Did Stuxnet Take Out 1,000 Centrifuges At Natanz? 189
AffidavitDonda writes "In late 2009 or early 2010, Iran decommissioned and replaced about 1,000 IR-1 centrifuges in the Fuel Enrichment Plant (FEP) at Natanz, implying that these centrifuges broke. Iran's IR-1 centrifuges often break, yet this level of breakage exceeded expectations and occurred during an extended period of relatively poor centrifuge performance. Although Iran has not admitted that Stuxnet attacked the Natanz centrifuge plant, it has acknowledged that its nuclear sites were subject to cyber attacks."
Re:Maybe we will know in the future. (Score:4, Insightful)
On the one hand, hardening specific systems against electronic infiltration is probably(especially if you are willing to put up with hassles) easier and cheaper than burying them in sealed bunkers under entire mountains and other nuclear defense stuff.
On the other, it is overwhelmingly easier for just about anybody to launch petty, nibbling attacks against soft targets with minimal fear of reprisal, or even identification. A lot of such attacks even pay for themselves. The industry of nigerian scammers, spammers, PIN skimmers, etc. launches millions of such a year, some percentage of which net serious rewards, and only a trickle ever get caught. And that is largely a non-ideological private sector game. Once state actors, or ideologically driven non-state actors step up to the table, and start hitting similarly soft, but not necessarily profitable, targets, you have problems...
Re:Would Windows Security Essentials have protecte (Score:4, Insightful)
Did the centrifuges break -or the controllers? (Score:5, Insightful)
My take on this story was that the Siemens controllers were the problem. The centrifuges quit working right because the controllers went nuts, and then the controllers were careful to hide their defect.
So if Iran examined the controllers and centrifuges and figured (wrongly) that the centrifuges were the problem and replaced them, wouldn't the controllers just wreck the new ones as well? And if so, wouldn't that cause Iran to spend a lot of time replacing centrifuges again and again? It seems like that could account for some of the buying.
And of course, once the actual problem is figured out, then you need to replace the controllers and probably the centrifuges that got broken the second or third time around, and of course figure out how to keep the whole thing from happening again. Sure, you can replace the rogue controllers but how did they go bad to start with? If you don't know, this could cause a lot of extreme paranoia.
How Iran actually reacted is not clear to me, but I know what would happen if this occurred in a US factory.
If a machine broke, you'd replace the machine. If it broke again, you'd replace it again and start getting mad. If it broke again, then maybe you'd look at the controller. If it tests OK -and why would it lie to you- then you replace the centrifuge again. Etc. It might take a relatively long time to figure out that the controller is actually the problem AND that it was deliberately being subtle about it to avoid detection. The assumption with machines is that they don't lie to you. If they are good or bad, generally they will be straightforward to sort out via testing or diags.
So to start with, you have to accept the concept that yes, they can lie, before the source of the problem can begin to be understood much less dealt with.