International Space Station Infected With Malware Carried By Russian Astronauts

DavidGilbert99 writes "Nowhere is safe. Even in the cold expanse of space, computer malware manages to find a way. According to Russian security expert Eugene Kaspersky, the SCADA systems on board the International Space Station have been infected by malware which was carried into space on USB sticks by Russian astronauts."

Oh, the irony...

[nospam007]

Skynet transported into space by sneakernet.

Re:Oh, the irony...

[girlintraining]

Skynet transported into space by sneakernet.

More seriously... those SCADA systems control life support. That's a problem if you're one of those types of people that would rather go on sucking nitrogen/oxygen mixtures instead of vaccum up there. Now, I'm pretty sure that unlike in the movies there's no computer control that lets them just vent all the atmosphere into space in a few seconds, but if those systems were programmed to damage the ISS, it might force it to be abandoned. That would be bad.. especially if it de-orbited suddenly. That's a very, very big thing to be coming down to Earth, and it wouldn't break apart in a tight pattern either.

Re:Oh, the irony...

[fast+turtle]

Not subtle enough. All you really need to do is drop the O2 Concentration by 2-3 percent while allowing CO2 to increase. Astronauts then make mistake that kills everyone aboard while leaving things mostly operational. Optionally add C0 (Carbom Monixide) to the mix and ensure that they die quietly.

Another possibility is to screw up the results of some of the experiments. Who says they're not valuable? Hell what if ET is trying to inject some knowledge in a manner that Humanitie can accept - "Eureka!!" Now I can patent the hell out of shipstones or what ever else you can think of.

Re:Oh, the irony...

[fahrbot-bot]

That's a problem if you're one of those types of people that would rather go on sucking nitrogen/oxygen mixtures instead of vaccum up there.

Okay that's going to cause some confusion, because in Soviet Russia, vacuum sucks you.

Re:Oh, the irony...

[girlintraining]

Okay that's going to cause some confusion, because in Soviet Russia, vacuum sucks you.

That's nothing. In Soviet America internet browses you! And apparently Soviet Britain too, given the post earlier today. :\

Re:Oh, the irony...

[girlintraining]

Not subtle enough. All you really need to do is drop the O2 Concentration by 2-3 percent while allowing CO2 to increase. Astronauts then make mistake that

Stop. Please. There are independently-alarmed sensors on the ISS in each compartment that check oxygen and Co2 levels, and there are emergency scrubbers present. All they need to do is go to the storage compartment, pull out the cylinder, twist, and let it float there. It will, via chemical reaction, eat up several days worth of Co2. And these people are given oxygen-deprivation training prior to assignment; They're professionals. They will realize the problem even without all those safeguards.

The risk is not to the people, the risk is to the equipment -- those SCADA systems control much of the automated systems on board, including thrusters that control yaw, roll, solar panel angles, etc. If you fuck with those, you could, say, twist up the solar panels like a cork and snap lines. You could disable the stabilization gyros and send the thing into a spin. Or you could just disable them at a key moment and allow the ISS to hit space debris -- it needs to adjusts its orbit on an irregular basis for just this reason. Even just tilting it so it's broadside with the sun and then disabling everything would be enough to bring it down in a few months if control couldn't be re-established... difficult if the thrusters were set to a mode where they burn fuel off as fast as possible at opposing points across the central axis, for example.

No country down here has the ability to rapidly build, assemble, transport, and launch, required repair supplies in time to salvage it if someone were to do this. The ISS would de-orbit. But the risk to the astronauts lives? Low. Risk of damage to property on the ground? Middleish; The world still is mostly ocean afterall.

Re: Oh, the irony...

[roc97007]

It's the Fulton's Folly argument. They laughed at Fulton, and he was proven correct. They're laughing at me, therefore I will be proven to be correct.

The people who make this argument don't seem to understand the basic flaw. Or, they hope their listeners won't.

Re: Oh, the irony...

[NemosomeN]

If a guy on the street was screaming that the NSA was tapping the phones of world leaders, we would have called him crazy. The fact that it later came out that the NSA was tapping the phones of world leaders doesn't retroactively make that person not crazy. Or was your point "Yes, I may be crazy, but sometimes crazy people are coincidentally correct!" I'm sure there are paranoid schizophrenic people that are right now being investigated by the FBI -- but they are still paranoid schizophrenic.

Re:Oh, the irony...

[Ioldanach]

The ISS is nothing more than a thinly veiled weapons platform cloaked as a space station. Rods from God is the ultimate weapon, inflicting nuclear scale devastation without the pesky fallout. Within our lifetimes expect to see an attack launched and the USA will claim that they had no part in it, when in reality they will be the instigating party with plausible deniability.

Why would the Rods from God project require a manned platform? Especially an international crew that would be likely to discover the device and report it back to their own respective countries?

Re:Oh, the irony...

[Bigbutt]

Really, how do you know that? The article doesn't identify the malware.

Kaspersky compares the situation to the Stuxnet virus where even without internet access, malware can infect systems but he has no apparent knowledge of the actual virus(s) that are on ISS.

[John]

Re:Oh, the irony...

[imikem]

Sure, go and inject reason and logic to a perfectly good paranoid rant. I hope you're proud of yourself.

Re:Oh, the irony...

[Konster]

That seals it...I'm moving to Soviet Russia!

Re:Oh, the irony...

[MachineShedFred]

Wait, are you saying that a computer virus can't stop lithium hydroxide from chemically absorbing CO2?

What a shitty virus.

Re:Oh, the irony...

[K.+S.+Kyosuke]

Skynet transported into space by sneakernet.

That would be spacesuitbootnet, right? I found sneakers difficult to pressurize.

Re:Oh, the irony...

[K.+S.+Kyosuke]

More seriously... those SCADA systems control life support.

The actual critical systems on ISS are heavily custom, up to and including using participants' own CPU designs (ESA's Leon is powering the redundant DMS-R computers, I believe). I'm not sure how you would go about "randomly" infecting such a system.

Re: Oh, the irony...

[K.+S.+Kyosuke]

The claim that NSA was spying on everyone was believable. In fact, I had sort of expected that happening. On the other hand, the claim that these "rods from god" can violate fundamental laws of physics, including the law of conservation of energy, to achieve "nuclear scale devastation", smells not only of thinking patterns of a conspiracy theorist but rather of sheer lunacy (or lack of high school education, or both).

Re:Oh, the irony...

[Samantha+Wright]

When you see "Russian", "USB key", "malware" and "SCADA" in a sentence you should automatically think Stuxnet, which TFA talks about at length. Stuxnet, happily, only attacks centrifuges, and is generally very sophisticated about staying out of the way. The chances of any complications happening spontaneously are somewhere between "Hollywood movie plot" and "political promise."

Re: Oh, the irony...

While certainly possible to have nuclear scale devastation with kinetic bombardment, doing so from orbit would require impactors large enough amateur would be able to see it on the ISS. Studies have been done of using smaller, sub-nuclear bomb energy kinetic bombs, which might be possibly to hide on the ISS assuming photos from the the ISS itself are doctored/censored, but those studies point out such bombs are inefficient destruction-wise compared to conventional weapons. The only possible advantage of such weapons is very short time deployment with very low chance of detection, and to take advantage of that, you would want at least half a dozen such satellites. A single manned platform would be a complete waste.

Re:Oh, the irony...

[dyingtolive]

In Soviet Russia, Soviet Russia moves to you!

Re:Oh, the irony...

[Hamsterdan]

You *DO* know Iron Sky was just a movie, right ?

http://www.imdb.com/title/tt1034314/?ref_=fn_al_tt_1

Re:Oh, the irony...

[girlintraining]

Wait, are you saying that a computer virus can't stop lithium hydroxide from chemically absorbing CO2? What a shitty virus.

No, but I can write one that hacks the SCADA systems into overvolting multiple systems and starting dozens of fires in the ISS, creating a choking, venomous fume that forces everyone into the escape pod and ejects... and then deorbit the damn thing into the nearest populated continent.

That's the concern here. It's not the lives up there we're worried about. It's the ones down here if someone decides to turn the ISS into a few hundred tons of flaming death from the sky... though it's more likely it would simply break and have to be abandoned.

Re:Oh, the irony...

[trev.norris]

The chances of any complications happening spontaneously are somewhere between "Hollywood movie plot" and "political promise."

I like how you place "Hollywood movie plot" on the left, indicating it's more plausible than a "political promise".

Re:Oh, the irony...

[Entropius]

Hollywood occasionally makes non-fiction movies.

Re:Oh, the irony...

[DamnStupidElf]

Why would the Rods from God [popsci.com] project require a manned platform? Especially an international crew that would be likely to discover the device and report it back to their own respective countries?

To give the rods a heave out of the tube perhaps? I'm not sure how many of you have personally de-orbited anything from LEO, but you can't just "drop" things on the Earth from up there.

Re:Oh, the irony...

[Samantha+Wright]

I'm pretty sure those are called "based on a true story" movies.

Re:Oh, the irony...

[girlintraining]

When you see "Russian", "USB key", "malware" and "SCADA" in a sentence you should automatically think Stuxnet, which TFA talks about at length.

Of all the things the Russians have been accused of, Stuxnet isn't high on the list. It's generally regarded as having come from a joint effort between the United States and Israel.

Stuxnet, happily, only attacks centrifuges,

And since a well-studied and highly innovative piece of malware that has been fully reverse-engineered, I'm sure we can all rest easy knowing nobody will ever come up with a variant that does anything different. Unless of course, it did.

Re:Oh, the irony...

[Samantha+Wright]

Stuxnet was delivered to Iran by slipping it onto the equipment of the Russian contractors building the nuclear plant.

Gauss was discovered in Lebanon and appears to have been built with the same toolkit, not reverse-engineered, suggesting the Israelis were responsible for its release. The other known variant, Flame, is also not found anywhere near Russia, and was also cut from the same cloth and targeted at Iran.

And, moreover, Kaspersky said it was Stuxnet, with (I'm pretty sure but don't have the time to watch the whole video) implications that it may've come by accident from an attack targeted at a Russian nuclear plant.

So... still pretty unlikely the ISS has any vulnerable systems.

Re:Oh, the irony...

[pr0fessor]

"Kaspersky revealed that Russian astronauts carried a removable device into space which infected systems on the space station. He did not elaborate on the impact of the infection on operations of the International Space Station (ISS)."

The article doesn't say that it infected the SCADA system on the ISS he was using it as an example of how stuxnet got into a nuclear power plant. If you search google the only stories with any details are for non-critical systems and laptops brought up to the ISS having infection.

Re: Oh, the irony...

[girlintraining]

You can write a virus that does all that? You're good.

Don't I know it. I also make a mean omelette.

Re:Oh, the irony...

Rods from God

That would be an excellent name for a rock band, or a porn flick.

Re:Oh, the irony...

[girlintraining]

Stuxnet was delivered to Iran by slipping it onto the equipment of the Russian contractors building the nuclear plant.

Okay, and some of the parts had Made in China stamped on it, but nobody's accusing them of being behind it. This is blaming the Russian government for something that Russian contractors very probably were unaware of having done! They were mules. There's nothing Russian about that. It'd be like me saying when you think of "too big to fail", "wall street", and "subprime mortgage", you should think of Indians, because Goldman Sachs hired a few of them to program the computers.

he other known variant, Flame, is also not found anywhere near Russia,

Holy shit! A targeted virus not replicating outside the target area? STOP THE PRESSES!

implications that it may've come by accident from an attack targeted at a Russian nuclear plant.

Whoa! Someone implied something. STOP THE PRESSES! ... Again!

I'm sorry, but when I think Stuxnet, Russia doesn't figure highly into it, and with good reason: There's no credible evidence, circumstantial or otherwise, that the Russians were involved. The only thing the Russians are in the news for lately is telling the USA to pucker up and kiss their ass over Snowden, and parading about their gay as shit president -- who runs around shirtless and bareback on horses while proclaiming gays are evil and must be punished. Yeah, there's plenty of really good Russian hackers, motivated mostly by the really crappy economy up there... but a few good hackers does not a conspiracy theory make.

Re:Oh, the irony...

[drcheap]

"...where even without internet access, malware can infect systems..."

What a preposterous thought! There is absolutely no way a virus could spread to other computers without ... The Internet!

Re:Oh, the irony...

[EETech1]

if Stuxnet was really as particular about which systems is infected, it really makes you wonder if the Iranian plant was a carbon copy of the Russian plant.

Re:Oh, the irony...

[Samantha+Wright]

Woah, woah, I'm not implicating the Russian government. I'm just saying that Stuxnet infections are common in Russia. Everyone believes the ISS infection was an accident.

Re:Oh, the irony...

[girlintraining]

Woah, woah, I'm not implicating the Russian government. I'm just saying that Stuxnet infections are common in Russia. Everyone believes the ISS infection was an accident.

Well, that much is obvious. I'm referring to Stuxnet -- you mentioned the russian contractors at the reactors. I don't think you can blame the Russians for Stuxnet. At least not the original -- obviously some russian hackers have dismantled SN since then and re-engineered it.

Re:Oh, the irony...

[c0lo]

Rods from God

That would be an excellent name for a rock band, or a porn flick.

Or just for kinetic bombardment

Re:Oh, the irony...

[Samantha+Wright]

From a comment on Bruce Schneier's blog:

No, it was a Russian contractor that serviced many of those facilities. The infections appeared to have been caused by him. We talked about this in a previous Schneier post on Stuxnet. Whether he was paid to do it or his equipment subverted I don't know.

Re:Oh, the irony...

[GNious]

Am thinking there are certain systems, where I'd look to make a physical block preventing certain situations.

Example, if the air-lock is not pressurized, dont allow opening inner door, unless a person physically apply pressure to a sensor.

Sure that there are other cases, where physical "rules"/controls could be use to prevent computer "accidents".

Re:Oh, the irony...

[GNious]

You're saying there are a lot of Hollywood blondes in Russia? Interesting...

Re: Oh, the irony...

[tragedy]

No, the concept's been around for a couple decades. It was suggested in a science fiction book originally.

The concept is fine, the execution might be subject to a few realities. First off, mass. The total mass that humans have _ever_ put into space is somewhere around 7.5 million kilograms. For contrast, the estimated mass of the Chelyabinsk meteor (meteorite? they have recovered pieces that reached the ground, but does that mean that the larger object that actually exploded in the atmosphere gets to count as a meteorite, or as a meteor?) is something like 12 million kilograms, and that exploded with the approximate force of a typical Nuclear bomb (the yields of a nuclear weapon can vary widely, but the majority are in the 500 kiloton range) and it was travelling at least twice as fast as the average velocity that most of the mass humans have launced into space has been accelerated to. So, one Chelyabinsk meteor is equal to something like a third of everything humans have launched into space. In other words, if everything we have ever launched were "rods from god" we'd have about three nuclear weapons worth of impactors out there.

Another way to look at it is in terms of fuel. The space shuttle carried a total of about 1.75 kilotons of fuel. The kilotons that nuclear bombs are typically measured in are kilotons of TNT. There's pretty good parity between the energy density of TNT and the energy density of rocket fuels. So, if the total energy of all that fuel ends up converted to the kinetic energy of the payload (which it doesn't), then one launch gets you a maximum of about one tenth of a Little Boy (the 16 kiloton bomb that was dropped on Hiroshima).

Another way to look at it is to consider your telephone pole sized projectile. We'll make it out of Osmium, since that's pretty much the densest material humans can get their hands on. We'll say the projectile is ten meters long and 20 centimeters across. That makes it about 3,141,590 cubic centimeters. At 22.6 grams per cc, that makes the whole thing mass about 70,686 kilograms. Let's just call it 71,000 kilograms (about three shuttle payloads worth). We're talking about launching it from the ISS, so we'll pretend that we can get it to hit at around 27,000 kph. That works out to 2 terajoules. A kiloton of TNT is about 4.184 terajoules. So we'll call the explosive yield of our Osmium projectile .5 kilotons. That's reasonably impressive (although let's not forget that we've been pretty generous to it by ignoring all the energy losses it would face getting to the ground). That gives it 7 times the energy it would have if it were just a conventional explosive made out of high explosive and not dropped from space and a little more than ten times the explosive potential of the largest conventional bomb manufactured. Of course, since it's a rod that's going to drive itself into the ground, most of that destructive potential will be wasted on shattering the ground. I suppose it could be made of lots of small pellets that are blown apart by conventional explosives 50 meters or so from the ground. In any case, as impressive as it might be, it's outclassed by a standard nuke by a factor of a thousand. It also takes a ridiculous amount of effort and energy to get into space.

Ultimately, it's a weapon idea waiting for more advanced space propulsion. As it stands right now, it could be done, and it would work, but it's a ridiculous proposition compared to just about every other method of bombing a target.

Re:Oh, the irony...

[LordWabbit2]

I've done it tons of times in KSP

Re: Oh, the irony...

[rioki]

The USAF did a study on the subject called Project Thor. They used tungsten rods and came to the conclusion that it was roughly equivalent to using plain TNT. The only remaining advantage is this system can be deployed extremely fast and is almost impossible to stop once launched. That ignores the energy needed to get the rods into orbit. Once you got a presence on the moon... that is a different story... Just lob some rocks at the earth if they don't do your bidding.

Re:Oh, the irony...

[FreedomFirstThenPeac]

And "based on a real story" often is simply a marketing ploy, while the movie is still just fiction. O-Stone used to be notorious for re-writing history to make better stories.

Re: Oh, the irony...

[tragedy]

The 7 times its mass in TNT that I came up with was technically an upper bound more than a realistic yield. Less than half that is probably the most that could ever be expected. So, a few times the yield of TNT puts it pretty much into the area of plain TNT. As I mentioned, it also would lose most of its energy ineffectually ploughing into the ground rather than destroying targets. For that matter, one of the things that makes high explosives so effective is the tremendous impulse. Most of the energy is delivered in a really small slice of time. It's not clear that this method would be able to achieve that. So, basically, explosives beat this in almost every possible way, except for the delivery. I'm also not sure that it would actually be that impossible to stop relative to other delivery methods. One of the things a telephone-pole sized spear of super-dense material lacks is any sort of maneuverability whatsoever. It might be possible to simply put some sort of spread of small projectiles in its path and watch it shred itself to vapor well before it reaches its target.

Linux...

[ZiakII]

From the article As these systems are based on Linux, they are open to infection.

What system is not open to infection...

Re:Linux...

[dukeblue219]

To geeks it sounds like an uninformed attack on linux's security, but I think what the author means to say is "these are not proprietary custom-designed systems, but are based on a common Earthly operating system and thus may have known vulnerabilities."

Re:Linux...

A Commodore 64.

Re:Linux...

[UnknowingFool]

I took that as either a lack of knowledge or bias. In the next few paragraphs they talk about Stuxner which was a Windows worm. Linux is by no means perfectly secure. Nothing is. I would take the track record of Linux over Windows any day.

Re:Linux...

[marcello_dl]

My question instead is "What linux system automounts usb drives without the noexec flag", or "how on hell did whatever program get executed by the onboard systems". Did the malware reside on some personal device and exploited some remote weakness on the systems which i guess give network access to get the much needed email and lolcat pic of the day?

But I'm too lazy for TFA so I'll pass with a "meh".

Re:Linux...

[Geizh]

Let me just leave this here for you. http://www.youtube.com/watch?v=2jNUQaG3wzA

Re:Linux...

[Skiron]

Yes, WTF is that all about? Sounds to me like a MS wedge of money went to the reporter to sneak that in [quote below]

The reason is that the space station uses computer-controlled SCADA systems in order to manage various physical components of the satellite. As these systems are based on Linux, they are open to infection.

Re:Linux...

[kesuki]

there are two problems with this http://en.wikipedia.org/wiki/Stuxnet according to wikipedia stuxnet was to be self deleting in 2012 but is mentioned in TFA, and stuxnet doesn't affect linux systems at all. also the space station only uses linux for their laptops. so TFA is very poorly written and with no fact checking. scada is not based on linux either it is windows based so tfa is way off base. http://en.wikipedia.org/wiki/SCADA

Re:Linux...

[freezin+fat+guy]

If the author of the comments were as unbiased as you it might indeed mean that.

However, he makes money telling Windows users they will be safe if they remember to pay him their fees. Not the same protection racket from the Linux crowd so I'm sure he's pleased to take any swipe he can.

Re:Linux...

[kannibal_klown]

From the article As these systems are based on Linux, they are open to infection.

What system is not open to infection...

Probably as opposed to the old NASA Space Shuttles which, at least I'd heard, really really old 70s/80s tech instead of modern computer systems.

Re:Linux...

[thue]

There is a whole class of vulnerabilities related to maliciously crafted filesystem structures. You necessarily don't need to execute or open any files, you just need to try to mount it.

There is another class of vulnerabilities related to the preview feature of some Linux file managers. So you don't even need to open any non-executable files to be vulnerable either.

And then there if of course standard buffer overflows when opening non-executable files.

Re:Linux...

[Runaway1956]

The difference between Linux and Windows is, it takes a hacker to break into Linux. Any snot-nosed script kiddie can do Windows. The one thing I got from TFA is, the space station was never configured for security. It seems to be ASSumed that anyone arriving onboard is cleared to use the computers, and there is nothing to defend against. Oh well - no system can be secure when idiots run them!

Re:Linux...

[sl4shd0rk]

Strange, Stuxnet is a Windows program*.

The worm consists of a layered attack against three different systems:
        The Windows operating system,
        Siemens PCS 7, WinCC and STEP7 industrial software applications that run on Windows and
        One or more Siemens S7 PLCs.

Perhaps ISS is running Wine, or there was an error in translation? Not saying Linux is impenetrable, just pointing out the facts (at least as I know them).

[*] - http://en.wikipedia.org/wiki/Stuxnet

Re:Linux...

[DougOtto]

it takes a hacker to break into Linux. Any snot-nosed script kiddie can do Windows.

Unfortunately, those same snot-nosed kiddies can do Linux too providing they're able to use a search engine.

Re:Linux...

[echusarcana]

This story is factually incorrect and refers to an incident a number of years ago. At the time of the infection, the system was running Windows XP.

http://www.extremetech.com/extreme/155392-international-space-station-switches-from-windows-to-linux-for-improved-reliability

Re:Linux...

[GameboyRMH]

mounting /noexec can help protect dumb users from themselves but won't help against a virus, since nothing as stupid as Autorun exists in Linux (I'm sure Canonical will take that as a challenge). Once the virus is running its unauthorized code somehow (on Linux the only attacks are basically against graphical file browsers), /noexec is barely a speedbump.

Re:Linux...

[mcgrew]

TFA was bad, I read it. I wish I'd read it before I voted in the firehose :(

Sorry, guys. That one line "As these systems are based on Linux, they are open to infection" discredits the author and the rest of the article. Since Windows viruses like the Stuxnet virus they say infected the station, Linux has nothing to do with it.

Wondering if it even happened I googled. space.com:

A virus designed to swipe passwords from online gamers has inexplicably popped up in some laptop computers aboard the International Space Station.

The low-risk virus was detected on July 25, but did not infect the space station?s command and control computers and poses no threat to the orbiting laboratory, NASA officials said.

?This is basically a nuisance,? NASA spokesperson Kelly Humphries told SPACE.com from the agency?s Johnson Space Center in Houston

According to a NASA planning document obtained by SPACE.com, the virus was identified as W32.Gammima.AG. The California-based retail anti-virus software manufacturer Symantec describes it as a Windows-based worm which spreads by copying itself onto removable media.

It has nothing to do with Linux, TFA is either a troll or an MS shill. The submitter should be ashamed of himself for submitting such a piss-poor article (and I'm ashamed I voted before reading). TFA linked in the summary is garbage. It didn't even get the damned virus right. There are far better accounts, including the one I linked above.

Re:Linux...

[RightwingNutjob]

Wasn't there a privilege escalation bug in the usb filessystem code in the Linux kernel a few years ago? If it's in space now, it's probably running a 5-10 year old kernel at best, with that vulnerability still there.

Re:Linux...

[BringsApples]

I don't know about things on the space station, but I had previously assumed that any or all equipment aboard was specifically for the space station. In any way of thinking, Linux is certainly open to attacks, but it seems that a simple file on a USB stick is not enough. To infect a Linux system, one has to directly run some thing as root. It's not a matter of, "Woops, shit I put the USB into the drive, and it ran something..." So someone would have had to have a good amount of understanding as to how that USB drive was going to be used, in order to write something that would then be run in the space station's environment.

In other words, it seems like sabotage, no?

Re:Linux...

[mcgrew]

But I'm too lazy for TFA

Don't bother, it's garbage. Linux has nothing to do with it, it isn't affecting C&C (NASA says it's simply a nuisance) and TFA got every single thing wrong. It's a worm, not a virus. They don't know how it got there, there are both Linux and Windows laptops up there and NASA says they have to check all the Windows (not Linux since it's a Windows worm) laptops for it.

From now on I'm checking closer before voting stories up. Any story posted by DavidGilbert99 gets downvoted by me. David Gilbert, article author and submitter, is a troll. ibTimes should fire him, that article is pure unadulterated bullshit, see here.

Re:Linux...

[Frosty+Piss]

It's more than that: Kaspersky is a self-promoter. Where else has this information been disclosed? Anywhere?

Re:Linux...

[roc97007]

If the author of the comments were as unbiased as you it might indeed mean that.

However, he makes money telling Windows users they will be safe if they remember to pay him their fees. Not the same protection racket from the Linux crowd so I'm sure he's pleased to take any swipe he can.

Very good point. And if the ISS was running Windows for Spaceships and got infected, it wouldn't even be news.

Re:Linux...

[marcello_dl]

Yes, but all of these vulnerabilities should be patched in later revisions or used by a zero-day, which can happen to any OS. The article seemed (to me at least) hinting at a linux-specific way of doing things wrong.

Re:Linux...

[mcgrew]

That article is the worst piece of shit on the internet, everything except the fact that the ISS was infected contradicts what space.com and everyone else says, including that Linux bullshit. The entire article was made up, including SCADA being infected and that the Russians brought it up there. It infected Windows laptops, Not the SDADA, it's a minor nuisance and it isn't the first time there were viruses on the ISS.

Don't believe everything you read, kids. Check different sources. Gilbert's story is fiction and he should hang his head in shame. Stallman and Linus should sue him for slander.

Re:Linux...

[mcgrew]

Strange, Stuxnet is a Windows program

The article was fiction, made up out of whole cloth. I googled, and what David Gilbert says contradicts Wired and Space.com on every detail. It not only isn't stuxnet, it isn't a virus; it's the W32.Gammima.AG worm, a worm that steals credentials for online games. It isn't the ISS's first infection and it's only a nuisance.

Re:Linux...

[Rich0]

Wasn't there a privilege escalation bug in the usb filessystem code in the Linux kernel a few years ago? If it's in space now, it's probably running a 5-10 year old kernel at best, with that vulnerability still there.

I'm sure. And that is just passive attacks based on the filesystem data itself. Now imagine if the flash drive contained active circuitry that could send arbitrary data over the USB bus. That means you could target any driver available to the kernel which contained an exploit.

Re:Linux...

[Anubis+IV]

scada is not based on linux either it is windows based so tfa is way off base. http://en.wikipedia.org/wiki/SCADA

Uh, what? SCADA (supervisory control and data acquisition) is a type of system, not a particular software package that's specific to an OS. Saying that "scada is not based on linux" [sic] makes about as much sense as saying that word processors are not based on Linux, since in both cases we're talking about a class of programs, rather than a specific one. Just because the SCADA systems that Stuxnet attacked were on Windows does not by any means suggest that there are not Linux SCADA systems out there, because there are. Lots of them, in fact. Hell, here's an entire website dedicated to Linux SCADA software.

Re:Linux...

[Bigbutt]

It actually seemed like he was comparing the connectivity of ISS and the Iran Nuclear Facilities. I don't think he knew what virus/malware was actually on ISS.

"See, just like the Iranians, air gap doesn't mean you can't be infected."

[John]

Re:Linux...

[Lumpy]

The Lunar Lander was 100% virus proof.
In fact run your software directly on the iron and you can make it virus proof, the OS is your attack vector. If you eliminate the OS then you dont have the problem.
I dont see arduinos getting viruses.

Re:Linux...

[Lumpy]

In space, no one can hear you sudo.

Re:Linux...

[Lumpy]

Or the fact that only a complete moron would have the C&C computers on the same network as user computers. and what idiot is trying to edit his files on the C&C systems?

Viruses cant magically jump a real airgap, no they cant no matter what some recent fiction passed off as real wants it to exist. So all ofthis is wild speculation on the part of a guy trying to scare people into buying his products.

Re:Linux...

[melikamp]

Kaspersky is not just a self-promoter, he is a scam artist: he is selling a closed source "security" solution for an operating system which is pre-rooted by its manufacturer. Everything that comes out of his mouth is meant to increase FUD about the actual security solutions, which are based on free and open source software, and so provide security for the user, as opposed to the software producer.

Re:Linux...

[mcgrew]

This story is factually incorrect and refers to an incident a number of years ago.

It isn't "factually incorrect," It's fiction. The only thing they got right was the fact there there was an infection (a Windows worm, not a Linux virus) and it wasn't the first time. A lot of laptops up there run Windows and that's what was infected.

The article's author, who submitted the fictitious story, is an anti-Linux troll who has submitted (spammed) a lot of articles to slashdot and made exactly three comments since he's been here. His story contradicts every other source on this story, the guy's a lying troll.

Re: Linux...

[tysonedwards]

Pirate: "Hunch Hunch!" Parrot: "What, what!" Pirate: "Buh bo!"

Re:Linux...

[Entropius]

narmstrong is not in the sudoers file. This incident will be reported.

Re:Linux...

[pr0fessor]

I can hear them calling tech support already... "Have you tried turning it off and on again?"

Re:Linux...

[TangoMargarine]

I think finding the need to point out that it's a worm, not a virus, is part of why normal users hate computer nerds.

Re:Linux...

[NotBorg]

Click bait is a real problem. Use adblock and only whitelist sites that have standards. I might be the .01% that doesn't matter but at least I can fucking sleep at night.

Re:Linux...

[atomicxblue]

Damn you! Why didn't I see this when I still had mod points left. +1 Funny.

even there

[watcher-rv4]

So, they found a backdoor left by NSA and exploited it.

Re:even there

[Wootery]

the truth is they weren't being lazy about patching it, they just didn't want to have to close the backdoor and only finally patched when the guys who found it went "full disclosure" on their ass

Distinct from laziness... how?

They were reluctant to do the work, right? Sounds like laziness to me.

Or are you saying Oracle had an interest in 'actively leaving holes in', as it were?

Re:even there

[Wootery]

Looks like you're right.

I didn't know that.

In space....

[cold+fjord]

They say that in space nobody can hear you scream, but I'll bet they can hear you curse. #$%@#$%!!! MALWARE!!!!

Effects of zero gravity on congruent hemispheres

[xymog]

Even astronauts need porn in space.

Awesome!

[mythosaz]

I can't be the first guy to read this today and go, "Seriously? We infected computers on the ISS? That's freakin' awesome."

Re:Awesome!

[GodfatherofSoul]

We?

Re:Awesome!

[girlintraining]

We?

You are to disavow that previous post, Citizen. Cooperation is mandatory. Thank you for your cooperation.

Re:Awesome!

[mcgrew]

I think the GP's in trouble... they probably tasered him and dragged him away already.

WTF?

[Virtucon]

I use Kapersky and while I like the product I don't necessarily like this comment:

The reason is that the space station uses computer-controlled SCADA systems in order to manage various physical components of the satellite. As these systems are based on Linux, they are open to infection.

So even on the ISS there's no concept of an air gap when it comes to SCADA systems? I realize there's monitoring and management required but there are tools and policies for dealing with that but shit, what is being eluded to is that the Russian Astronauts gerfinkerpoked around with a USB thumb drive and now we have an F*d up multi-billion dollar, multi-ton object in orbit possibly out of control? I think that's a disservice to Russian Astronauts (Cosmonauts) everywhere.

All systems can have vulnerabilities but if the systems onboard the ISS have been compromised by trojans, malware, viruses etc. I think the Linux community needs
to be made aware of the vulnerabilities so that these issues can be addressed and code fixed. Not that ol Kaspersky here needs to make a but right, but if they're not inherently part of Linux and are just stupid admin pet tricks, then that needs to be brought to public attention so that the ISS partners can address their IT problem. Playing coy and providing anecdotal commentary on "infections" and "bad things happened at a Nuclear plant" only mean that there are still vulnerabilities and bad practices that need to be addressed. I mean it's not like we wouldn't have that happen here in the US, say on a major Website, right?

On the other hand Microsoft should be smiling right now since it was announced that the ISS was going all Linux just this year. Maybe it was because the Astronauts couldn't find the Start Menu?

Re:WTF?

[hannson]

What do you mean? An African or European swallow?

Re:WTF?

[Rich0]

I think the principle of isolation still applies. Not all devices on the ISS are equally critical. I'm sure the Astronauts watch TV and listen to music. The systems that handle that don't need to be able to talk to those that control the thrusters.

Defense in depth just makes sense when reliability is critical.

Re:WTF?

[ArcadeMan]

Huh? I... I don't know that. Auuuuuuuugh!

Re:WTF?

[mcgrew]

Relax, the story's bullshit. It's a Windows worm that infected Windows laptops and NASA says is a "minor nuisance." Windows worms don't affect *nix and Kaspersky didn't say that, TFA's bullshitting author (the anti-Linux troll/MS shill who submitted the story) did.

Re:WTF?

[Virtucon]

So the quote attributed to Kaspersky is false? Oddly enough the TFA has now been updated and there's no mention of Linux in it..

Re:Seriously?

[rvw]

How the fuck does that even happen?

Probably Vladimir downloaded some videos on his stick for the lonely hours. Staring at the stars makes you crave for other stars you know. The rest is history...

malware seriously

seriously will people ever stop making malware? its getting really annoying. Is there a way to stop the funding for it?
Malware embedded in sites.
Malware embedded in games.
Hacks/aimbot in games.
Govt sponsored malware.
Just think of how sophisticated malware has become if all that brainpower had been used to advance society.....

WHY DOES half the population of the world ruins shit and hold the other half back? (half being just an arbitrary number)

Re:malware seriously

[Jeremy+Erwin]

WHY DOES half the population of the world ruins shit and hold the other half back? (half being just an arbitrary number)
because 90% of anything is crap. count yourself lucky that it's only 50%

Re:malware seriously

[Crypto+Gnome]

WHY DOES half the population of the world ruins shit and hold the other half back? (half being just an arbitrary number)

All numbers are arbitrary, not just the ones used in statistics.

A Victory for Mass Consumerism!

[kelarius]

Now even those in space can order male enhancement drugs and refinance their space houses with ease!

Re:A Victory for Mass Consumerism!

[bobbied]

Sure they can *order* stuff, it's just the *delivery* charges are out of this world.

Re:A Victory for Mass Consumerism!

[mu51c10rd]

Now even those in space can order male enhancement drugs

I don't think Karen Nyberg would have much use for those...

Study

[tobiasly]

It's just part of an ongoing study.

And yet

[JustOK]

And yet everyone is ignoring the possibility that aliens planted the malware. Interesting.

Re:And yet

[mcgrew]

Well, even though NASA says they don't know how it got there and the FA's author and submitter is a lying sack of shit, TF fictitious A says it was Russians. Russians are aliens, aren't they? I mean, unless you live in Russia?

The article says cosmonauts with USB stick...

[clickety6]

... I say Hiller and Levinson with an Apple Macintosh Powerbook 5300!

Clearly the only way to stop Malware in space...

[cjjjer]

Ripley: I say we take off and nuke the entire site from orbit. It's the only way to be sure.
Hudson: Fuckin' A!

Root access?

[Whammy666]

So who's idea was it to to allow a foreign USB stick to get plugged into a ISS system with root access? This seems like a major security protocol problem rather than a weakness of Linux.

Re:Root access?

Despite the fact that the article seems to be a complete fabrication... Where is "foreign" for the International Space Station?

It is a foreign object entering a sanitized environment.

The English language is varied, so take your political blinders off already. Sheesh.

Re:Root access?

[mcgrew]

It's a Windows worm that infected laptops and has nothing to do with Linux, the story's author who submitted it made the whole thing up. Every other site contradicts everything he says.

Infosec Professionals on the ISS

[zenrandom]

I for one, volunteer my services as the on-site information security professional for diagnosis, cleanup, and protection. Space Suit Up!

Nuke it from orbit

[dunkindave]

Nuke it from orbit, it's the only way!

Oh, wait...

Re:Seriously?

[Stargoat]

Some knucklehead did not turn off the autoplay for CDs and USBs. It's as simple as that.

Air gap

[evil_aaronm]

That's a hell of an air gap to cross.

Re:Air gap

[SleazyRidr]

It doesn't even have air all the way!

Not the first infection

[OzPeter]

While I was digging around to try and find out what SCADA systems the ISS uses (which I never found), I did find this: international-space-station-switches-from-windows-to-linux-for-improved-reliability which has:

in 2008, a Russian cosmonaut brought a laptop aboard with the W32.Gammima.AG worm, which quickly spread to the other laptops on board. Switching to Linux will essentially immunize the ISS against future infections.

Bad info in article

[JRHelgeson]

From TFA:

Stuxnet only became known to the public when an employee of the Natanz facility took an infected work laptop home and connected to the internet, with the malware quickly spreading around the globe infecting millions of PCs.

Stuxnet never spread via the internet. It spread via USB only and then only up to 3 infections before it removed itself from the USB stick.

Effect of zero gravity on malware?

[dutchwhizzman]

You just have to study if malware infections are at all influenced by gravity, if only to rule out that is of any influence at all. right?

Anyone has the real facts?

[dutchwhizzman]

Since TFA is obviously a load of bollocks, it'd be nice if someone would get us actual facts. Does NASA have anything to mention about this yet?

Re:Anyone has the real facts?

[dutchwhizzman]

Carefully reading TFA, leads me to believe that Kasperski never said that ISS got infected with stuxnet, or that he implied that this infection was a recent event. It could very well be that he is referring to the original infection in 2009 or so that lead to the windows systems being replaced with linux. This still means that TFA is a load of bullocks and that the journalist writing it is bad at fact checking and biased as hell.

Re:Anyone has the real facts?

[willith]

Yes, I contacted JSC PAO and they unequivocally said that there are no "virus epidemics" on the ISS. There is no current outbreak of anything, stuxnet or otherwise. Kaspersky's comments weren't about an ongoing event—rather, they are off-the-cuff unsourced remarks that could refer to any number of past incidents.

Re:Anyone has the real facts?

[mcgrew]

Yes, I googled. The first two I hit were space.com and wired. It's a Windows worm that infected some laptops, they don't know how it got there, it's happened before, and it's nothing more than a minor nuisance. And TFA's author and submitter is a troll, and we all bit.

Next time they will probably listen

[Provocateur]

I specifically told them NOT to put a floppy disk drive in there (although I wasn't really thinking of the Russians at the time).

So... Space Porn?

So... Space Porn?

Uh What? Who's minding the store here?

[bobbied]

First, the reporter that wrote this article obviously doesn't understand the difference between Linux and Windows. Stuxnet is decidedly a *windows* issue and is not going to be a problem for a Linux SCADA system.

Second, Who in their right mind lets a rouge USB stick even onto the station, much less inserted, mounted and code executed from it? I don't care if it's Linux, windows or anything else, you simply do not allow unknown USB devices to get mounted without at least doing some kind of scan before you do anything with the data/programs it contains. These devices should NOT be allowed, even in the astronaut's pocket, unless they have been scanned.

Third, What kind of Linux system admin gives out enough privileges to make *any* kind of virus/Trojan or other security issue to infect a Linux workstation/server by a user? You DON'T give out root access to just anybody without a good reason and a minimum level of training.

So, my recommendations? 1. Ban all rouge USB devices by policy and make a rule that they are not to be flown unless they've been declared and scanned. 2. Disable auto-mount/auto-run on EVERY system on the station that has an accessible USB port or optical drive. 3. Remove direct root/administrator access from all systems, except when absolutely necessary. Force everybody to be non-privileged "users" when accessing the station's systems. 4. On every system that the users routinely access (and all other ones as possible) install and run a real time virus scanner which is kept up to date, with static scans made at least weekly.

Re:Seriously?

[GameboyRMH]

The same way your own population might eventually pick up an engineered virus you released into an enemy population as a bioweapon, but with computers.

Re:Uh What? Who's minding the store here?

[MickyTheIdiot]

Ban all rouge USB devices by policy

And ban the blue, silver, purple, grey, and every other damn color too!

Re:Effects of zero gravity on congruent hemisphere

[GameboyRMH]

In space, nobody can hear you fap...

The malwar was uncovered when...

[madhatter256]

The malware was uncovered when the astronauts started getting pop-up ads about girls within the area wanting to hook up.

http://xkcd.com/713/

Premature judgement?

[byeley]

What if there really were sexy singles in his area?

Wait... this happened before

[deckardt]

Seems like this happened before in 2008. A remarkably similar incident involving usb sticks, proving that a 370km airgap (spacegap?) isn't enough to keep malware out...

Re:Wait... this happened before

[deckardt]

http://www.telegraph.co.uk/technology/3358263/Computer-virus-infects-International-Space-Station-laptops.html

Hints of a lost era

[WaffleMonster]

The Russian said this example shows that not being connected to the internet does not prevent you from being infected.

As any G20 attendees receiving a malware infested Russian USB stick would attest.

For those of us alive before most had even heard of "Internet" viruses then had no problem running rampant thought the world often by sneaker net, BBS or by private networks with no outside connectivity.

What is strange to me everything is so scripted astronauts often end up being more or less robots executing procedures from manuals or commanded to do so from ground.

The second part of the puzzle you would think everything going up is tested and signed off on by at least someone?? Do people these days just scrounge up USB sticks they had laying around the office before heading off to the ISS?

I don't understand the amateur hour permissive environment enabling this to occur.

When will they learn?

[TheloniousToady]

The Russians evidently still haven't learned not to click on any link that ends in ".ru".

Why?

[koan]

Are astronauts allowed to bring USB sticks (of all things) aboard?
Before you reply consider that they now have malware infections.

The languages used

[K.+S.+Kyosuke]

Kaspersky said that half of all criminal malware was written in Chinese, with a third written in Spanish or Portuguese.

I didn't notice Microsoft introducing Visual Chinese++, nor did I notice a GNU Spanish Compiler.

And where did that malware come from?

Oh, the CIA et al promote infections into Russian systems so they can be shut down or spied on, I remember.

Terrible Atricle, read with care

[sjames]

First it spends a paragraph or two indicating that some unknown computer on ISS got a virus. That would probably be one of the Windows laptops used by the crew for personal email, general browsing, etc and NOT a mission critical part of the station itself. Those have gotten viruses before and probably will again. The mission critical systems never have.

Then they went into the weeds spending a short segment talking about an unnamed system at an unnamed nuclear plant getting infected with stuxnet. For all we know it was the solitaire and minesweeper PC in the break room. From there they talk about government development of stuxnet and blah blah blah nothing to do with ISS, and so on.

Re:Uh What? Who's minding the store here?

[bobbied]

Damn spell check...

Re:Effects of zero gravity on congruent hemisphere

[gagol]

In space, the bedroom walls are sticky.

Re:Uh What? Who's minding the store here?

[mcgrew]

Relax, the article and its author (who submitted it) is a troll. It's a windows online game worm that poses no threat. NASA says it's a minor annoyance.

Re:Uh What? Who's minding the store here?

[bobbied]

And it infects Linux machines? LOL Got to love reporters... Still, one should take this as a warning and do something to prevent something worse from happening. Which is the thrust of my concerns. Don't use administrator accounts, turn off auto-run and keep an up to date virus scanner in place should be the *minimum* for just about any machine....

Re:Uh What? Who's minding the store here?

[kmahan]

"Hey, look, someone dropped a USB stick right next to the launch platform. I don't have time to try it now but I'll be at the ISS soon enough and can try it there."

Re:Uh What? Who's minding the store here?

[bobbied]

I've seen pictures of the launch facilities in Russia.. I would not recommend you pick up *anything* unless you dropped it, and even then carefully.

I was SO hoping it would be Cryptolocker...

[Tracy+Reed]

'Houston, we have a problem...What's bitcoin?"

SCADA systems not infected ..

[codeusirae]

"According to Russian security expert Eugene Kaspersky, the SCADA systems on board the International Space Station have been infected by malware", DavidGilbert99

'Kaspersky doesn't give any details about when the infection he was told about took place, but it appears as if it was prior to May of this year when the United Space Alliance .. moved all systems entirely to Linux to make them more "stable and reliable."' ref

"Prior to this move the "dozens of laptops" used on board the space station had been using Windows XP, which is inherently more vulnerable to infection from malware than Linux." ref..

"The ISS's control systems (known generally as SCADA systems) were already running various flavours of Linux prior to this switch for laptops last May." ref

OOOOLD news, lots of FUD

[Gravis+Zero]

what the sensationalist title and summary are omitting is that this happened in 2008. while not in charge of control systems, they used Windows XP on laptops for some scientific software. however, they finished migrating and announced that they switched over to Linux, specifically Debian 6. (woo Debian!)

this is just more FUD

Space Satellite Malware !!

[Wheelsdealers]

Kaspersky says that malware got infected in space station .. will it be a tactical approach of kaspersky himself injecting the malware and seeking a solution for the publicity !! .. i may b wrong .. but if i were correct !! think

in Russia

[gzuckier]

Space station infects you.

their kung fu is weak...

[Thud457]

It's a shitty virus that can't just change the gravimetric constant.