Slashdot Mirror

← Back to Stories (view on slashdot.org)

Stuxnet/Cyberwar Documentary Reviewer: 'The U.S. Has Pwned Iran' (networkworld.com)

Posted by EditorDavid on from the war-games dept.

Slashdot reader alphadogg quotes an article from Network World: The new documentary about Stuxnet, "Zero Days", says the U.S. had a far larger cyber operation against Iran called Nitro Zeus that has compromised the country's infrastructure and could be used as a weapon in any future war. Quoting unnamed sources from inside the NSA and CIA, the movie says the Nitro Zeus program has infiltrated the systems controlling communications, power grids, transportation and financial systems, and is still ready to "disrupt, degrade and destroy" that infrastructure if a war should break out with Iran...

For the more technically inclined, the film contains some riveting interviews with researchers at Symantec who devoted their lives to unraveling the code line by line to figure out what it did, how it did it, who created it and what the target was. It was also a bit chilling in that after they figured out that governments were behind the worm they worried that the researchers themselves might be targeted to keep them silent. One Friday night, says Symantec researcher Eric Chien, he said to his research partner Liam O Murchu, "I'm not suicidal. If I should show up dead on Monday, it wasn't me."
In the film former NSA and CIA director Gen. Michael Hayden says "This stuff is hideously over classified."

10 of 138 comments (clear)

  1. Well, now we know... by Anonymous Coward · · Score: 4, Interesting

    ... why all those officals keep on derping about "cyber threats". They've scared themselves silly.

    So, knowing we too could be "pwned" at any time, why do we insist on running vulnerable systems everywhere? Why do we keep buying software from vendors who for the longest time explicitly didn't care about security anything, and now sit on a completely unfixably insecure software stack?

    1. Re:Well, now we know... by jellomizer · · Score: 3, Insightful

      You are aware that Linux had had some recent (within the few years) vulnerabilities that had been around for decades, that were recently found and patched. If the biggest open source OS can have decade old bugs what hope is there to be fully secure?

      --
      If something is so important that you feel the need to post it on the internet... It probably isn't that important.
    2. Re:Well, now we know... by AmiMoJo · · Score: 5, Interesting

      It's nothing to do with obscurity. It just means that a single vulnerability isn't very useful.

      Remember when Windows XP was so insanely insecure that it would be 0wned within seconds of being connected to the internet? That's because there was no depth. The user ran as admin all the time, so a single flaw in any application or service gave the attacker full control of the machine.

      First line of defence was to enable the firewall. Second line, run as a normal user account so that compromise only gets you user credentials. Third line, sandbox the browser. Forth line, enable ALSR. Fifth line, built in Windows Defender to block known malicious activity. Sixth line, protect critical OS files so that even administrators can't modify them. Seventh line, enable secure boot to check the integrity of boot files, drivers and the kernel.

      By the time you get to Windows 8.1 a single exploit isn't very useful. Say you can execute arbitrary code in a Chrome process. Congratulations, you now have access to one tab and the data in it. Your process is heavily sandboxed. You need multiple exploits to do anything useful, so you can escape the sandbox, bypass user account protection, bypass OS level protections, bypass Windows Defender... That's why most malware these days takes the form of a trojan, tricking the user into executing them willingly.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  2. The fear by dbIII · · Score: 5, Insightful

    The fear of being knocked off by spooks looks more than a little bit ridiculous unless you understand that Mossad was in the mix. The "supergun" guy was assassinated by them but it's still a bit of a stretch that they would go after antivirus people that are only threatening exposure instead of being a threat themselves.

  3. their lives? by Gravis+Zero · · Score: 5, Insightful

    researchers at Symantec who devoted their lives to unraveling the code line by line

    You know, when you "devote your life" to something it's usually for longer than a season of Game of Thrones. Mayhaps the claim is a bit hyperbolic?

    just sayin'.

    --
    Anons need not reply. Questions end with a question mark.
  4. Re:A route to world peace? by Opportunist · · Score: 3, Insightful

    It's not a lack of imagination, it's a lack of terror. Where's the scare when they do a computer attack? People are used to computers acting weirdly, they simply wouldn't care. It's also too easy to claim that it ain't terrorism, it's just "that weird computer stuff".

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  5. Re:Just watched this by arglebargle_xiv · · Score: 5, Informative

    Not only that, but they also seem to have ripped a lot of it off "Countdown to Zero Day", an even bigger ethical lapse.

  6. Why do we keep buying *COMPUTERS* from... by Anonymous Coward · · Score: 3, Informative

    vulnerable MANUFACTURERS and DESIGNERS?

    Seriously, anyone who is not extremely concerned by Intel/AMD/ARM ring 0 management processors should really read up on what they are capable of, how little they have been independently audited, and the full ramifications if a nation-state actor had that level of access to your computer system. This isn't just a rootkit you *MIGHT* get online, this is the rootkit you buy and pay for with no way to remove, short of replacing it with an older system that hopefully is simple enough to not contain similiar capabilities, and bug free enough to not allow other easier and perhaps just as well documented compromises of your system.

    We are at a point in the Information age where it will either liberate, or enslave us. And unlike the pendulum swinging, this is more like a dam in drought season flowing away your rights, never to be returned.

  7. Re: This is not propaganda. by Type44Q · · Score: 3, Insightful

    For Americans so we feel like we have our hand at the button

    American, huh. We say "hand on the button..."

  8. Re:This is not propaganda. by cayenne8 · · Score: 3, Insightful

    After all, the US government also benefits if Iran just _thinks_ they're pwned. If they rip out perfectly fine infrastructure that could not be infected, and replace it with new stuff, that creates a chance for the CIA to smuggle in new malware. It also costs them money and distracts them from other efforts.

    Well, it appears that once Stux got out in the open and it was discovered and analyzed and tested on the same controllers that Iran used...it seems to have been proven successful.

    The problem, it seems...is that Israel fucked up and on their own, made it much more aggressive and Stuxnet (aka Olympic Games, or OG) then jumped out an infected on a global scale, calling attention to itself, whereas it has earlier been successful, but still covert and confined it appears to only the Iranian targets.

    I think this act by Israel explains a LOT about why obama has been so cold towards them....

    And..I'm guessing the Iranian retaliation on the US infrastructure led to the crappy deal the US took with regard to the nuclear deal with Iran. I'm thinking Iran scared the US enough to take this horrible deal which will essentially let Iran become a weaponized nuclear power in about 8+ years....

    --
    Light travels faster than sound. This is why some people appear bright until you hear them speak.........