Stuxnet Infects 30,000 Industrial Computers In Iran 263
eldavojohn writes "The BBC and AFP are releasing more juicy details about the now infamous Stuxnet worm that Iranian officials have confirmed infected 30,000 industrial computers inside Iran following those exact fears. The targeted systems that the worm is designed to infect are Siemens SCADA systems. Talking heads are speculating that the worm is too complex for an individual or group, causing blame to be placed on Israel or even the United States — although the US official claims they do not know the origin of the virus. Iran claims it did not infect or place any risk to the new nuclear reactor in Bushehr, which experts are suspecting was the ultimate target of the worm."
Re:strange conclusion. (Score:4, Informative)
Getting information was not so difficult, even from within the Manhattan Project [wikipedia.org]. If a government is hellbent on infiltrating secret projects of a rival government, they sure have enough resources at hand.
Re:Email titled "Death To America!" (Score:3, Informative)
Just for the record:
Siemens = German
Re:"Bushehr" named in reference to the Bush era? (Score:3, Informative)
I think it's a stretch to make an assertion that Bush has traveled 1500 years back in time: http://en.wikipedia.org/wiki/Bushehr [wikipedia.org]
Re:Not so bad of a result (Score:5, Informative)
I love the double standard! So, if that's the case, then people should STFU about Iran building anything, considering they haven't signed that treaty either...
Iran signed 1 July 1968 [un.org]. What was that about a double standard and STFU?
Re:Not so bad of a result (Score:1, Informative)
I love the double standard! So, if that's the case, then people should STFU about Iran building anything, considering they haven't signed that treaty either...
Are you really that flipping naive? Israel is using nukes as a deterrent, defensive weapon, which has so far worked. Iran has stated that they want to "wipe Israel off the face of the earth," http://www.guardian.co.uk/world/2005/oct/27/israel.iran [guardian.co.uk] and would probably use nukes as an offensive weapon, at least that is my interpretation of "burn in the fire of Islamic fury." So GFY before you tell people to STFU!
Re:Not so bad of a result (Score:5, Informative)
Actually, Ahmadinejad never said that. The quote is a mistranslation and has mendaciously used as propaganda by Zionists and useful idiots as proof of Iran's alleged destructive intentions.
If you bothered to read the entire page you linked to, the Guardian published a retraction: http://www.guardian.co.uk/theguardian/2009/apr/23/corrections-clarifications [guardian.co.uk]
Re:Bushehr as target (Score:5, Informative)
In any event, in the early analyses of Stuxnet, that the target was Bushehr was speculative based on:
Assuming the screenshot and target of Stuxnet are both Bushehr, then I don't actually know which is worse; that someone would trust apparently pirated software to run a nuclear plant, or that someone would deliberately try to disrupt the operations of one...
Re:Not so bad of a result (Score:2, Informative)
What about crazed Israeli leaders?
Martin van Creveld is a Israeli historian and researcher -
(emphasis added)
http://en.wikipedia.org/wiki/Martin_van_Creveld#Views_on_current_affairs [wikipedia.org]
Assuming he is correct, and I have no reason to doubt him given his credentials, does this sound like the position of a rational, cooperative, civilized nation-state?
Re:Bushehr as target (Score:5, Informative)
There is an analysis of the screenshot at http://www.hackerfactor.com/blog/index.php?/archives/396-No-Nukes.html [hackerfactor.com]
The conclusion is that it is probably a screenshot of a wast water treatment plan, not a nuke facility.
Re:strange conclusion. (Score:2, Informative)
omnipotent superhacker gods the world has seen.
Ladder logic is NOT that hard. Most of the industrial companies I have worked with there is *MAYBE* 1 or 2 guys who write the whole system. The systems are pretty freeking easy to access. It is all standard control codes (otherwise no tools would work right).
These things are meant to hook together in rings of controllers that act as a unit no matter who you buy the controllers from. Many of the bigger companies such as Siemens even make it pretty easy to glue junk together with their software.
You seriously do not want to know... It is that bad. It is stuuuuuuuuuupid easy to program these things. An okayish programmer could come up with a worm in a couple of months (probably less).
The reason they are this way? You ask? Well it used to be pretty simple. They was no internet for them to get plugged into. No networks. It was all serial connections. There is no access/authentication control response from these things. You didnt want people to have access to these things. You just locked the door to the room they were in. However, over the years remote management became more common. However the access controls were never put into place.
There are millions of these fairly simple (at least compared to todays computers) controllers out there. How they work is *WELL* understood there are dozens upon dozens of websites out there that tell you exactly how to program your controller. Hell you can buy the SDKs from the major companies (they dont cost much).
The only speculation on is who wrote it. Not how easy it is. Those of us who write this sort of software know how easy it is. Then the access controls that are in place are not even very good. They are easy to brute force in under a couple of hours or so (the password space being very small, susceptible to man in the middle attacks for the longer ones, and replay attacks).
It really is as easy as putting the right bytes out on the serial line and poof the other box is reprogrammed. That is how many are programmed in the first place...
When I first started working with industrial controllers I was seriously scared. You should be too. It is that bad. It wouldnt take much. Right now the only thing is cost. As the things these sorts of things plug into cost quite a bit. The controllers are tad on the pricey side (anywhere from 200-1500 each). But the access controls on them are horrible. Making them dead easy to program.
Re:Not so bad of a result (Score:3, Informative)
If Israel really wanted to wipe out the Palestinians, they could do it without Nukes.
Surrounding Islamic countries however, have repeatedly attempted to wipe out Israel without nukes, and failed. Historical record implies if they had access to nukes, they'd use them.
Re:Not so bad of a result (Score:3, Informative)
Yes he is. That is, he is a citizen and is a historian and researcher, and is entitled to his own opinion. Let me say the key part again, *his own opinion*. He is not part of the Israeli government. And in case you forgot Mahmoud Ahmadinejad, who said "Israel should be wiped off the map", well he IS the PRESIDENT of Iran. It sounds like you are not clear on or don't understand the subtleties of a citizen making a statement and the head of state of a country making a similar statement. There are many people who advocate turning "Iran into a glass parking lot." Just do a Google search for that last phrase that I put in quotes. You'll find many (although not exclusively) are Americans. However, as citizens of America, the weight we put behind what they say is far, far less than if The President of the U.S.A. were to say it. So even if you are correct as to what Creveld said, it is not rational to assume that it is the Israeli government's position. However I don't doubt that the Israelis would retaliate in kind if they were attacked, against their attackers. Netanyahu said, 'If the Arabs put down their weapons today, there would be no more violence. If the Jews put down their weapons today, there would be no more Israel'. Since I haven't seen any Israeli suicide bombers and no Israeli jihads, nor Israeli hijackers flying into buildings lately, I tend to believe this is true.
I know it is currently popular to jump on the Israeli bashing bandwagon. But remember, if the Arab leaders in 1948 hadn't told the Palestinians to leave Israel so that the surrounding countries could attack Israel, we wouldn't have this situation to begin with. Read documented history and not propaganda. There never was a country with a distinct government called Palestine, ever.
Re:Not so bad of a result (Score:1, Informative)
How often have surrounding Arab states invaded Israel?
How often has Israel invaded surrounding Arab states?
Historical records do not agree with your statements.
Israel's creation was an invasion of an Arab state. I know that it's been a while since it's been created and by nowadays many people say that we should just accept its existence but lets not forget that since Israel's creation its borders have done nothing but grow.
Re:and why would that be a problem, exactly? (Score:4, Informative)
Citation please, along with the actual non-paraphrased quotes.
Enjoy:
http://www.youtube.com/watch?v=FckLO8HcNyo [youtube.com]
http://www.youtube.com/watch?v=Gk_eXtCu03E [youtube.com]
Oh, and here are a few more which, while they don't quite come from leaders, do come from agents of the Iranian state - in their official capacity - cheering the crowd:
http://www.youtube.com/watch?v=XHoVuFlrcjA [youtube.com]
http://www.youtube.com/watch?v=92myDzAFgU4 [youtube.com]
Search for "death to Israel" and "death to America" on YouTube for tons more of that.
Re:Not so bad of a result (Score:2, Informative)
How the fuck is that posting informative? It is plainly FUD
Ahmadinejad has said [google.com] again [washingtonpost.com] and again [google.com] that he intends to destroy Israel
Go check yourselves [wordpress.com]
Re:Bushehr as target (Score:3, Informative)
Assuming the screenshot and target of Stuxnet are both Bushehr, then I don't actually know which is worse; that someone would trust apparently pirated software to run a nuclear plant, or that someone would deliberately try to disrupt the operations of one...
As someone who is involved with these kinds of systems, there's no way you would pirate software like this. Typically you can't buy this gear in isolation without a complete support agreement which often includes a lot of software to go with it. Some vendors even give away the software for free knowing it'll only run on their hardware. This kind of licence key issue is more likely due to a cock-up during the commissioning stage. God knows I've seen plenty of those, or maybe just an IT issue. I wasn't able to start AutoCAD on my work machine all of last week because of some issue with a licence server. Or someone didn't read the instructions and never setup the licensing server.
Re:strange conclusion. (Score:2, Informative)
Really? How big do you think the team that created Stuxnet is then? Or do you really think that one guy found 4 new zero days, wrote a P2P control mechanism, a custom kernel mode rootkit, a bunch of PLC code in an obscure form of assembly language and a shim DLL to hide the PLC infection from the operator?
Don't forget the fake kernel drivers signed with a stolen certificate [securelist.com]. Stealing or breaking the digital certificate used by JMicron to sign Windows kernel drivers should be out of range for even a skilled single hacker.
Oh and apparently there was a second certificate [h-online.com] stolen/broken, this time from Realtek.
This thing is really scary. Even when you follow best practice for security in every detail, you would have no protection against something like Stuxnet.
Re:Bushehr as target (Score:1, Informative)
Why is disrupting the operations of a nuclear power plant so deeply disturbing to you? The Bushehr plant is a light-water reactor, which simply cannot "blow up" and contaminate the environment (though they can still melt down, of course.) This is because of the design. A "breeder reactor" is designed to create (breed) more fuel by using emitted radiation to turn Uranium 238 into Uranium 235 (fuel grade uranium.) To achieve significant amounts, however, the fuel in a breeder reactor has to be highly enriched. This leads to a possible worst-case scenario in a meltdown- fuel melting out of the fuel rods, collecting at the bottom of the containment vessel, is impacted by a glob of melting fuel coming from the fuel rods above. Wham-bam-thank-you-mam, a primitive, accidental replica of the first Atom-Bomb's "gun-type" detonator has occurred.
This 'blast' still wouldn't be very big- it'd seriously damage the facility, but no more. The point is, though, that such an explosion might be enough to punch a hole in the concrete containment dome (which can generally withstand almost anything,) thus releasing that radiation all over.
A light water reactor, however, uses fuel that's far less enriched, so even if globs of melting fuel were to start smacking into each other, they wouldn't be able to produce a hiccup that could blow a hole in the concrete containment dome, the last failsafe. (Pop the lid off the reactor vessel, yes, but widespread death? No.)
There's another lesson here- the Bushehr plant was most certainly not the target of the worm, because it's not a breeder plant. Nuclear waste from it can make a nasty "dirty bomb," but considering that refinement centrifuges can make weapons-grade materiel, and the plant cannot, the centrifuges are most certainly the higher-value target. I'm mystified that people are considering the power plant at all.