Stuxnet Infects 30,000 Industrial Computers In Iran 263
eldavojohn writes "The BBC and AFP are releasing more juicy details about the now infamous Stuxnet worm that Iranian officials have confirmed infected 30,000 industrial computers inside Iran following those exact fears. The targeted systems that the worm is designed to infect are Siemens SCADA systems. Talking heads are speculating that the worm is too complex for an individual or group, causing blame to be placed on Israel or even the United States — although the US official claims they do not know the origin of the virus. Iran claims it did not infect or place any risk to the new nuclear reactor in Bushehr, which experts are suspecting was the ultimate target of the worm."
Re:strange conclusion. (Score:5, Insightful)
There's no shortage of reasons for hackers to want access to data (classified or otherwise) really really badly.
You just need to get the hollywood fabricated ideas about teams of small teams of omnipotent superhacker "gods" out of your mind, because they don't exist.
Re:strange conclusion. (Score:3, Insightful)
no, of course they aren't omnipotent gods, but on the other hand you don't need to be a god to cause serious damage to human beings. you just need to be intelligent; properly specialized; and oddly motivated. fortunately, the old "pick two of three" rule seems to apply here. :)
I do personally know some security professionals whom I suspect would have a pretty good shot at something like this, if they were both unethical and had a little bit of inside knowledge.
admittedly, most of what i know about US gov't cybersecurity is what i read on slashdot which tends to be negative. so i am biased there. still, it's a bit hasty to assign credit to a state. small groups of the right people could get a lot done. i mean, all you need is the information; this isn't the manhattan project.
Leaps of logic (Score:5, Insightful)
I have a hard time taking it seriously that a "Nation State" is the most likely source of the infection and I have an even harder time that it is the Untited States behind it. Siemens is a huge (German) manufaturer of control systems, their equipment is installed throughout the industrialized world. The Bushehr reactor is being built with help from Russia but I am sure there are engineers from many different countries involved (notably absent would be Israel and the U.S.). These engineers should include people responsible for the security of both the Windows and the Siemens systems.
I would argue that these engineers are the likely source of the information used to create the 'worm'. They have to be. Nobody else should have the information available to them to program the specific scenero to meet all of the inputs required to cause the mayhem the worm is intended to cause.
Perhaps over a couple of beers they decided they didn't like some of the things they were seeing? Maybe they wrote the worm or maybe they just provided the information to the people that did. But either way, it reeks of being an inside job.
Re:Not so bad of a result (Score:5, Insightful)
Must be reading that line wrong (Score:5, Insightful)
"Talking heads are speculating that the worm is too complex for an individual or group, causing blame to be placed on Israel or even the United States "
How does "too complex for an individual or group" equate to "must be Israel or the United States"? I hope I'm reading this wrong.
Otherwise I might have to troll about "German companies blaming the US and the Jews for everything" or something.
Re:Not so bad of a result (Score:5, Insightful)
When is israel going to have weapon inspectors and give them up?
When Israel signs the Nuclear Non-Proliferation Treaty.
Re:Not so bad of a result (Score:2, Insightful)
Re:Email titled "Death To America!" (Score:5, Insightful)
Yep, this is the part that's so funny to me. Iran is so anti-America, Ahmadinejad is spouting conspiracy theories at the UN saying the US orchestrated 9/11, but then they're trusting Microsoft Windows (an American product known for security problems) to run their industrial computers? How stupid can you get?
The Chinese are the complete opposite of these buffoons. They know that relying on another country's secret, proprietary software is foolhardy, so they've adopted Linux for governmental uses and have even developed their own Linux distro, Red Flag. Maybe it can't run all the latest applications or whatever, but trusting a product made by your enemy to run your country's infrastructure is just dumb.
Re:Leaps of logic (Score:5, Insightful)
Re:If groups of hackers in Iran and China (Score:1, Insightful)
"then what is this?"
Iran being stupid and buying the bulk of their equipment from a short list of companies corrupt and unethical enough to sell their wares to that country. Then that equipment gets targetted because of their asinine behavior.
Certainly not what you want others to believe. There is no clear evidence, unlike attacks from North Korea and China.
Obviously, lack of information allows absolute speculation to run rampant for some people. It shows your fears, loathing, and hate.
It's not as if systems in the US and elsewhere are immune. Iran simply has limited choice in their equipment supply, so they are getting hammered more by a virus written for and targetting those systems. Other similar systems are being hit elsewhere. Iran just is getting a bulk of it because they don't use much else. The computer equivalent of a monocrop..
Re:and why would that be a problem, exactly? (Score:1, Insightful)
We've got many, many quotes from the Iranian leaders (many of them) which are along the lines of:
Citation please, along with the actual non-paraphrased quotes.
If people do conclude this was a US/Israel attack, they should take it as an indication to everyone watching that the US and Israel are not bloodthirsty.
Right. That works so long as you are willing to ignore all the examples of war crimes and atrocities committed by both of them.
Re:strange conclusion. (Score:5, Insightful)
The stuxnet team is most likely the product of a large intelligence department. That is to say a group effort from a nation state, not some independent hacking gods with nothing better to do.
The point is that expertise in scada, coming up with 4 zero days, getting 2 signed driver keys from JMicron and Realtek, and distributing the exploit without the internet to Iranian factories is not something a non-state can do.
Re:Not so bad of a result (Score:5, Insightful)
You mean the Israeli settlers in East Jerusalem and the West Bank?
Re:strange conclusion. (Score:5, Insightful)
Uhh, you're missing the GP's point. It's HIGHLY doubtful a small group of scruffy super smart hackers a la Angeline Jolie and friends in "Hackers" created this virus. Given the complexity you point out (and by the way, you missed a very important point - stuxnet utilizes stolen encryption keys from TWO Tiawanese chip manufacturers), it's much more likely that a large, coordinated government or corporate organization that was able to assemble experts from many different fields was behind the attacks.
Re:Not so bad of a result (Score:1, Insightful)
And considering Israel's history of attacking and occupying its neighbours and shooting rockets at residential buildings, suppressing all criticism with accusations of antisemitism, and likely being the initiators of this virus, who can blame Iran?
I wouldn't want Israel to be next door to me either; would you?
Re:Not so bad of a result (Score:5, Insightful)
Re:and why would that be a problem, exactly? (Score:1, Insightful)
There is a tendency. Certain countries committing atrocities end up labeled bloodthirsty, fanatic, aggressor, evil. Another specific set of countries committing atrocities end up being excused like: "they did it for the greater good", "justified self-defense", "reducing further damage", "preventing world war III", "protecting democracy".
Re:Not so bad of a result (Score:5, Insightful)
How often have surrounding Arab states invaded Israel?
How often has Israel invaded surrounding Arab states?
Historical records do not agree with your statements.
Re:Not so bad of a result (Score:2, Insightful)
Israel is not a good neighbour - but their actions are not unprovoked. They have to live with a seemingly endless stream of rockets being fired into their own residential areas over the border, frequent attempts at suicide or car-bomb attacks, and neighbours who routinely say that all jews should be exterminated. Given the circumstances, you can't really blame them for reacting so strongly.
Re:Must be reading that line wrong (Score:0, Insightful)
i had a shave this morning with occam's razor. and it told me the fucking jews did it.
Re:Leaps of logic (Score:5, Insightful)
You've completely ignored idealism here. The U.S and Israel are not the only governments with an interest to destabilize the Iranian government. I can see Russia, China, and Jordan having an interest as governments to destabilize Iran, especially, when the U.S and Israel are such convenient scapegoats. Perhaps, even just causing the U.S and Israel some problems would be the end goal of the whole project.
Keep in mind that opportunity costs only matter to criminal organizations... and governments. Criminal organizations would be concerned with lost profit, while governments are concerned with losing an attack vector.
What about the idealism? Out of all of the engineers that have worked on that equipment in Iran, NONE of them had any idealism or conflicts with the Iranian government?
Burning a huge opportunity cost to sabotage a nuclear reactor in Iran certainly sounds like something an idealistic group of "terrorists" would do to stop the Iranian government from becoming a nuclear power.
Note I keep saying Iranian government. There are millions of young people in Iran right now, some of them fairly well educated, sophisticated, and access to funding, that don't consider themselves on board with the current Iranian leaders.
We can speculate all day who really might have done this, but we can't rule out home grown terrorism here either.
Re:strange conclusion. (Score:3, Insightful)
MB for complexity? What the fuck? That's like GHz for speed -- there is relation only when you restrict the scenario (e.g. 100% ASM). Apparently you haven't seen any 64KB demos, or 10MB STL+Boost* HelloWorld programs.
* This remark is a detraction of programmer inefficiency, not C++/STL/Boost. It doesn't occur when they are used correctly.
Re:Not so bad of a result (Score:2, Insightful)
He didn't say he wanted to wipe Israel off the map. That was a clumsy translation that has been frequently pointed out as such, but it seems some people just don't want to listen.
The rest of your bullshit is just childish.
Re:strange conclusion. (Score:4, Insightful)
I agree. Stuxnet, and who knows what will follow it, are similar to the USA Skunkworks that managed to develop and deploy the SR-71 Blackbird in complete secrecy, or before that the Manhattan Project in the USA, and the Enigma work done in Great Britain.
We have a new player on the world stage, and data security is never going to be the same again. Actually we probably have more than one new player, since there are a probably a dozen countries that are capable of doing this kind of thing. And quite possibly they've been around for a long time, hiding behind spammer botnet facades, etc. I find it suspicious that while spammer botnets are supposed to be making their fortunes by selling advertising, there has never been a serious effort to go after the companies that are apparently buying these services. I wonder how many distributors of v14gRuh there really are, and how many are virtual fronts for information gathering and disinformation distribution activities?
Hmm. I prolly read too much Philip K Dick in a younger day.
Re:Leaps of logic (Score:3, Insightful)
Re:Not so bad of a result (Score:2, Insightful)