Stuxnet

Re: Stuxnet

http://www.washingtonpost.com/wp-dyn...112901560.html

Dunno who's behind it, but there were some attacks.

Re: Stuxnet

"Coordinated assassinations"? Please cite some credible source(s), or it's all a just another loony conspiracy theory.

Re: Stuxnet

Given the coordinated assassinations on the leading scientists that coincided with the release of the worm, I do think a state actor was at play.

We could debate the complexity of the worm and various motives of groups all day, but coordinated assassinations tend to rule out a few possibilities.

Re: Stuxnet

Do you have some actual evidence for this statement? Personally, I think you are, ah, how shall we say it, wrong?

Re: Stuxnet

Mod delete this post it was double posted

Re: Stuxnet

Stuxnet was idaho national laboratory american made crap that backfired against the U.S. on an international cybernetics level.
Hey Tangent didn't D H S investigate that incident?

Re: Stuxnet

Not sure anyone else has been following this, but "Anonymous" apparently got a copy of Stuxnet after hacking HBGary, the security firm who compiled a very amateurish report detailing the people they thought were behind the organization.

Anonymous posted this decompiled version, apparently created with Hex-Rays:

https://github.com/Laurelai/decompil.../master/output

Re: Stuxnet

See the analysis I linked earlier:

http://www.langner.com/en/2010/11/19/the-big-picture/

Stuxnet contains two payloads. One indeed is targeted at centrifuges for enriching uranium. The other one appears to target a power plant's turbine.

Two birds with one stone, so to speak... and as it were apparently the gas turbine payload is substantially more complex than the one that targeted the uranium centrifuges.

Re: Stuxnet

I'd heard that Stuxnet's payload was aimed at modifying the RPMs of nuclear fuel producing centrifuges, rather than a nuke plant's steam turbine. The centrifuges are used to separate U-235 from U-238 for use as fuel (or alternately, bombs.) Apparently, the correct RPMs are critical for both the production of the U-235 and the operation of the centrifuge itself. Incorrect RPMs will cause incorrect fuel extraction and can damage the centrifuge's mechanisms.

However, even destroying the centrifuges still wouldn't cause a meltdown according to what I know. Uranium within a centrifuge is in a gaseous form (technically it's gas uranium hexafluoride). For it to go into the superheated, uncontrolled state that causes a meltdown, the U-235 has to be in a solid state. Now, I am not a nuclear scientist (IANANS ), so I could be off base here, but that's my understanding.

Re: Stuxnet

Stuxnet can't cause a nuclear catastrophe. The intended target was a gas turbine, centuries old technology which turns steam pressure into torque which in turn drives an electrical generator and produces electrical power.

Rather than affecting the nuclear components of the power plant, Stuxnet could theoretically destroy this turbine and thus the plant's ability to produce electrical power.

Re: Stuxnet

This is a month old, moldy dusty bread of a post but, that wont stop me...

"I simply cannot understand the lack of attention to Stuxnet. Could someone explain to me why?"
Hmm well do you want everyone in the world to know that it would be possible to control the nuclear centrifuge possibly causing a nuclear meltdown in a foreign nation already in the middle of a bunch of war nations. Dunno about the rest of ya'll but a nuclear winter doesnt seem to appealing...
Perhaps they fail to realize the complexities of how hard it is to debug the StuxNet source code...

"Most of it is because the SCADA engineers around the world refuse to admit there's actually a problem"
This is true... Can you blame em?

"The controls reportedly had a CIA-designed flaw in SCADA software was stolen by the KGB"
Did ya know the CIA Director was in Nicaragua during the Earthquake in 72...

Re: Stuxnet

Perhaps the most detailed analysis of Stuxnet yet:

http://www.langner.com/en/2010/11/19/the-big-picture/

It contains two different payloads designed to attack two different targets. The first payload was designed to destroy the rotors of uranium centrifuges. The other payload was aimed at the approximately 150 foot wide gas turbine of an Iranian nuclear power plant.

"Stuxnet is like the arrival of an F-35 fighter jet on a World War I battlefield."

Re: Stuxnet

Yeah, I'm well aware of that, but again, that's a trojan, and one which required very specific and purposeful manual actions on the part of the Russians in order to be effective.

Stuxnet is multi-layer malware, which propagates with zero knowledge on the part of Iranians and leverages their computer infrastructure along with normal actions and processes. Obviously there was a huge amount of spy work/intelligence that went into its creation, but after that, they turned it loose in selected places and theoretically it just did its thing. That's the unprecedented part here and what really makes Stuxnet so interesting.

Re: Stuxnet

Do a search on "Operation Orchard", and you'll find a lot of information about it. There are some conflicting reports that indicate that it was a backdoor, or a 'kill switch' worm, some super-sophisticated variation of conventional radar jamming, or a man-in-the-middle attack on the fiber communication lines between the radar transceivers and the operators' workstations. Richard Clark has a good review of what happened and the possible explanations in Chapter 1 (pages 1-8) of Cyber War. Clark opens the book with that situation because he says "This was how war would be fought in the information age, this was Cyber War."

The very first incident of this type however, was probably close to three decades ago, when the Trans-Siberian pipeline exploded 1982. The controls reportedly had a CIA-designed flaw in SCADA software was stolen by the KGB. The flaw has been described as both a Trojan-horse and a logic-bomb. Whatever the exact technical specifications, the software allegedly caused various pumps, turbines, and valves to exceed normal operational limits, which in turn caused the pipeline to burst and explode. While the end result was not nearly as subtle as Stuxnet's reported target, it certainly did exactly what you describe, in that it was looking for very specific types of hardware operating under very specific conditions and then and only then did it attempt its attack.

Re: Stuxnet

Didn't know about that... cool. And what we're seeing here is very similar: Stuxnet has been specifically designed to mitigate collateral damage, looking for very specific types of hardware operating under very specific conditions and then and only then does it attempt its (very subtle) attack.