Forgot your password?
typodupeerror
Security Worms The Military Technology

Stuxnet Was Designed To Subtly Interfere With Uranium Enrichment 334

Posted by Soulskill
from the well-thank-god-it-didn't-infect-my-pc dept.
ceswiedler writes "Wired is reporting that the Stuxnet worm was apparently designed to subtly interfere with uranium enrichment by periodically speeding or slowing specific frequency converter drives spinning between 807Hz and 1210Hz. The goal was not to cause a major malfunction (which would be quickly noticed), but rather to degrade the quality of the enriched uranium to the point where much of it wouldn't be useful in atomic weapons. Statistics from 2009 show that the number of enriched centrifuges operational in Iran mysteriously declined from about 4,700 to about 3,900 at around the time the worm was spreading in Iran."
This discussion has been archived. No new comments can be posted.

Stuxnet Was Designed To Subtly Interfere With Uranium Enrichment

Comments Filter:
  • by Anonymous Coward on Tuesday November 16, 2010 @06:12AM (#34240134)

    ..is that you leave one hell of a forensic trail, and so lose the inevitable propaganda war that follows your activities....

    Having said that, I still welcome our variable but rapidly spinning overlords...

  • by Chrisq (894406) on Tuesday November 16, 2010 @06:17AM (#34240158)
    Well that just leaves one question: Was it the Jews or the Yanks?
  • by Anonymous Coward on Tuesday November 16, 2010 @06:20AM (#34240176)

    Who cares? At least this kind of thing is bloodless. Not like a country which says it's neighbor has no right to exist and then goes and builds nukes...

  • by Chrisq (894406) on Tuesday November 16, 2010 @06:20AM (#34240178)

    There are only two nations with the resources, will, and motive to attack Iran's nuclear ambitions in this way: America and Israel.

    It figures that hegemony would lead either state to such an antagonistic stance.

    While I agree that they are teh most likely candidates, I think Russia and China would be quite capable of doing this too if they turned their mind to it. Probably the UK, France, Gremany and maybe India. All have both nuclear and computer technology

  • BS (Score:1, Insightful)

    by Anonymous Coward on Tuesday November 16, 2010 @06:21AM (#34240184)

    I disagree. It is obvious that America and Israel have the motive, so I think others are taking advantage of this situation.It could be the Russians trying to trigger another arms race in the area... They do have a good track record with malware right?

  • by silanea (1241518) on Tuesday November 16, 2010 @06:22AM (#34240194)

    I would not rule out Russia or China. Both have no interest in a strong Iran but every interest in an Iran that appears strong, since this ties and diverts US and Israeli attention and resources. It also sets a "benchmark" of aggression; as long as esp. China is less of a threat that Iran it can get away with quite a lot, barely noticed. A perceived Iranian nuclear threat can then also serve as justification for building missile defense systems and implementing other military measures that would previously have set off tensions with the Western nuclear powers.

    A simple case of cui bono?.

  • by azalin (67640) on Tuesday November 16, 2010 @06:25AM (#34240204)

    Nice idea though. The implementation on the other hand is as stupid and short sighted as can possibly be.

  • by mikael_j (106439) on Tuesday November 16, 2010 @06:44AM (#34240260)

    I'm pretty sure there are others that have the capability as well.

  • by azalin (67640) on Tuesday November 16, 2010 @06:45AM (#34240264)

    Either make sure it doesn't spread to place where people would notice or have so many possibly targets it can't be traced to one specific mission.

  • by Yvanhoe (564877) on Tuesday November 16, 2010 @06:46AM (#34240274) Journal
    Don't make me laugh. It does take a budget to launch such an attack, but a small one, probably in the 500k - 1M range (2 zero day to buy and one stolen certificate + a few days of development). There are thousands of organizations with that much resources, and Iran isn't loved by many people.
  • by Anonymous Coward on Tuesday November 16, 2010 @06:51AM (#34240304)

    What would've you done differently?

    I don't know what the OP would have done differently. But the virus writers should have taken into account Stuxnet breaking out into the wild, given the bad situation with Windows and security (expecially in the industrial context, sadly).

    So assuming they didn't want the ting to be discovered, a better decoupling between vector (the Windows infecting component) and payload (the SCADA manipulating part) would have been prudent.

    Maybe they didn't mind being discovered (or maybe being discovered is part of the plan).

  • by Chrisq (894406) on Tuesday November 16, 2010 @06:52AM (#34240308)

    Is there any proof that the virus indeed runs on the facility? Is there any proof that the nuclear incident really did take place? Is there any proof that the number of operational centrifuges really went down (as opposed to e.g. bringing the "defect" centrifuges to a secret place, so even if the original place was physically attacked, they could continue with enrichment)?

    Maybe it was the Iranian intelligence which created StuxNet (and in that case probably also a special protection system making sure it never hits its "target") in order to make everyone in the world think they are far behind in their nuclear program (and to have a plausible explanation for the reduction of operational centrifuges, so no one gets the idea to look for them elsewhere)?

    And maybe George Bush ordered the 9/11 attacks...

  • by ledow (319597) on Tuesday November 16, 2010 @07:14AM (#34240370) Homepage

    Thank God, if it keeps Daniel Craig off the screen. I think I'd much rather we spent our money on viruses than an actor so wooden that he must worry about termites.

  • by dpilot (134227) on Tuesday November 16, 2010 @07:23AM (#34240402) Homepage Journal

    It's equally likely neither Russia nor China would be very happy to see a nuclear Iran, but not want to be visibly seen discouraging them on the international stage. Stuxnet, lets either of them slow Iran's nuclear program, test a new concept of warfare, and leave the US and Israel holding the bad as "most likely." For them it's a win-win-win. Beyond that, intelligence orgainizations in the West now have a small taste of what someone else can do. It's going to keep the West in knots for a few years, hardening against "the last threat," while they've got the next threat now, and are working on the one beyond that.

  • by Viol8 (599362) on Tuesday November 16, 2010 @07:28AM (#34240420)

    ... the emergence of this type of worm or the fact that a consumer OS as security poor as Windows is being used in nuclear plants. And no, I don't think Linux or OS/X would be much of an improvement. OpenBSD maybe. But surely for operations such as this where a fault really could lead to numerous people dying in unpleasent ways a tested, secure real time OS from somewhere like Green Hills would be used? OK , in Iran I realise this wouldn't be possible but Windows isn't just used over there in important industrial applications.

    You wouldn't want Windows (or Linux or OS/X) flying your Airbus so why the hell do people think its ok to run indistrial sites with it??

  • by peragrin (659227) on Tuesday November 16, 2010 @07:31AM (#34240436)

    Actually I would suspect Russia. They are the ones who loses out selling iran nuclear fuel when iran produces it's own.

    Combine that with the fact that someone had to get detailed information about what hardware was present at those plants and the USA, isn't really welcomed there. Don't forget that Russia has lots of hackers, and whomever just test fired a weaponized hack.

  • by kestasjk (933987) * on Tuesday November 16, 2010 @07:36AM (#34240450) Homepage
    1) You can't write a virus that will spread only along the specific route that leads to a target, and even if you could that doesn't guarantee it wouldn't get noticed.

    2) You can't write a virus that targets so many industrial systems that the one you're really targeting gets lost among the others, for economical, ethical and practical reasons.

    3) Why would they care about the public finding out? They were very careful to make sure it wasn't found for as long as possible, but once the Iranians know about it why would they care who else knows about it?
  • well (Score:3, Insightful)

    by Charliemopps (1157495) on Tuesday November 16, 2010 @07:56AM (#34240514)
    hey, it's better than an invasion right? I'm sure Symantec are happy with themselves discovering this, but I hope the realize that if Iran hadn't already figured it out, Symantec just informed them, and brought them a little closer to getting the shit bombed out of them by either the US or Israel.
  • Re:Loudmouths (Score:4, Insightful)

    by oji-sama (1151023) on Tuesday November 16, 2010 @08:01AM (#34240548)

    I would think that Iranians would have noticed their Nuclear chief's resignation (and the possible nuclear incident) themselves.

  • by kestasjk (933987) * on Tuesday November 16, 2010 @08:04AM (#34240562) Homepage

    I would not rule out Russia or China. Both have no interest in a strong Iran but every interest in an Iran that appears strong, since this ties and diverts US and Israeli attention and resources. It also sets a "benchmark" of aggression; as long as esp. China is less of a threat that Iran it can get away with quite a lot, barely noticed. A perceived Iranian nuclear threat can then also serve as justification for building missile defense systems and implementing other military measures that would previously have set off tensions with the Western nuclear powers.

    A simple case of cui bono?.

    Ugh.. This assumes that

    • Intelligence agencies will ignore other superpowers because they are distracted by Iran,
    • That continuing to enrich uranium is somehow more aggressive than ships sunk by North Korea, hostages taken by Somalian pirates, economic wars by China over a prisoner taken by Japan from a disputed island, etc, etc, etc
    • That Russia or China are smart enough to set this intricate double-trap just so that they can raise the "benchmark of aggression" but that other powers aren't smart enough to just continue to monitor other powers as always,
    • That China and Russia are secretly using Iran as a reason to build controversial missile defense systems when until recently that's exactly what the US was going do openly,
    • And that by launching this attack they are somehow keeping Iran weak while it still looks strong, when Iran's enrichment facilities are the subject of such intense scrutiny that when the attack occurred the "weakening" of Iran was apparent long before anyone in the public even knew of the attack

    I am just at a loss.. It really is like each response after the next is competing to think of a more convoluted, absurd way that someone you don't suspect could be involved in it.
    I fully expect to scroll down and see some justification for why it's internal industrial sabotage of one Siemens subdivision versus another, or Iran launching it against themselves to get international sympathy.

  • by OeLeWaPpErKe (412765) on Tuesday November 16, 2010 @08:22AM (#34240628) Homepage

    The sad thing is just about every country has the resources to do this. Siemens is based in Belgium too, so why couldn't it be Belgium ? I wonder what kinds of problems even a country like Luxenbourg would encounter in doing this. All it takes is budget, hiring a few capable Siemens engineers and throwing a few millions at it. Hell, a lot of publicly traded companies could do this by themselves.

    So at the very least, every single country could do it. It would probably be the easiest to do for Iran itself, having obviously maximum access to the systems to be sabotaged, and then they'd blame the enemy "du jour", mostly America, protestors, or Israel, or women, gays (I forgot: gays don't exist in Iran, except of course on pictures of their execution), or ...

    At the very least, add it to your list of likely candidates : America, Israel, Iran, and all other nations permanently on the security council : China, Russia, France, UK. These countries all have policy that military intervention (even if very low-level at the moment) is justified to prevent Iran from acquiring nuclear weapons. And Iran itself, is genocidally insane and obsessed with their, equally genocidal, religion. Additionally Iran's government is very, very afraid of losing power. So afraid, that they marched several hundred thousand children into minefields to prevent it (google "plastic key to heaven"), just 20 years ago.

    Frankly, more people should sabotage countries like Iran, or all muslim countries in general, for the simple reason that their handling of minorities can only be described as "genocidal". If we are to have any pretense of actually opposing racism, attacking countries with racist laws, and even attacking religions with racist laws, should be standard policy. Of course, for American politicians "racism" is just a meaningless 6-letter word that you shout at whatever political opponents you have to get special treatment for "special" racial groups.

    Say, special treatment depending on race, wasn't that the definition of racism just 10 years back ? It still is, of course, the definition of racism, but now democrats and republicans claim words have no meaning and we should help the "poor victims". Apparently, we should help "them" through becoming more racist.

  • by Anonymous Coward on Tuesday November 16, 2010 @08:24AM (#34240636)

    It is not difficult to understand the words "will or motive". What is difficult is understanding what the motive and will is of every county/faction in the world that is capable of somthing like this. Are you saying you understand the movtive of ecery faction in China?

  • by ScentCone (795499) on Tuesday November 16, 2010 @08:40AM (#34240690)
    It's going to keep the West in knots for a few years, hardening against "the last threat," while they've got the next threat now, and are working on the one beyond that.

    You know, people always say that, but what happens if you don't harden against the last threat? It gets used on you again, that's what. Just because if was the last threat doesn't mean that a bad guy isn't going to contemplate using it, should he see the vulnerability. Just because ID thefts over the internet are a fashionable new crime doesn't mean that locking your door when you leave your house is now pointless.
  • by Combatso (1793216) on Tuesday November 16, 2010 @08:52AM (#34240746)

    someone you don't suspect could be involved in it.

    like the spanish inquis..... nevermind, im above that

  • Re:Loudmouths (Score:2, Insightful)

    by wannabgeek (323414) on Tuesday November 16, 2010 @09:02AM (#34240790) Journal

    we're in an ongoing conflict with some very nasty people.

    Are you talking about Iranians, or Americans? 'cuz I'm sure the Iranians share your thoughts, just in the opposite direction.

  • by Anonymous Coward on Tuesday November 16, 2010 @09:12AM (#34240830)

    "...3) Why would they care about the public finding out? They were very careful to make sure it wasn't found for as long as possible, but once the Iranians know about it why would they care who else knows about it?..."

    Because international affairs are NOT like a Hollywood action film, where the hero blows the villain up in the last 15 minutes of action, and then rides off happily into the sunset with the girl. In real life actions have results. Look at the state the US got into on the international scene when all the stories about deception and torture in Iraq started coming out. Don't you think that the Iranians will present this as an act of war, and use it in every diplomatic conference for the next 20 years?

  • by MacGyver2210 (1053110) on Tuesday November 16, 2010 @09:18AM (#34240864)

    "economic wars by China over a prisoner taken by Japan from a disputed island, etc"

    If you mean Senkaku, they are firmly in Japanese control China can dispute it all they want, but they don't own the islands in any sense.

    Also, the 'prisoner taken by Japan' was the captain of a boat that rammed two Japan Coast Guard ships. In retaliation, China took four hostages for 'trespassing' where there was no posting. Basically, they snatched these four and said "You can't have them back until we get our guy back." They are childish, and couldn't find their collective ass in broad daylight with both hands and a mirror. I do not think for one second that China is capable of something so robust and intricate.

    That leaves pretty much the US or Russia. As Russia is the hacker capital of the world, I would put my money on them. Even the US government is too bumbling to ever get something like this right.

  • by silanea (1241518) on Tuesday November 16, 2010 @09:23AM (#34240900)

    I am just at a loss.. It really is like each response after the next is competing to think of a more convoluted, absurd way that someone you don't suspect could be involved in it.

    I did not say it is likely. I said I would not rule it out. You take it for granted that

    1. Western agencies do not drop their guard and
    2. Western politicians in charge of setting public policy actually listen to those agencies; and
    3. the Russians and/or Chinese believe this, too, and therefore would not undertake such a risky gamble.

    In the case at hand I would consider the most obvious suspects, but not rule out other possibilities. In general I am afraid that you give people too much credit. During the Cold War there were quite some situations that led us to the brink of an all-out atomic O.K. Corral simply because one side did over- or underestimate their opponent's determination, power and level of military intelligence. I recommend Herman Kahn's On Thermonuclear War for an explanation of the issues involved with judging what "the other side" may or may not do.

  • by Amorymeltzer (1213818) on Tuesday November 16, 2010 @09:42AM (#34241052)

    I'm with you 90% of the way but you can't criticize racism yet say we should sabotage "all muslim countries in general", you really can't. Iran may be a dark place, practicing Islam, but Islam didn't make it that way and their flavor isn't representative of the religion as a whole.

  • by kestasjk (933987) * on Tuesday November 16, 2010 @09:43AM (#34241056) Homepage

    "economic wars by China over a prisoner taken by Japan from a disputed island, etc"

    If you mean Senkaku, they are firmly in Japanese control China can dispute it all they want, but they don't own the islands in any sense.

    I didn't say they owned the islands in any sense, I said they are disputed.

    I do not think for one second that China is capable of something so robust and intricate.

    That leaves pretty much the US or Russia. As Russia is the hacker capital of the world, I would put my money on them. Even the US government is too bumbling to ever get something like this right.

    Yes the Chinese aren't robust or intricate, and the US is bumbling, but don't Russians drink vodka?
    And the UK are too gentlemanly, and Africans don't have computers, so that's them out of the equation.

    Damn, who in this world of stereotypes and ignorance could have done it?

  • by khallow (566160) on Tuesday November 16, 2010 @09:49AM (#34241126)

    The others can laugh all they want, but the point of a diplomatic conference is negotiating agreements between parties. If you keep laughing at one of the parties it may well decide not to give you what you want.

    That's ok. They don't get what they want either, plus they'll have lowered their status in everyone else's eyes. And once they've developed nuclear weapons, they'll lose any credibility, if they keep whining about it.

  • by TheKidWho (705796) on Tuesday November 16, 2010 @09:50AM (#34241138)

    Thousands of years of human history say no.

  • by El Torico (732160) on Tuesday November 16, 2010 @09:57AM (#34241206)

    I'm not sure if you're trying to be funny or are just hopelessly naive. You used the phrase "peace in our time" which is very close to what Neville Chamberlain said after allowing Hitler to annex the Sudetenland.

  • by hairyfeet (841228) <bassbeast1968@NOsPAM.gmail.com> on Tuesday November 16, 2010 @10:02AM (#34241256) Journal

    You don't seem to be getting the point dude. i don't care if the things were running Win9X the point is there is supposed to be an AIRGAP which the Iranians didn't bother with. It could have just as easily been an old Linux that hadn't been patched in forever (because the levels of paperwork to approve patches on those kinds of machines I'm sure is immense) or an old System 9 Mac, it don't matter because again it is supposed to be AIRGAPPED.

    An airgap means that there is NO net access and ANY device that is supposed to be brought from the unsafe side to the safe side needs to be treated as hostile and go through several levels of screening if allowed at all. Now from what I understand these machines have online activation (dumb) and have default passwords that can NOT be changed (really dumb) and then on top of that the Iranians didn't bother to securely lock down this attack vector nor get rid of even basic weaknesses like USB ports (super dumb) so trying to blame this clusterfuck of errors on ANY OS when the security team wasn't doing their job is just a waste of breath.

    Hell you could put an unpatched XP RTM as the controller and not have a SINGLE problem if proper airgap procedures are in place. But saying "If they only used X!" with whatever OS, be it real time or off the shelf, ignores the fact this was a highly targeted attack. If they would have used a RTOS I'm sure there would have been attack code written for it because the Iranians simply weren't following good security practices.

  • by voss (52565) on Tuesday November 16, 2010 @10:03AM (#34241274)

    It cost no lives, it significantly slowed down a fanatical dictators quest for the nuclear bomb and didnt require military action,
    the sacrifice of american troops or billions of dollars spent.

  • by Anonymous Coward on Tuesday November 16, 2010 @10:21AM (#34241462)

    Not true. Computer sabotage is inherently anonymous; the victim may be able to tell that sabotage was done, but they are very unlikely to ever find out who was responsible. And in this case, while some are claiming that Israel is the most likely party, there are lots of countries which are just as capable and just as motivated to do it, and no evidence to indicate which it was.

  • by elrous0 (869638) * on Tuesday November 16, 2010 @10:26AM (#34241518)

    Israel has a LOT of enemies outside of Iran, and even the mainstream in a lot of countries distrusts them. This just adds to the list if creepy shit they're willing to do in their little holy war, and it adds more credence to everyone who claims that they willfully ignore the sovereignty of every other country but themselves and completely disregard international law as a matter of course.

  • by mlts (1038732) * on Tuesday November 16, 2010 @11:11AM (#34242004)

    The key here is knowledge. The knowledge to write Stuxnet is extremely hard to get (the holes in operating systems, the ability to jump from Windows to SCADA systems, knowing what speed the uranium was spinning), but this may not be impossible for someone who has a lot of connections, perhaps someone whose family has nuclear process engineers.

    There are a lot of people and organizations who don't like either Iran or Israel, and who would happily eat popcorn as both countries went to war with each other. It could be a guy in someone's basement who gets amusement from it the same way someone gets amusement from cracking root and rm-ing / on a university system.

  • by makomk (752139) on Tuesday November 16, 2010 @11:22AM (#34242136) Journal

    it's hard yes and needs you to have the right connections, but it's hardly something that is much in the way of 'resources' - money or materials isn't the key there.

    The thing is, in this case having the right connections is a big deal. Remember, we're talking about having access to someone inside the ultra-secretive Iranian enrichment program who's willing to leak information that could get them killed. On top of that, you need people inside Realtek and the other hardware company willing to risk going to jail by leaking company secrets or someone able to break into the companies without getting caught.

    Then in order to make use of this, you need some zero-day vulnerabilities in your back pocket - which probably took a lot of resources to acquire - and a smallish team willing to develop the exploit.

    Each of these on its own may not be that tricky, but combine them all in one operation and you've got something that only national intelligence agencies have the resources for. Of course, many of the resources are actually people, but...

  • by dpilot (134227) on Tuesday November 16, 2010 @12:10PM (#34242920) Homepage Journal

    And of course "Russia" is a giant monolithic thing, with a single motivation and mindset. Just like the US, IBM, or Microsoft.

  • by spun (1352) <loverevolutionary@@@yahoo...com> on Tuesday November 16, 2010 @12:19PM (#34243092) Journal

    That is in no way antisemitism. It is a simple statement of fact. It does not say 'all Jews.' It does not ascribe any evil motives to them: they wish to protect their ancestral homeland, nothing wrong with that. It does not claim they control or dominate American politics, or spread any other false and malicious rumors about Jews. Who wouldn't want someone else to pay for their safety? If you can convince someone in an open and free society to pay for your defense, more power to you.

    Just as an interesting aside, do you know why a lot of Christians want to protect Israel? The Jews have to be there on Judgment day. No Jews, no Jesus. And the Jews die. Evangelicals want them there to die and ensure the return of their savior.

    Me, I wish them the Jews the best of luck protecting their country from the assholes surrounding them that wish them nothing but death. The kind of "Oh my God they're coming to get us!" thinking that is ridiculous bullshit when we Americans do it is absolutely true over there.

    But I am DONE paying for it. I am done paying for the world's police force. The world doesn't need that many cops, and someone else can take a turn anyway.

  • by demonlapin (527802) on Tuesday November 16, 2010 @12:49PM (#34243626) Homepage Journal

    do you know why a lot of Christians want to protect Israel? The Jews have to be there on Judgment day. No Jews, no Jesus. And the Jews die. Evangelicals want them there to die and ensure the return of their savior.

    I've seen this bandied about, but it's really not a common viewpoint. I grew up around evangelical Christians. I'm surrounded by them at work. I went to a Christian elementary school that featured more explicit religious instruction than my wife's Catholic elementary school. (For those who know, they used A Beka books - you learn to diagram sentences such as "God does wonderful things for us every day.") And I've never heard that view expressed. I have heard some generic anti-Muslim sentiment - the enemy of my enemy is my friend (and yes, I know where that saying comes from). I've heard that Jews have a covenant with God that predates Christianity - that they are his chosen people, and that as long as they follow the original agreement, they are to be saved. Mostly, they don't think about it much: most typically, they think the Jews are in Israel, they're getting bombed and rocketed by the same crazy people that took the embassy in Iran, and therefore we should (at least) lean toward their side.

Receiving a million dollars tax free will make you feel better than being flat broke and having a stomach ache. -- Dolph Sharp, "I'm O.K., You're Not So Hot"

Working...