Posted on 11/26/2010 11:17:09 AM PST by Ron C.
In the 20th century, this would have been a job for James Bond.
The mission: Infiltrate the highly advanced, securely guarded enemy headquarters where scientists in the clutches of an evil master are secretly building a weapon that can destroy the world. Then render that weapon harmless and escape undetected.
But in the 21st century, Bond doesn't get the call. Instead, the job is handled by a suave and very sophisticated secret computer worm, a jumble of code called Stuxnet, which in the last year has not only crippled Iran's nuclear program but has caused a major rethinking of computer security around the globe
Read more: http://www.foxnews.com/scitech/2010/11/26/secret-agent-crippled-irans-nuclear-ambitions/#ixzz16PtfOuhu
(Excerpt) Read more at foxnews.com ...
Got to run...
Let’s hope they do this to N. Korea too!
The guys that started Vacon were all laid off from ABB. That said, all Eaton Corp Variable Freq Drives are made be Vacon.
I also see now that I've read the article, some of the subtleties built into "Stux".
How it targeted, apparently, only flash drives to propogate,
How it sought out only Vacon Drives on the DCS Mainframe.
Side Note, there is no VFD on the turbine, so it must have recognized that and went after the AVR.
Spoffing the local and remote feedbacks for Drive Speed
Varying the speed of the Centrifuges (and turbine) enough to heat up the bearings to the brink of tolerance, then abbreviating the coast down to grind up the brearing.
I work in Power Plant Commissioning. Motors are started and run for brief periods and often, up to bearing temperature stabilization. We don't trust feedback for quite some time, but constantly monitor locally and communicate with the DCS operator to confirm readings. From a systems specialist point of view, I have to give whomever, or whatever, developed Stux a big Five-O cause I liked the beat and you can dance to it.
Make it Indiana and youve got a deal.
Gift certificate to Denny's, and a 40oz Bud .
“and the other Fararo Paya, an Iranian company. What surprises experts at this step is that the Iranian company was so secret that not even the IAEA knew about it.”
Not even the IAEA! Hard to imagine. I guess that takes the U.N. off the list. /s
Allah Fubar! Thanks Ron C.
That is why I believe that a common windows app could have delivered the worm.
NSA/CIA. The Israeli clue is just to blatant. The NSA has done several of these little gems that got very little press
Doubtlessly there is a multitude of unknowns and still secret operations associated to the Stux project, and doubtlessly this and other projects just like it are currently underway.
In effect we have, and have had, on ongoing cyber-war that I doubt will end any time soon. The ultimate outcome I cannot imagine at this point - but let's hope we continue to win the war...
The weird stuff was they supposed reported back to a web site in Denmark and one in Maylasia?
Somebody had to have snuck it in or the workers used their laptops at home and got them on their laptop or thumbdrive.
I am sure all devices have an area where all this stuff can be hidden. USB, drives, OS, etc. They were using Windows 7. You know Microsoft has little places in the OS that allow Uncle Sam to hide things.
How did it call home though to Denmark and Malaysia? It was off the net? I wonder if it connects through electrical power lines? Are there generator power plants providing power to the undeground facility? If they are power lines could the NSA satellites send messages through the power lines? Many have talked about elec utilities and plugs in your home for Internet.
How did it know to disappear and erase itself? I would bet it just hides itself very well in the hardware.
Fascinating.
Those of us who labor in the IT trenches can, now and then, look up to see that someone's painted a Mona Lisa. We can't do it ourselves but we can certainly appreciate it and tip our hats to the unknown artists.
Oh, and by the way, “DEADFOO7” has nothing to do with James Bond.
Windows 7 - before it’s over it will eat the globe. I swear.
Whoops, thanks Ernest!
As the article says, this has to involve several black ops agencies in several countries. To figure out how to get into Siemens firmware and alter it without leaving any traces would be VERY difficult without someone in the know at Siemens. And to make it attack ONLY Iranian nuclear equipment means that it had to be extremely well written to not attack equipment all over the world.
“To figure out how to get into Siemens firmware and alter it without leaving any traces would be VERY difficult without someone in the know at Siemens.”
Not really, most corporate security unrelated to financial or US govt has piss poor security.
You can hope but no doubt it would be much harder to do to there.
No Russian technicians working in country in the nuke industry (however I wouldn’t put it past the Norks to either abduct scientists some or pay big coin for Soviet or Chinese scientists to come and work illegally ). Every office in the plant does not have an un-patched XP SP1 desktop sitting in it. No Internet infrastructure. And everyone in the country lives with systematically insane levels of intimidation, paranoia, persecution, and fear.
Plus, in military aircraft accidents, the code in chips can be read directly off of the pieces left after the crash.
YOU FORGOT TO ADD THE 12 STITCHES TO obama’s LIP!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.