Posted on 09/23/2010 9:06:20 AM PDT by therightliveswithus
One of the most sophisticated pieces of malware ever detected was probably targeting "high value" infrastructure in Iran, experts have told the BBC.
Stuxnet's complexity suggests it could only have been written by a "nation state", some researchers have claimed.
It is believed to be the first-known worm designed to target real-world infrastructure such as power stations, water plants and industrial units.
(Excerpt) Read more at bbc.co.uk ...
“Instead it infects Windows machines via USB keys - commonly used to move files around - infected with malware.”
“Once it has infected a machine on a firm’s internal network, it seeks out a specific configuration of industrial control software made by Siemens.”
Sounds like the Israelis to me, but maybe the CIA.
Stuxnet leverages four zero-day exploits, and IIRC two digital authentications.
It was also created to be self-limiting (only three copies per instance) so that it wouldn’t infect too far afield.
Only a nation state - or SMERSH - could have the manpower and resources to have created Stuxnet. Given that Stuxnet has mainly effected Iranian SCADA, I think we all know who wrote it.
Stuxnet - the first virus I have applauded.
You probably already know this, but the Bushehr power station is a clone of one in Germany, and has loads of Siemen’s SCADA.
Decades ago in college, the Iranian foreign students were huge in the automated fields. The ones I know were too freedom loving (this is pre-Khomeini, mid-Carter) to ever give their hearts to those despots.
I'm betting this is internal sabotage by the brilliant computer geeks that are there or ex-patriated.
This is a strange place for something like this to be first detected and even stranger for the English to disclose to the public if it is aimed at Iran. Sounds like it is not web-based, but infection comes from USB pin drives or PLC's. And Siemens designs were the target? With infection in a few countries where Siemens was not a major supplier. Could it be that they know that Iran has copied Siemens technology. Very strange article, and the English have a history of being artists at sig/intel and stealth. Not necessarily technology.
I didn’t know that, but it certainly makes sense given this virus’ very particular targets.
Siemens claims that they haven't provided any technology to Iranian nuclear plants, but I'm sure that the Iranians have either cloned Siemens designs, as you suggest, or more probably, simply obtained Siemens systems on the black market, probably via Russia.
“I’m betting this is internal sabotage by the brilliant computer geeks that are there or ex-patriated.”
Sounds like Israelis, to me.
“Could it be that Bibi and his boys are doing the work that others refuse to do?”
So long as it can achieve the same objective, this seems like a far less risky avenue to shutting down Iran’s nuclear capabilities than would a military attack. There’s times when you want your fingerprints all over a military operation and other times you don’t. Given the short fuse of I’mANutJob, messing him up covertly rather than overtly is not a bad plan.
Has the malware spread to the refining facilities? If so, that would be just too sweet!
ping
From the story it appears that the worm was designed to operate on stand-alone, not internet connected SCADA systems (Supervisory Control And Data Acquisition).
SCADA systems use PLC’s (Programmable Logic Controllers) to remotely operate machines and processes in an automatic fashion. The PLC’s also send back data to the system for analysis and storage.
Apparently the worm was designed to reprogram the PLC’s and disrupt their function.
Good stuff...
Part 1?
Iranian nuclear sites! Life is good!
Why wouldn’t the Russian target their own systems? Lots of other people to blame it on. It would be like and endless ATM.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.