Forgot your password?
typodupeerror
Bug Government Power Security The Military United States Hardware

Stuxnet Infects 30,000 Industrial Computers In Iran 263

Posted by timothy
from the we-all-run-from-i-ran dept.
eldavojohn writes "The BBC and AFP are releasing more juicy details about the now infamous Stuxnet worm that Iranian officials have confirmed infected 30,000 industrial computers inside Iran following those exact fears. The targeted systems that the worm is designed to infect are Siemens SCADA systems. Talking heads are speculating that the worm is too complex for an individual or group, causing blame to be placed on Israel or even the United States — although the US official claims they do not know the origin of the virus. Iran claims it did not infect or place any risk to the new nuclear reactor in Bushehr, which experts are suspecting was the ultimate target of the worm."
This discussion has been archived. No new comments can be posted.

Stuxnet Infects 30,000 Industrial Computers In Iran

Comments Filter:
  • by O('_')O_Bush (1162487) on Sunday September 26, 2010 @01:06PM (#33704334)
    Really? Because, as someone who has worked in gov't related cybersecurity, I can tell you that they try all the time.

    There's no shortage of reasons for hackers to want access to data (classified or otherwise) really really badly.

    You just need to get the hollywood fabricated ideas about teams of small teams of omnipotent superhacker "gods" out of your mind, because they don't exist.
  • by retchdog (1319261) on Sunday September 26, 2010 @01:17PM (#33704390) Journal

    no, of course they aren't omnipotent gods, but on the other hand you don't need to be a god to cause serious damage to human beings. you just need to be intelligent; properly specialized; and oddly motivated. fortunately, the old "pick two of three" rule seems to apply here. :)

    I do personally know some security professionals whom I suspect would have a pretty good shot at something like this, if they were both unethical and had a little bit of inside knowledge.

    admittedly, most of what i know about US gov't cybersecurity is what i read on slashdot which tends to be negative. so i am biased there. still, it's a bit hasty to assign credit to a state. small groups of the right people could get a lot done. i mean, all you need is the information; this isn't the manhattan project.

  • Leaps of logic (Score:5, Insightful)

    by Anonymous Coward on Sunday September 26, 2010 @01:19PM (#33704402)

    I have a hard time taking it seriously that a "Nation State" is the most likely source of the infection and I have an even harder time that it is the Untited States behind it. Siemens is a huge (German) manufaturer of control systems, their equipment is installed throughout the industrialized world. The Bushehr reactor is being built with help from Russia but I am sure there are engineers from many different countries involved (notably absent would be Israel and the U.S.). These engineers should include people responsible for the security of both the Windows and the Siemens systems.

    I would argue that these engineers are the likely source of the information used to create the 'worm'. They have to be. Nobody else should have the information available to them to program the specific scenero to meet all of the inputs required to cause the mayhem the worm is intended to cause.

    Perhaps over a couple of beers they decided they didn't like some of the things they were seeing? Maybe they wrote the worm or maybe they just provided the information to the people that did. But either way, it reeks of being an inside job.

  • by Dan667 (564390) on Sunday September 26, 2010 @01:19PM (#33704410)
    intersting it is totally ok for israel to have nukes. When is israel going to have weapon inspectors and give them up? If there really was interest in getting this stopped that would be the first step.
  • by devphaeton (695736) on Sunday September 26, 2010 @01:29PM (#33704460)

    "Talking heads are speculating that the worm is too complex for an individual or group, causing blame to be placed on Israel or even the United States "

    How does "too complex for an individual or group" equate to "must be Israel or the United States"? I hope I'm reading this wrong.

    Otherwise I might have to troll about "German companies blaming the US and the Jews for everything" or something.

  • by Ironsides (739422) on Sunday September 26, 2010 @01:37PM (#33704504) Homepage Journal

    When is israel going to have weapon inspectors and give them up?

    When Israel signs the Nuclear Non-Proliferation Treaty.

  • by Beelzebud (1361137) on Sunday September 26, 2010 @01:40PM (#33704522)
    I love the double standard! So, if that's the case, then people should STFU about Iran building anything, considering they haven't signed that treaty either...
  • by Grishnakh (216268) on Sunday September 26, 2010 @01:43PM (#33704548)

    Yep, this is the part that's so funny to me. Iran is so anti-America, Ahmadinejad is spouting conspiracy theories at the UN saying the US orchestrated 9/11, but then they're trusting Microsoft Windows (an American product known for security problems) to run their industrial computers? How stupid can you get?

    The Chinese are the complete opposite of these buffoons. They know that relying on another country's secret, proprietary software is foolhardy, so they've adopted Linux for governmental uses and have even developed their own Linux distro, Red Flag. Maybe it can't run all the latest applications or whatever, but trusting a product made by your enemy to run your country's infrastructure is just dumb.

  • Re:Leaps of logic (Score:5, Insightful)

    by IamTheRealMike (537420) <mike@plan99.net> on Sunday September 26, 2010 @01:47PM (#33704582) Homepage
    The skills "reprogram industrial PLCs" and "find four new zero days in Windows" don't overlap a whole lot. Given what this virus does, it's very hard to believe it's the work of one or two guys. The whole thing smells strongly of a highly skilled and well financed team assembled for a specific reason. After all, it apparently is searching for a specific device or type of device and then tries to sabotage it - presumably this code was thoroughly tested, which means whoever wrote it is likely to have a small recreation of parts of the target factory somewhere. Not cheap or easy to set up.
  • by Anonymous Coward on Sunday September 26, 2010 @01:49PM (#33704592)

    "then what is this?"

    Iran being stupid and buying the bulk of their equipment from a short list of companies corrupt and unethical enough to sell their wares to that country. Then that equipment gets targetted because of their asinine behavior.

    Certainly not what you want others to believe. There is no clear evidence, unlike attacks from North Korea and China.

    Obviously, lack of information allows absolute speculation to run rampant for some people. It shows your fears, loathing, and hate.

    It's not as if systems in the US and elsewhere are immune. Iran simply has limited choice in their equipment supply, so they are getting hammered more by a virus written for and targetting those systems. Other similar systems are being hit elsewhere. Iran just is getting a bulk of it because they don't use much else. The computer equivalent of a monocrop..

  • by Anonymous Coward on Sunday September 26, 2010 @02:02PM (#33704686)

    We've got many, many quotes from the Iranian leaders (many of them) which are along the lines of:

    Citation please, along with the actual non-paraphrased quotes.

    If people do conclude this was a US/Israel attack, they should take it as an indication to everyone watching that the US and Israel are not bloodthirsty.

    Right. That works so long as you are willing to ignore all the examples of war crimes and atrocities committed by both of them.

  • by gad_zuki! (70830) on Sunday September 26, 2010 @02:05PM (#33704694)

    The stuxnet team is most likely the product of a large intelligence department. That is to say a group effort from a nation state, not some independent hacking gods with nothing better to do.

    The point is that expertise in scada, coming up with 4 zero days, getting 2 signed driver keys from JMicron and Realtek, and distributing the exploit without the internet to Iranian factories is not something a non-state can do.

  • by DoofusOfDeath (636671) on Sunday September 26, 2010 @02:07PM (#33704718)

    True, but it is generally prudent to stop crazed assholes* with the stated goals of wiping other states from the map from having any such weapons.

    You mean the Israeli settlers in East Jerusalem and the West Bank?

  • by SashaMan (263632) on Sunday September 26, 2010 @02:15PM (#33704776)

    Uhh, you're missing the GP's point. It's HIGHLY doubtful a small group of scruffy super smart hackers a la Angeline Jolie and friends in "Hackers" created this virus. Given the complexity you point out (and by the way, you missed a very important point - stuxnet utilizes stolen encryption keys from TWO Tiawanese chip manufacturers), it's much more likely that a large, coordinated government or corporate organization that was able to assemble experts from many different fields was behind the attacks.

  • by ultranova (717540) on Sunday September 26, 2010 @02:30PM (#33704858)

    Iran has stated that they want to "wipe Israel off the face of the earth"

    And considering Israel's history of attacking and occupying its neighbours and shooting rockets at residential buildings, suppressing all criticism with accusations of antisemitism, and likely being the initiators of this virus, who can blame Iran?

    I wouldn't want Israel to be next door to me either; would you?

  • by phantomfive (622387) on Sunday September 26, 2010 @02:42PM (#33704918) Journal
    It's not a double standard, it's a self-centered standard. I am opposed to countries like Iran, who have special holidays for hating my country, getting nuclear weapons. I don't want people who have declared themselves enemies of my country to have nuclear weapons. Unfair? Yes. Do I care, not really. Sometimes there are more important things than fairness (and real fairness in life is impossible anyway).
  • by Anonymous Coward on Sunday September 26, 2010 @02:45PM (#33704930)

    There is a tendency. Certain countries committing atrocities end up labeled bloodthirsty, fanatic, aggressor, evil. Another specific set of countries committing atrocities end up being excused like: "they did it for the greater good", "justified self-defense", "reducing further damage", "preventing world war III", "protecting democracy".

  • by Xaositecte (897197) on Sunday September 26, 2010 @03:13PM (#33705104) Journal

    How often have surrounding Arab states invaded Israel?

    How often has Israel invaded surrounding Arab states?

    Historical records do not agree with your statements.

  • by SuricouRaven (1897204) on Sunday September 26, 2010 @03:16PM (#33705140)
    That's shooting rockets *back* as residential buildings. Hamas started on that one - they thought that if they launched their own rockets from residential or public buildings, Israel would be too afraid of the bad PR to risk counterattacking the launch sites. It partially worked.

    Israel is not a good neighbour - but their actions are not unprovoked. They have to live with a seemingly endless stream of rockets being fired into their own residential areas over the border, frequent attempts at suicide or car-bomb attacks, and neighbours who routinely say that all jews should be exterminated. Given the circumstances, you can't really blame them for reacting so strongly.

  • by Anonymous Coward on Sunday September 26, 2010 @03:19PM (#33705156)

    i had a shave this morning with occam's razor. and it told me the fucking jews did it.

  • Re:Leaps of logic (Score:5, Insightful)

    by EdIII (1114411) on Sunday September 26, 2010 @03:52PM (#33705332)

    You've completely ignored idealism here. The U.S and Israel are not the only governments with an interest to destabilize the Iranian government. I can see Russia, China, and Jordan having an interest as governments to destabilize Iran, especially, when the U.S and Israel are such convenient scapegoats. Perhaps, even just causing the U.S and Israel some problems would be the end goal of the whole project.

    Keep in mind that opportunity costs only matter to criminal organizations... and governments. Criminal organizations would be concerned with lost profit, while governments are concerned with losing an attack vector.

    What about the idealism? Out of all of the engineers that have worked on that equipment in Iran, NONE of them had any idealism or conflicts with the Iranian government?

    Burning a huge opportunity cost to sabotage a nuclear reactor in Iran certainly sounds like something an idealistic group of "terrorists" would do to stop the Iranian government from becoming a nuclear power.

    Note I keep saying Iranian government. There are millions of young people in Iran right now, some of them fairly well educated, sophisticated, and access to funding, that don't consider themselves on board with the current Iranian leaders.

    We can speculate all day who really might have done this, but we can't rule out home grown terrorism here either.

  • by Anonymous Coward on Sunday September 26, 2010 @03:54PM (#33705336)

    MB for complexity? What the fuck? That's like GHz for speed -- there is relation only when you restrict the scenario (e.g. 100% ASM). Apparently you haven't seen any 64KB demos, or 10MB STL+Boost* HelloWorld programs.

    * This remark is a detraction of programmer inefficiency, not C++/STL/Boost. It doesn't occur when they are used correctly.

  • by dave420 (699308) on Sunday September 26, 2010 @05:00PM (#33705694)

    He didn't say he wanted to wipe Israel off the map. That was a clumsy translation that has been frequently pointed out as such, but it seems some people just don't want to listen.

    The rest of your bullshit is just childish.

  • by Will.Woodhull (1038600) <wwoodhull@gmail.com> on Sunday September 26, 2010 @06:23PM (#33706386) Homepage Journal

    I agree. Stuxnet, and who knows what will follow it, are similar to the USA Skunkworks that managed to develop and deploy the SR-71 Blackbird in complete secrecy, or before that the Manhattan Project in the USA, and the Enigma work done in Great Britain.

    We have a new player on the world stage, and data security is never going to be the same again. Actually we probably have more than one new player, since there are a probably a dozen countries that are capable of doing this kind of thing. And quite possibly they've been around for a long time, hiding behind spammer botnet facades, etc. I find it suspicious that while spammer botnets are supposed to be making their fortunes by selling advertising, there has never been a serious effort to go after the companies that are apparently buying these services. I wonder how many distributors of v14gRuh there really are, and how many are virtual fronts for information gathering and disinformation distribution activities?

    Hmm. I prolly read too much Philip K Dick in a younger day.

  • Re:Leaps of logic (Score:3, Insightful)

    by moortak (1273582) on Sunday September 26, 2010 @06:46PM (#33706558)
    We also can't rule out regional players other than Israel. The UAE has deep pockets a no desire for a nuclear Iran, same deal for Saudi Arabia.
  • by theshowmecanuck (703852) on Sunday September 26, 2010 @07:11PM (#33706746) Journal
    Bullshit? Go fuck yourself. That is a good enough response to someone who name calls because he can't stand the truth. Even the former Syrian president from 1948 admitted it was a mistake to tell the Palestinians to leave. Stick with your populist bullshit, moron.

As the trials of life continue to take their toll, remember that there is always a future in Computer Maintenance. -- National Lampoon, "Deteriorata"

Working...