Forgot your password?
typodupeerror
Security Worms The Military Technology

Stuxnet Was Designed To Subtly Interfere With Uranium Enrichment 334

Posted by Soulskill
from the well-thank-god-it-didn't-infect-my-pc dept.
ceswiedler writes "Wired is reporting that the Stuxnet worm was apparently designed to subtly interfere with uranium enrichment by periodically speeding or slowing specific frequency converter drives spinning between 807Hz and 1210Hz. The goal was not to cause a major malfunction (which would be quickly noticed), but rather to degrade the quality of the enriched uranium to the point where much of it wouldn't be useful in atomic weapons. Statistics from 2009 show that the number of enriched centrifuges operational in Iran mysteriously declined from about 4,700 to about 3,900 at around the time the worm was spreading in Iran."
This discussion has been archived. No new comments can be posted.

Stuxnet Was Designed To Subtly Interfere With Uranium Enrichment

Comments Filter:
  • by Anonymous Coward on Tuesday November 16, 2010 @06:12AM (#34240134)

    ..is that you leave one hell of a forensic trail, and so lose the inevitable propaganda war that follows your activities....

    Having said that, I still welcome our variable but rapidly spinning overlords...

    • by alphatel (1450715) *
    • by drinkypoo (153816)

      ..is that you leave one hell of a forensic trail, and so lose the inevitable propaganda war that follows your activities....

      That's not a drawback, it's an opportunity. You make it look like it was someone else, and then you win.

    • What are you talking about? The problem with computer network attacks is that they don't leave much usable evidence; or at least we have no ways of using the evidence they leave. It's often referred to as the attribution problem.

  • by Chrisq (894406) on Tuesday November 16, 2010 @06:17AM (#34240158)
    Well that just leaves one question: Was it the Jews or the Yanks?
    • by Skrapion (955066)

      Was it the Jews or the Yanks?

      Clearly it's the answer to the Manhattan Project: it's called the Lower East Side Project?

    • by Trepidity (597) <.delirium-slashdot. .at. .hackish.org.> on Tuesday November 16, 2010 @06:55AM (#34240316)

      They're ideologically opposed to enrichment.

    • by Malc (1751)

      Or was it one of their competitors trying to stir the pot?

    • by kestasjk (933987) * on Tuesday November 16, 2010 @09:29AM (#34240968) Homepage
      • It contains code written in Visual Studio 2005 and 2008, compiled long times apart.
      • It required the theft of two digital certificates from offices of electronics manufacturers in Korea.
      • It would have needed a lot of expertise on a very particular type of industrial controller.
      • It is found most widely in Iran, and has countdown timer to reduce the spread of infected machines, so was probably launched there (and I can't imagine it's easy to hop over on a plane from Israel to drop off a bunch of infected thumbdrives in Iranian offices)

      On the other hand the project name was apparently "myrtus", an east-Mediterranean flower, and a hard-coded value for the disable-flag was the date of an atrocity Iranians perpetrated against some Jews (I can't remember the details off-hand, but it's all in Symantec's fascinating report)

      It's all totally speculative of course, and probably the least technically interesting thing about this worm is the question of the author. But even besides that the effort and diverse skillsets that must have gone into this thing I feel somehow diminishes the importance of asking "was it country A or B?"


      If you think the only question left is was it Yanks or Jews here's a couple that I would raise:
      Is there a lesson here about putting too much faith in signed drivers? How about asking what SCADA systems closer to home might be vulnerable? If this thing hadn't been so picky about which controllers it altered what could it have done?

  • This story (Score:5, Funny)

    by Anonymous Coward on Tuesday November 16, 2010 @06:26AM (#34240206)

    This story made my head spin. Slowly at first, but then faster, than slower again.

  • by viralMeme (1461143) on Tuesday November 16, 2010 @06:49AM (#34240284)
    What do these frequency converter drives actually do in relation to uranium enrichment?
    • by dattaway (3088) * on Tuesday November 16, 2010 @07:01AM (#34240334) Homepage Journal

      AC motors require these drives to get their speed. 60Hz would be about 1800 or 3600 rpm, depending how its wound. Most industrial drives can be programmed for 400Hz, which will spin the armature quite fast. Enrichment is like spinning glassware on a dentist's drill. Those frequencies at that high of voltage (480 volts typical) has a very high switching rate that requires exotic transistor designs. Given that these controllers aren't very common, say for a juice mixer, they can be tracked and sabotaged by the distributor quite easily.

    • Re: (Score:3, Informative)

      by jeyk (570728)
      They control the speed of the centrifuges that extract the enriched uranium. From TFA:

      Stuxnet targets specific frequency converter drives — power supplies that are used to control the speed of a device, such as a motor.

      [...] the centrifuges need to spin at a precise speed for long periods of time in order to extract the pure uranium. If those centrifuges stop to spin at that high speed, then it can disrupt the process of isolating the heavier isotopes in those centrifuges . . . and the final grade of uranium you would get out would be a lower quality.

  • by johncadengo (940343) on Tuesday November 16, 2010 @06:50AM (#34240292) Homepage

    Can't wait for the movie adaptation. I heard they got a book in the works too???

    • by Ihmhi (1206036) <i_have_mental_health_issues@yahoo.com> on Tuesday November 16, 2010 @07:26AM (#34240412)

      Hackers 4: One Half-Life To Live

      Starring Shia LeBeouf, Robert Pattinson, Michael Cera, Nicole "Snooki" Polizzi, and Megan Fox

    • by kestasjk (933987) *
      Yeah; a bunch of software developers and reverse engineers working in an office on a worm for a few months, then they launch it (probably by scattering a few USB dongles around or something), it spreads to Iran and reduces their enrichment capacity before they start slowly clearing up the mess, allowing another year of tedious negotiations in the UN. It'll be huge.
      • by kestasjk (933987) *
        Seriously though from a technical standpoint it is fascinating, but it is heart wrenching to come to slashdot and just see "hmm I think Botswana did it!! they use coal and see nuclear as a threat" "no no no it was yugoslavian seperatists!!"
  • by Viol8 (599362) on Tuesday November 16, 2010 @07:28AM (#34240420)

    ... the emergence of this type of worm or the fact that a consumer OS as security poor as Windows is being used in nuclear plants. And no, I don't think Linux or OS/X would be much of an improvement. OpenBSD maybe. But surely for operations such as this where a fault really could lead to numerous people dying in unpleasent ways a tested, secure real time OS from somewhere like Green Hills would be used? OK , in Iran I realise this wouldn't be possible but Windows isn't just used over there in important industrial applications.

    You wouldn't want Windows (or Linux or OS/X) flying your Airbus so why the hell do people think its ok to run indistrial sites with it??

    • by vegiVamp (518171)

      I seem to recall we have DOS flying space shuttles.

      • by Viol8 (599362)

        I don't know if thats true or not, but astronauts are fully aware of the risks they're taking when they sign up. People who live within a few miles of a high risk industrial or nuclear plant didn't sign up for anything.

      • Re: (Score:3, Informative)

        by AJWM (19027)

        I seem to recall we have DOS flying space shuttles.

        Then you recall wrongly. The Shuttle flight computers have their own OS (actually two of them; the fifth of the five parallel computers runs a totally different software set, as an emergency backup in case of a systemic software problem with the main four). The machine architecture isn't compatible with what most people think of as DOS. (It might be a DOS, but it sure isn't MS-DOS or DOS/360 or any of the other off-the-shelf disc operating systems that h

  • ....is how Shai Hulud was born.

  • well (Score:3, Insightful)

    by Charliemopps (1157495) on Tuesday November 16, 2010 @07:56AM (#34240514)
    hey, it's better than an invasion right? I'm sure Symantec are happy with themselves discovering this, but I hope the realize that if Iran hadn't already figured it out, Symantec just informed them, and brought them a little closer to getting the shit bombed out of them by either the US or Israel.
  • More details (Score:5, Informative)

    by jimmyswimmy (749153) on Tuesday November 16, 2010 @08:19AM (#34240608)
    There's a lot more detail in the symantec virus "dossier" [symantec.com]. A very interesting and detailed read.
  • by voss (52565) on Tuesday November 16, 2010 @10:03AM (#34241274)

    It cost no lives, it significantly slowed down a fanatical dictators quest for the nuclear bomb and didnt require military action,
    the sacrifice of american troops or billions of dollars spent.

"Irrationality is the square root of all evil" -- Douglas Hofstadter

Working...