Stuxnet Virus Now Biggest Threat To Industry 254
digitaldc writes "A malicious computer attack that appears to target Iran's nuclear plants can be modified to wreak havoc on industrial control systems around the world, and represents the most dire cyberthreat known to industry, government officials and experts said Wednesday. They warned that industries are becoming increasingly vulnerable to the so-called Stuxnet worm as they merge networks and computer systems to increase efficiency. The growing danger, said lawmakers, makes it imperative that Congress move on legislation that would expand government controls and set requirements to make systems safer."
Re:Funny how the answer is always more government (Score:3, Interesting)
Even liberals agree, this is dumb. (Score:5, Interesting)
A fair number of people have labeled me a socialist, and even I can see that this is nothing more than a blatent attempt at a power grab by the federal government, and profiteering by Symantec.
Dean Turner, director of the Global Intelligence Network at Symantec Corp., told the Senate Homeland Security and Governmental Affairs Committee that the "real-world implications of Stuxnet are beyond any threat we have seen in the past."
So we're having people who stand to gain more power over their country men making a decision about taking that power, receiving testimony about the threat from the company that stands to profit the most by their decision to take the power. Yeah, that's not a recipe for a horrendous outcome.
-Rick
Re:Funny how the answer is always more government (Score:2, Interesting)
It's been said that one of the (many) reasons the Soviet Union collapsed was because of the spending on military hardware to keep up with the US - their economy just couldn't support it.
The US has no real reason, at least at this time, to spend billions and billions of hardware BUT security is another matter.
We're so paranoid, that we're searching each other to make sure that our neighbors aren't a threat - "They could be!" is the cry from the peanut gallery and politically connected businessmen who want to bleed the American taxpayer to line their own pockets.
Now we have this virus that will attack our NUCLEAR installations. GASP! It's NUCLEAR!!! Everybody panic. We need to do something!!!
Along will come politicians and businessman with a solution. Hundreds of billions of dollars will be spent on "protecting" us from this "threat".
Another threat will come. And another. And another. And hundreds of billions of dollars will be spent on each.
In the meantime, the Fed is "Quantitatively Easing" (*snicker*) our currency. We're running huge deficits.
We're considered to be Imperialistic by most of the World - OK, all of the World except for ourselves. And one of the best ways to take out a superior force is to have them take themselves out.
To quote from "Blade Runner" - "We are stupid."
Didn't our government launch that virus? (Score:3, Interesting)
So the US government launches a cyber attack aimed at Iran's nuclear production and now the government wants to protect us from cyberthreats?
Where have I heard that before? Oh, yeah! We woulds hate to see bad tings happen to yas.
Besides taking naked pictures of you at the airport, now the government will be infiltrating your office network to protect you. Boy, I feel so much safer now.
Re:The solution (Score:3, Interesting)
Simple answer for a not so simple problem.
Back in the old days people used systems like the PDP-11 and VAX for things like this. Problem was they cost a lot of money and someday the are out of production.
A good while back people started to use PCs and DOS. That was cheaper but even those are not out of prodcution. Believe it or not there are companies still making PDP-11, VAX, and even DOS/ISA bussed systems today!
Your company may depend on using a very expensive machine that uses and ISA buss card to interface to a DOS program.
So to solve that problem they have gone to TCP/IP and network connections. And I bet in 20 years somebody will be looking for a hub that supports 10-Base-T!
So now we are using COTS hardware and TCP/IP or maybe ican ir even IEE-488 but with now instead of a VAX or PDP-11 we have a PC.
Okay. so the problem is how do you get data on and off the PC. Do you use a network connection? In some places they do.
Or do you use USB "That is how Stuxnet spread"
Or what?
The way this worm probably spread was by infecting connected machines in the plant and then spreading by USB drive to none connected secure machines.
While it did use Widows exploits that doesn't mean that it couldn't have used exploits in Linux, AIX, OpenBSD, OS/X or any other OS. I do not think that any OS is exploit free.
I can think of a few methods that I would use to make any system of this time more secure.
1. Remove all certs from the controlling machine except for a private one. Then require all software updates be signed with that internal certificate. That would make the stolen certs useless.
2. A USB firewall system. This would be an unconnected system that isn't running Windows or what ever OS the controller console and or connected systems are running. Say your controller console is running Linux and your connected systems are running Windows. The firewall system could run OpenVMS or OpenBSD. This firewall systems only function would copy files from one drive to the other. It only copy specific types of files. Thinks like symbolic links, soft links, and hard links would never be copied.
3. Final firewall for the USB could be that you never put the USB drive into the system. Maybe you copy all data files and updates to the controller console via an RS-232 connection using kermit.
That way you would be sure only the data files you want would be copied.
Those steps would probably have stopped Stuxnet in its tracks but what about the next one?
If you use the system I suggest I am sure that somebody smarter than I am would find a way around it.
Re:We should thank Israel, or whoever (Score:2, Interesting)
all Siemens PLC's (programmable logic controllers) have a hard-coded password
A Siemens PLC has no such hard coded password. In fact, if the plants in question had activated the write protection options provided by Siemens PLC's, then there would have been no way for the worm to change the PLC code (without the worm knowing the plants' password). Any manufacturer's PLC would have been vulnerable in the same way, if the customer didn't make use of the security features provided.
The password confusion is related to a vulnerability in the WinCC visualization/operator software, which runs on a Windows computer, and communicates with a MSSQL database. It is the database password that is fixed in the Siemens software, and there has been a team created to address this, and other potential security concerns.
Re:We should thank Israel, or whoever (Score:3, Interesting)
Our science program and space program and, well, every program that produces something - roll all of them together and it's still peanuts. Social Security, Medicare, the precription drug progam, and government pensions will fail - it's not an "if" any more, but a "when". In order to meet the obligations we have made in these areas we would need to collect an additional one million dollars per taxpayer over current tax levels. It's not about whether you're for it or against it on principle, the money just isn't there. We can face reality and find a way to exit gracefully while providing for those who counted on the promises that were made, or we can ignore reality until the whole thing implodes.
But that wasn't my point at all. My point was the we need less government intrusiveness into daily life. When the government starts fondling children we've simply gone to far.
Re:We should thank Israel, or whoever (Score:2, Interesting)
From a post of yours further above, I don't think we can "just as easily decide that enough is too much" any longer in this country, because maybe about two thirds of us are actually cool with more govt. control of things. I'd say about half of those have been duped, but the other half are the dupers. And about half of the latter group are prolly actively trying to implode the system, considering it too immoral to salvage even for transformation.