Posted on 09/30/2010 8:59:08 AM PDT by Reaganite Republican
If an infection spreads from a known source point - in this case Iran - and the first reported spread is at another point - in this case China - one must wonder about the connections between Iran and China.
Seems to me, anyway.
This is not good. Could the Iranians have infected the Chinese in order to force the US/Israeliis to release the solution?
This reminds me of the Star Trek TOS episode where they were messin’ with genetics to make a superman. The new people were completely impervious to disease because their immune system was REALLY proactive.
That is, it left their body as a virus itself and killed everything, including other people, around them.
Either this thing is still doing its job (wink, wink) or it may have gotten out of control.
Good point. Kinda like that stuff they inject into your blood to watch how it flows.
This sure isn’t getting much airplay.
I’d like to be hootin and hollerin but for all that machinery in the GOM...
I’m in the industry and Siemens is a major competitor of ours. The only reason I can think that it is designed to hit their systems is they are automating Iran and China. We are automating two nuke plants in China but so far our stuff is untouched.
These systems that drive plants are NOT on the ‘net. The only way to infect them is on-site. If they had our secure solution they’d be okay.
We’ve been analyzing W32.Stuxnet, which is a threat that uses a legitimate digital certificate from a major third party and takes advantage of a previously unknown bug in Windows; ultimately, it searches for SCADA systems and design documents. The findings of our analysis are being documented in a series of blog articles.
Stuxnet contacts two remote servers for command and control, and until last week those domains were pointing to a server hosted in Malaysia. Once we identified those domains, we redirected traffic away from the C&C servers thereby preventing them from controlling the infected machines and retrieving stolen information.
Within the past 72 hours we’ve seen close to 14,000 unique IP addresses infected with W32.Stuxnet attempt to contact the C&C server. Here is a breakdown per country of the approximately 14,000 IP addresses obtained during the past 72 hours:
http://www.symantec.com/connect/blogs/w32stuxnet-network-information
IMHO, it's more likely it piggy backed onto some serrupticious equipment transfer between China and Iran.
Confucius say: Never bring fortune cookie to malware fight.
Sounds like a very cost-efficient weapon...probably some global-dominance group.
Sounds like this malware is capable of messing with Siemens trains too.
I haven’t seen details - are these Windows-only networks that are infected?
uh-oh!
I still think 4chan did it.
Confucius also say: Listen to Wang with caution.
These are wise words, Grasshopper!
Could be the Israelis are taking out all their enemies and potential enemies now. Look to Russia. Look to the Kenyan’s America. Then again, the article says that many Chinese systems are infected but does not say that any damage has been done. If it is a specifically targeted worm that self propagates then it will go everywhere but will only eat the food that is in its programmed diet.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.