. SCADA is sending data to the database via message queues. Operators are controlling the system via separate paths. These private networks are as well secured as any digital infrastructure outside spook agencies.

Re:Airgap?

[AmiMoJo]

Here's how it happens:

RemoteMon Corp. develops a cool new monitoring system that lets utilities keep an eye on their facilities remotely using the internet to create the connection rather than an expensive dedicated line. Utilities love it because it reduces their costs hugely and lets them set up a cool looking operations centre with big monitors so they feel like NASA or something. Seriously, they love those.

RemoteMon tells the utilities that they need to set up secure passwords and change them regularly. They need firewalls and VPNs for everything. Problem is this creates a huge headache for the low grade IT staff they employ. They can't figure out how to make email work at the same as the VPN connection the boss needs to access the monitoring interface, so just give up and figure no-one will ever find that server, especially since they changed the default port to something really high.

So RemoteMon assume that the utilities will do all the security. The utilities assume that RemoteMon already covered it with the password you need to access the monitoring web interface. I've seen it happen when water utilities can't get their FTP server to work properly with their firewall so they just put it in the DMZ and then blame any problem on elite Chinese government backed hackers.

Ha! We are ahead of you Iranian hackers.

[140Mandak262Jamuna]

We have stopped maintaining our bridges and roads, and we have reduced infrastructure spending drastically. By the time you Iranians figure out how to destroy American infrastructure, there will be nothing left for you to destroy. Fools on you Iranians.

Re:Ha! We are ahead of you Iranian hackers.

[Kilo+Kilo]

It's funny because it's true, as much as I wish it weren't. It seems that "smart" infrastructure (power plants, etc.) have laughable levels of security while "dumb" infrastructure (roads, bridges) are pretty much falling apart. Why can't this country do anything right? Why are we surprised when Iran hits back with the exact same tactic we used on them? Why can't we plan more than a day in advance?

Re:Ha! We are ahead of you Iranian hackers.

Because we care more about complaining about how bad it is, and attacking each other over ideology (which moist would not pull a hair for at any time other than a political argument) than working together. We never learned how to work together, our country is even set up at 50 nominally independent states. In the past there was enough of a vague sense of patriotism and enormous prosperity that people were kept fairly happy and things got done. But now that is all gone, and we need to work together properly and we just cannot do it. The choices are the continue like this until something bad happens, and it snowballs into something horrible, begin massacring each other until there is only one ideology left so no one has to work with someone they do not agree with, or act like a sophisticated, modern society and work together for our mutual prosperity. The dutch have done it for hundreds of years, I doubt americans are mature enough.

Re:Ha! We are ahead of you Iranian hackers.

Don't forget that the U.S. have left 'critical' defense information, like plans for advanced technology jet fighters, etc., open to attack as well. Apparently the Chinese have already taken us up on this 'offering'. And the Australians recently admitted that they 'gave away' the blueprints to their intelligence services headquarters and it's security systems.

Hopefully all of this is just an elaborate plan to stimulate the economies of Australia and the U.S., a bet that the Chinese will just call the contractors who build these things for the governments of the foreign devils, since they are so far behind the rest of the 'civilized world'. I'm sure the Chinese would trust us to build their defense and intelligence solutions for them, right?

Re:Ha! We are ahead of you Iranian hackers.

A day in advance actually means more than 4 years in politics and more than 1 quarter in the stock market... and we know how hard it is for policitians and CEOs to think more than 1 period in advance.

Re:Ha! We are ahead of you Iranian hackers.

[140Mandak262Jamuna]

Holland is a tiny homogenous country. Singapore is a tiny multi-ethnic (Chinese, Malay & Tamil) country. That you mention Holland but not Singapore is telling. Anyway, what is possible for these tiny countries is not possible for big countries.

Re:Ha! We are ahead of you Iranian hackers.

[ebno-10db]

We never learned how to work together, our country is even set up at 50 nominally independent states.

That explains why the US never got beyond being a 3rd rate agricultural colony.

Re:Ha! We are ahead of you Iranian hackers.

[Medievalist]

I don't know why you're bringing Moist into this. He's not really a super-villain, and I don't need that we need anything dampened, or... made soggy.

Re:Ha! We are ahead of you Iranian hackers.

[meglon]

Yes, because economics of scale show that it simply can't work that way. Wait....

The problem in the US isn't our size, it's that a portion of the country who has no idea of what citizenship, patriotism, or responsibility means is now the base of one of the political parties, and is doing everything it can to emulate insurgents with the goal of destroying us as a nation. If "secession" ever comes up as a possible alternative, you are no longer working for the betterment of the United States or it's citizens.

Re:Ha! We are ahead of you Iranian hackers.

[meglon]

We knew how to for a long while, unfortunately, it's become the meme of some in the past 30 years to see working together as the ultimate form of sin.

Re:Ha! We are ahead of you Iranian hackers.

[ebno-10db]

I kind of agree (though one shouldn't get too starry eyed about the past). However the poster wrote "we never learned how to work together". He also mentioned our federal system of government, which we've always had.

Third World country

Obama's original model was to create a cult following that, along with a reliably liberal majority in Congress, would do all the the heavy lifting of "fundamentally transforming the US" for him while he enjoyed his perch at the topof pop culture and politics. His constant agitating and us/them rhetoric is designed to activate the cult and get them pounding on the media and their representatives to do whatever hewants.

The model has failed; the cult was strong enough to get him elected butis distinctly uninterested in policy, and his one big policy achievement lost him control of Congress in 2010. He keeps trying to breathe life into the model through manufactured wedges like guns and immigration. But it is really the model that has failed. America is not - yet - a Third World country where masses of voters can be continually "organized" and whipped into a frenzy by a charismatic leader, and force legislatures to bend to his will.

Live by the Cyber Sword

[ThatsNotPudding]

Die by the Cyber Sword.

It really will be a photo finish to see which country has more cheap, lazy, and incompetent mid and upper level bureaucrats and MBAs.

Re:Live by the Cyber Sword

[ebno-10db]

It really will be a photo finish to see which country has more cheap, lazy, and incompetent mid and upper level bureaucrats and MBAs.

The ultimate cage match: MBA's vs. theocrats.

Re:Live by the Cyber Sword

[meglon]

There Will Be.. Paper Cuts!!!!!

Wait... paperless what? Frak me, another great title shot to hell.

Re:blowback - Book Recommendation

[David_Hart]

Maybe launching destructive malware at Iranian infrastructure wasn't such a good idea.

I just read a decent fiction eBook about disaster caused by cyber warfare called CyberStorm. It was a bit dark at points and has its flaws, but was overall a good read.

Some questions

[Okian+Warrior]

Okay, some questions.

Firstly, how do they know it was Iranian hackers? The linked article is the NYT reporting US officials as saying that the attacks came from Iran, and that the attacks could not be carried out without the regime's knowledge. Not a direct quote, btw - a paraphrasing of something a government official said, paraphrased by the reporter, and punched up by the editor for more impact.

Yet the register first line reads: "Iranian hackers are launching state-sanctioned attacks on US energy firms and hope to sabotage critical infrastructure by targeting industrial control systems, according to American officials."

There's a difference between attacks originating in Iran and attacks sponsored by the regime. Also, it's difficult at best to determine the origin of an attack - are they sure these attacks weren't proxied *through* Iran?

Secondly, how do they know that the goal is sabotage, when no sabotage has actually occurred? How do they know that this isn't just some bot herders trying to find more spam outlets? Certainly "accruing information on how their systems work" sounds more like a port scan or a vulnerability scan - which would be the first step regardless of the intent.

This is high-octane scare mongering. Be afraid, everyone! Don't use logic, let your emotions guide your opinions!!!

Re:Some questions

[ebno-10db]

This is high-octane scare mongering. Be afraid, everyone!

You act as though someone were calling for a nuclear attack. Even if this story is total garbage, I hope it gets lots of attention. Something has to be done about our insecure SCADA/infrastructure, regardless of whether you think the threat is from the Evil [insert whatever you hate here] or a bored kid in the basement.

Re:Some questions

[iggymanz]

dumb-asses who hook their SCADA systems to the internet richly deserve what they get. Hope some big companies get burned so they wake up.

Re:Some questions

[ebno-10db]

dumb-asses who hook their SCADA systems to the internet richly deserve what they get

Agreed, but what bothers me is that I sometimes have little choice in relying on services provided by the aforementioned dumb-asses (e.g. electricity).

Re:Some questions

[tnk1]

Iran has some pretty strict Internet rules and monitoring is most certainly employed. While it could be random hackers inside Iran, the chances of them executing a long term project and not being noticed are slim to none. The proxy scenario seems also unlikely as an anonymous proxy service is another thing you don't run in Iran without someone noticing. I think it is entirely safe to say that they were Iranian, and that the government knew about it.

As for the goal, presumably, the US government knows that the goal is sabotage by the selection of the materials targeted. If someone is downloading, say, information on security protocols and failure scenarios, you can pretty much bet that they aren't just doing that just because they are curious. Yes, perhaps there is room for doubt, but there are some things that some bored hacker isn't going to look for... isn't even going to know what to look for... without having experience. This is also a reason that it is probably Iranian government as well: they likely have experts who tell the hackers what they need to be looking for. Hackers, while smart, are not necessarily knowledgeable about infrastructure. They may know how to get into things, but they probably don't know what they are looking for once they are in.

I agree that the ultimate outcome is in doubt: learning how to sabotage the US infrastructure is not the same as actually doing it. Just like testing nuclear weapons doesn't actually mean that you intend to use them.

I also agree that releasing this information has an ulterior motive. It is PR for the agencies involved. In that sense, you have to take it with a grain of salt, but it doesn't mean it is fabricated or a scare tactic to cover an upcoming war. It's basically a department telling taxpayers that they need to continue funding them, or this could happen. A scare tactic, but for money. As much as I don't like that they do this, given how political that the budget process has become, it is probably understandable. It is also important to understand that, if these departments do their job, no one ever hears about them, because they generate no news. Sometimes, you need people to know what they are doing for the money that they pay you. This is likely what that is.

Re:Live by the Cyber Sword - No Contest

[some+old+guy]

No contest, USA wins that one hands-down.

The real competition is who has the most/brightest hackers and security geeks. If we keep flooding ourselves with incompetent H1B's, the Iranians will have us by the short hairs.

Of course they're Iranians!

Crowd: An Iranian! An Iranian! An Iranian! We found an Iranian! We've got an Iranian! An Iranian! An Iranian! We have found an Iranian. May we burn her?
How do you know she is an Iranian?
She looks like one.
Bring her forward.
I'm not an Iranian! I'm not an Iranian!
But you are wearing a sign that says 'Iranian' on it.
They dressed me like this. - No, we didn't.
And this isn't my computer. It's a false one.
Well? - We did do the computer.
The computer? - And the sign. But she is an Iranian!
Did you dress her up like this? - No, no!
Yes. A bit.
She has got a Facebook account.
What makes you think she's an Iranian?
She put porn on my computer!
Porn?
I deleted it.
Burn her anyway!
Quiet! Quiet!
There are ways of telling whether she is an Iranian.
Are there? What are they? Tell us. - Do they hurt?
Tell me, what do you do with Iranians?
Burn them!
And what do you burn, apart from Iranians?
More Iranians! - Terrorists!
So why do Iranians burn?
Cause they're terrorists? - Good!
How do we tell if she's a terrorist? - Fly her into a building.
But can you not also fly regular airline passengers into buildings?
Oh, yeah.
Do terrorists live every day lives in America?
No, they live in fear. - Take her to America!
Who also lives in fear in America?
The 99%. - African Americans.
Very small rats. - Fries! Great gravy.
Cherries. The recording industry. - Churches.
Bill Gates. - A file sharer!
Exactly.
So, logically--
If she shares files...
she's a terrorist.
And therefore?
An Iranian!
A file sharer! A file sharer! - Here's a file sharer.
We shaIl use my deepest network packet sniffers.
Burn the Iranian!
Scan the network!
An Iranian!
It's a fair cop.
Who are you, who are so wise in the ways of science?
I am the 1%, king of the World.

Chinese, Russians, North Koreans and now Iranians

[guttentag]

If you have one ant trekking across your kitchen to steal food, contaminating what it doesn't steal, you may not notice it. But if you have a swarm of ants trekking across the floor, you are more likely to notice them and take appropriate action. Unless you are a government agency, in which case you send a diplomat to tell the ants that if they don't stop you are going to get really slightly theatrically concerned, and the process of trying to figure out how to make a face that properly conveys that will make you annoyed at them.

The real question is which of the following is going to happen first:

1. The Chinese hackers attack the Iranian hackers before they draw attention to targets the Chinese want. If you're a spy infiltrating an installation and you come across some amateur spy who is also infiltrating, you kill the spy and hide the body in a ventilation shaft before he gets caught and the place gets locked down.
2. The Iranian hackers accidentally disable the systems that are giving the Chinese access to U.S. secrets.

Why hasn't someone made a sitcom about this yet?

Iran!

Iranians! Fuck Yeah!
What you gonna do when they attack you!!

8)

I fear this.

[argStyopa]

When you extrapolate
1) the increasingly-vaguely-worded and -legally-authorized reach of national governments to act in what might be defined broadly as "military" ways wherever they see fit

2) plus the ever-increasing capabilities of non-state actors (some call them terrorists, when it's convenient) and the state-sponsors that back them, not to mention the actual inability of states to closely control these assets

3) the (current) ability to execute such actions through proxies/remotely/etc such that they are nearly perfectly anonymous

4) and the increasingly brittle infrastructure of a modern, interconnected, INTEGRATED data- and electronically-driven (mostly Western) society.

The intersection of these lines seems inevitable: a non-state actor (perhaps sponsored by a state, whether or not this specific action IS sponsored/authorized) is going to accomplish something really heinous, like a Chernobyl-level meltdown, or perhaps the destruction of the electrical grid across the East Coast of the US (something that costs $billions and/or thousands+ of lives).

What happens then? If the US is catapulted into a paroxysm of 10 years of war over the relatively puny-but-showy 3000 deaths of the WTC attack, what would we do if that casualty number was 20,000? 100,000?

"Someone will need to pay dearly" would seem to be the logical response of this otherwise-torpid democracy. But what if we don't know who that is, or (almost worse) are only "pretty sure" we know who it is?

Re:I fear this.

The intersection of these lines seems inevitable: a non-state actor (perhaps sponsored by a state, whether or not this specific action IS sponsored/authorized) is going to accomplish something really heinous, like a Chernobyl-level meltdown, or perhaps the destruction of the electrical grid across the East Coast of the US (something that costs $billions and/or thousands+ of lives).

Nuclear reactors don't work like that.

As for electrical grid, bah, all you need is a branch touching some wires to do that. It seems it is as flaky in places as that.

http://en.wikipedia.org/wiki/Northeast_Blackout_of_2003

then there is some human errors too,
http://en.wikipedia.org/wiki/Northeast_Blackout_of_1965

Really, no need to panic too much.

"Someone will need to pay dearly" would seem to be the logical response of this otherwise-torpid democracy.

That is the problem. It is not technical. It is political and sociological. Wars are not started by "tech". They are started by people thinking "we'll be home by Christmas" or whatever other holiday you can substitute for that. Perhaps if people that started wars were immediately executed as some sort of sacrifice, perhaps we would end up with a few less wars.

Give it up

[Reliable+Windmill]

Nobody cares about your propaganda. Everyone knows USA is doing exactly the same, if not at an even larger scale.

Re:Give it up

[Issarlk]

But the USA are the good guys, it's normal they do this!
The problem is the Iranian don't realise they are the bad guys ; I'm sure they are reasonable and would stop everything if they knew they were in the wrong.

FUD

[jeff13]

My FUD-o-meter just went into the red.

Re:Chinese, Russians, North Koreans and now Irania

[ebno-10db]

Why hasn't someone made a sitcom about this yet?

It could work since everybody now knows that nerds are funny. Maybe a sequel to the Big Bang Theory. Penny gets a job as a SCADA security engineer, but gets distracted by the bad guys when they deliver a great pair of new shoes to her. Sheldon could easily fix it, but he too is distracted because it's Tuesday and he had French toast instead of oatmeal.

Strawman much?

Why is it okay for the US to sponsor cyber attacks,

Who said it was?

but not the Iranians?

Who said it wasn't?

If it is an act of war,...

Who said it was?

I, for one, fully expect Country A to pursue avenues of attack against Country B, for any values of A and B where a pact of alliance has not been signed by both parties. And sometimes even when one has. I consider any other attitude to be absurdly naive.

It wasn't just Obushma, though

Maybe launching destructive malware at Iranian infrastructure wasn't such a good idea.

I know several people who've been hacking on Iran for almost a decade. Supposedly one guy owned Ahmadinejad's personal site for months, and used it as a base to attack Iranian political and infrastructure sites.

Basically, if you want to do criminal hacking from inside the USA, you target Iran, because you won't be punished by local law enforcement.

I suspect the same holds true for Chinese teenagers - if they hack the USA, they get their jollies with less chance of getting arrested or shot.

My favorite part of the story of Obama releasing malware to attack Iran is the part when Mossad stole the control keys. LAFF RIOT!

Re:Chinese, Russians, North Koreans and now Irania

[Puff_Of_Hot_Air]

Ants are actually incredibly clean. Your bench will be slightly cleaner after an ant has walked across it. Use a better analogy, and love your ants!

Re:Chinese, Russians, North Koreans and now Irania

[AmiMoJo]

Ventilation shaft are terrible places to hide bodies. Bodies go off fast, especially if they lose control of their bowels. That nasty smell is going to get spread all around the building pretty fast if you stick it in the ventilation system.

The Solution

[sydsavage]

They could add this to their ip tables rules:

-A INPUT -m geoip --source-country IR -j DROP

Would it stop every probe/attack? Nope. Would it eliminate 99.999% of what is being reported in this story? Most likely.

does hollywood and govt still think its good to go

does hollywood and govt still think its good to go after pirates and everyone in the world , lets us know when you had enough of the world slapping you bitches called americans

Re:Live by the Cyber Sword - No Contest

No contest, USA wins that one hands-down.

The real competition is who has the most/brightest hackers and security geeks. If we keep flooding ourselves with incompetent H1B's and throw our hackers in jails, the Iranians will have us by the short hairs.

Does anyone else hear...

... some geek-General at the Pentagon wailing "Pleeease don't cut my budget!"?

What is it with all these completely-unverifiable stories about cyber-attacks from China and Iran? In all seriousness, hands up - who here didn't already assume this sort of thing was going on, routinely? So why does it get such a lot of coverage?

no reliable sources in TFA

[mutherhacker]

"The New York Times reported Friday, citing American officials and corporate security experts"

Super reliable sources! Looks like the government is preparing a move to IRAN and the propaganda machine is setting the stage.

perhaps they could coordinate with the chinese

got to be some port contention with all this activity