Stuxnet leads us into a new era
Is it just my lurid imagination, or am I the only one getting worked up about the perfectly and creepily named Stuxnet computer worm, a virus that ticks so many fictional boxes you would have to assume it was imagined if it weren't real.
So, this is a computer "worm" especially designed to disable software for power companies made by the German electronics giant Siemens and used by Iran's nascent nuclear industry. It contains a veiled reference to the Book of Esther from the Old Testament in which the Israelites launch a pre-emptive strike against the Persians to avoid being wiped out.
The geekocracy thinks that the worm is so clever it can only have been designed with the kind of resources wielded by a nation state. I wonder who they have in mind. If this is all true -and I cannot completely banish the suspicion that this might be some elaborate hoax- then we have indeed entered an era of cyberwar.
~RS~q~RS~~RS~z~RS~44~RS~)
Comments
"...a virus that ticks so many fictional boxes you would have to assume it was imagined if it weren't real"
______________
It it were not real and yet it is being considered, what else could it be other than imagined?
Complain about this comment
Cyber Superweapon, Stuxnet - designed to disable nuclear facilities in Iran, but Stuxnet may be a Frankenstein.
There's been a Virus Bulletin Conference which was held inn Vancouver, Canada. The Conference was called "Stuxnet: An In-Depth Look."
It was arranged by the Symantec company, whose researchers have been analyzing the computer worm since June when the virus first raised its ugly head.
Eric Chien, Technical Director, Symantec's Security Response Unit: "I've been dealing with malicious code threats for 15 to 20 years now, I've seen every large sort of outbreak, and we've never seen anything like this. It's fundamentally changed our job."
Why?
Because this virus has been designed to sabotage power plants, nuclear plants – things that can blow up and do mega-damage.
The Symantec researchers say the Stuxnet worm was designed by a well-funded, well-organized group, most likely affiliated with a government. They're convinced it was meant to target facilities in Iran. The virus was apparently designed to penetrate and take over the computerized control system. So what Government would want to sabotage Iran to such a horrific and irresponsible extent? My guesses
1. Israel and/or
2. The United Staters of America.
But could they not see the repercussions? Now that Stuxnet has been released, other computer sophisticates can copy. Other computer sophisticates can take the Stuxnet computer code, modify it slightly, and release.
Chien: "People have been talking about this in theory for a long time; we've had movies that have demonstrated this kind of thing, but it's never been done for real."
Even as the US and other Western cybersecurity officers scramble to find new ways to protect industrial facilities from a Stuxnet attack, their governments in all likelihood have their own computer sophisticates developing new cyberweapons.
Deputy Defense Secretary William Lynn, speaking about US cyberwar plans said he did not know where Stuxnet came from. Asked about the US military's own offensive cyber-arsenal, he refused to comment.
Complain about this comment
Yes, you are the only one to think the worm is imaginary.
Complain about this comment
Would not destroying a rogue nation's nuclear capacity from within be preferable to dropping tactical nukes on the country itself?
Complain about this comment
Yawn. Only affects windows. Most plants don't have controls running windows AND hooked up to the net.
Complain about this comment
Re: Illogicbuster's last comment about most plants not having controls running windows and being hooked up to the net.... My experience with the S7 PLC that is targeted by the Stuxnet virus is that it is very common for it to be connected with a permanent Ethernet connection to a PC running the Windows operating system. Many of them don't even have an HMI (Human-Machine Interface, or touch screen) connected to them but use the real-time interface on the PC to monitor the functions of the PLC and to send program updates or parameter changes to the PLC that controls the machine.
Complain about this comment
@ Homer J.
Certainly would, but it appears the rogue state is the one that deployed it. Let us not forget that the Israeli state conducts terror tactic raids in other nation's sovereign territory, is nuclear armed (in violation of all treaties) and would be in breach of multiple UN resolutions if the US (which just this week was discovered to have been using Bio-terror research against Guatemalan citizens, amongst others) hadn't explicitly stated that it would shield them from all civil actions.
In short, I'm more worried by Israel than Iran.
Complain about this comment
R,
The Guatemalan STD experiment was to test the efficacy of penicillin in treating those diseases. The experiments were deplorably unethical, but were *not* "Bio-terror research. To characterize the experiments done on citizens of another country as such is irresponsible and offensive.
Besides, we already did that with the Tuskegee studies many decades ago. We only do "Bio-terror" against our own citizens...
Complain about this comment
Use of 'cyberweapons' by governments has been proposed and responded to as a potential threat for quite some time. We know that non-state groups have done things like 'distributed denial of service' against commercial/govenment systems they don't like and there have been claims of hacking by various countries.
I don't think it is beyond reasonable understanding that a country such as Israel, perceiving a threat they might even use military action against, could unleash a bit of software in an attempt to acheive a similar result. Arguably more ethical than the use of weapons which would kill non-combatants imediately and possibly result in armed conflict killing many more.
Complain about this comment
This sort of thing does NOT necessarily require the resources of a nation.
It's also not the first time.
Remember the north east grid failure in the US? Windows 98 based systems controlled the grid at that time. It went down because they got infected. It's not exactly a secret.
In this case, what would be needed was specific knowledge about the target systems.
Complain about this comment
In reply to:- Illogicbuster
-
Simply not true.
Unwisely in my opinion,
many SCADA systems
sit on top of Windows SERVER OS
i.e. 2000, 2003, 2008 etc.
-
The vulnerability
is, as always,
in the underlying OS.
-
However, in this instance,
knowing that this piece of malware,
uses Siemens SCADA,
to reconfigure a couple of
specific Siemens PLCs
is a significant advance
in the evolution of
"smart" malware.
-
Sadly the SCADA industry
is full of lots on non-geeks,
who don't understand the
implications of
their choices
in underlying operating systems.
-
Even limited access to the
internet at-large
is not an effective precaution in this
instance as the "infection"
tends to spread from
USB thumb-drive memory devices,
which technicians "carry" their
"tools" on.
-
This infection was,
we are told,
very effective,
in remaining hidden,
and thus undetected,
on a drive.
-
Flipant comments from
Linux & Unix users,
do not help theses
SCADA specifiers to understand,
where the vulnerabilities lie.
So lay off the smug comments.
-
Complain about this comment
"If this is all true -and I cannot completely banish the suspicion that this might be some elaborate hoax- then we have indeed entered an era of cyberwar."
We are now in an "Information Technology Age" in which global communications is transforming the world. The way we do business is different, the way we socialize is different, the way we learn is different.
While I'm also not sure how real the threat is, I think the veiled threat is very very real. We are all, from desk-top user to government database, concerned about how technology might be used by people with malicious intent.
Besides... aren't remote drones changing the face of our ground wars?
Whether we like it or not (and I don't), IT is changing the way the world fights.
Complain about this comment
gaalfred wrote:
Re: Illogicbuster's last comment about most plants not having controls running windows and being hooked up to the net.... My experience with the S7 PLC that is targeted by the Stuxnet virus is that it is very common for it to be connected with a permanent Ethernet connection to a PC running the Windows operating system.
-------------------------------------------------------------------
Which is why no US power plants have been infected. LOL
Complain about this comment
Iran has buried its nuclear facilities too deeply for interested parties to be sure of taking them out with a missile or an air strike so instead one, or possible more than one, has come up with an elegant alternative.
You must admit, its a better way to prevent nuclear proliferation than a military attack and the risk of open warfare.
Complain about this comment
How, exactly, did all this come to light?
I don't expect the Iranian government called a press conference to give the world such details.
Complain about this comment
Some people might comment that the computer-programming resources of the British nation-state is not something to write home about when compared to, say, Siemens....
Be that as it may, the easiest secrets to keep can be the ones where everybody thinks they already know the answer, so they don't ask the question.
When asking the question "Who had the motive to do this?", I'm reminded of a passage from "The Hitchhikers Guide To The Galaxy":
Zaphod Beeblebrox- "Who in the Galaxy wants to bomb a publishing company??"
Marvin (the paranoid android)- "Another publishing company?"
Complain about this comment
The reason the Internet was formulated in 1968 by ARPA was to set up a communications network that could survive a nuclear attack. The Internet has always existed as an instrument of war. In this phase the Internet is being used to prevent a nuclear attack: we will come full circle when nuclear weapons have to be used to survive an Internet attack.
Complain about this comment
View these comments in RSS