Slashdot Mirror

← Back to Stories (view on slashdot.org)

Stuxnet/Cyberwar Documentary Reviewer: 'The U.S. Has Pwned Iran' (networkworld.com)

Posted by EditorDavid on from the war-games dept.

Slashdot reader alphadogg quotes an article from Network World: The new documentary about Stuxnet, "Zero Days", says the U.S. had a far larger cyber operation against Iran called Nitro Zeus that has compromised the country's infrastructure and could be used as a weapon in any future war. Quoting unnamed sources from inside the NSA and CIA, the movie says the Nitro Zeus program has infiltrated the systems controlling communications, power grids, transportation and financial systems, and is still ready to "disrupt, degrade and destroy" that infrastructure if a war should break out with Iran...

For the more technically inclined, the film contains some riveting interviews with researchers at Symantec who devoted their lives to unraveling the code line by line to figure out what it did, how it did it, who created it and what the target was. It was also a bit chilling in that after they figured out that governments were behind the worm they worried that the researchers themselves might be targeted to keep them silent. One Friday night, says Symantec researcher Eric Chien, he said to his research partner Liam O Murchu, "I'm not suicidal. If I should show up dead on Monday, it wasn't me."
In the film former NSA and CIA director Gen. Michael Hayden says "This stuff is hideously over classified."

4 of 138 comments (clear)

  1. Well, now we know... by Anonymous Coward · · Score: 4, Interesting

    ... why all those officals keep on derping about "cyber threats". They've scared themselves silly.

    So, knowing we too could be "pwned" at any time, why do we insist on running vulnerable systems everywhere? Why do we keep buying software from vendors who for the longest time explicitly didn't care about security anything, and now sit on a completely unfixably insecure software stack?

    1. Re:Well, now we know... by AmiMoJo · · Score: 5, Interesting

      It's nothing to do with obscurity. It just means that a single vulnerability isn't very useful.

      Remember when Windows XP was so insanely insecure that it would be 0wned within seconds of being connected to the internet? That's because there was no depth. The user ran as admin all the time, so a single flaw in any application or service gave the attacker full control of the machine.

      First line of defence was to enable the firewall. Second line, run as a normal user account so that compromise only gets you user credentials. Third line, sandbox the browser. Forth line, enable ALSR. Fifth line, built in Windows Defender to block known malicious activity. Sixth line, protect critical OS files so that even administrators can't modify them. Seventh line, enable secure boot to check the integrity of boot files, drivers and the kernel.

      By the time you get to Windows 8.1 a single exploit isn't very useful. Say you can execute arbitrary code in a Chrome process. Congratulations, you now have access to one tab and the data in it. Your process is heavily sandboxed. You need multiple exploits to do anything useful, so you can escape the sandbox, bypass user account protection, bypass OS level protections, bypass Windows Defender... That's why most malware these days takes the form of a trojan, tricking the user into executing them willingly.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  2. A route to world peace? by Bruce66423 · · Score: 1, Interesting

    If all countries had such viruses inserted into their critical infrastructure, then none could afford to disrupt the world's peace...

    I THINK I'm joking!

    One of the stranger failures of Islamic terrorism is their not attacking infrastructure assets in the West. Some trivial damage to certain items could do amazing amounts of economic damage. Let's hope they remain unimaginative.

  3. Re:Symantec help hackers say Feds by Anonymous Coward · · Score: 2, Interesting

    well, it's true.
    because the products are so much shitty. if they were installed on iranian systems they would be an attack route.

    however, this seems like a lot of bullshit just to hype up a few security researchers. the software itself, stuxnet in this case, is trivial. what is not trivial is bridging the airgap and getting some sod to install it on actual machines.

    HOWEVER.. there would be this practical reason to keep the stuxnet government affair secret: FINANCIAL LIABILITY, since stuxnet made it into the wild and if it was known who exactly wrote it, there would be financial and criminal liabilities. never mind the little matter of usa declaring exactly this kind of stuff as an act of war and then committing it without aproval from congress. .

    so is such an attack an act of war or not? is it illegal or not? only makes it further complicated if iran makes it to the same trade tables with international liabilities as usa.