Was Russia Behind Stuxnet? 281
An anonymous reader writes "Despite the U.S. and Israel being widely assumed to be responsible for Stuxnet, Russia is the more likely culprit, says U.S. Air Force cyber analyst. The nuclear gangsterism of the past 20 years gives it plenty of motive. Quoting: 'So what better way to maintain Russian interests, and innocence, than to plant a worm with digital U.S.-Israeli fingerprints? After all, Russian scientists and engineers are familiar with the cascading centrifuges whose numbers and configuration – and Siemen’s SCADA PLC controller schematics – they have full access to by virtue of designing the plants. ... the observers of the virus could alert the Iranians before full nuclear catastrophe struck. The Belarusian computer security experts who 'discovered' the code seemingly played that role well. They didn't seem too preoccupied with reverse engineering the malicious code to see what it was designed to do.'"
I live in Russia (Score:5, Interesting)
And it's unlikely the government could be bothered with this elaborate conspiracy, the modus operandi seems to be to take Iranian money and just never finish the projects since off the record Russia doesn't really like Iran anymore than anybody else does. Probably what really happened is that USA or Israel tracked down some Russians working on the project and gave them some giant piles of money in order to do plant some virus they'd made. After this went through a lot of Russian scientists got scared because Iran was interrogating everyone to try and find out who was responsible.
Having said that a lot of people think Iran wont nuke Israel because that'd kill arabs too, or that they're not insane or that USA/Russia has nukes too so it's no different. The main difference is someone like Putin is primarily interested in being a crime boss, he has no inherent desire to wipe some places he doesn't like such as Washington DC off the map. Iran on the other hand does when not slaughtering their own people does foreign policy things that don't really make sense like bombing some Jews in Argentina which had no practical benefit for Iran. They're rather juvenile as can be seen by the way they make their cute little American flag with skulls instead of stars last week. I think it's more likely they'd try to detonate a bomb through the Lebanese border to make things look more ambiguous than launch a traceable missile from Tehran. Yes that'd kill a lot of muslims too, but so did their chaining soldiers together and forcing them to march into gas attacks strategies during the war with Iraq.
Re:Full Nuclear Catastrophe? From a centrifuge? (Score:5, Interesting)
Re:Occam's Razor (Score:5, Interesting)
Well, the NYTimes reports proof that it was tested in Israel [nytimes.com], which makes Russia unlikely.
Comment removed (Score:5, Interesting)
Re:Full Nuclear Catastrophe? From a centrifuge? (Score:4, Interesting)
Except that's not how you do it. If your PLC is controlling vital equipment you A) use a password . B) Have the PLC set so that online (means when the PLC is running) program changes are not allowed and C) run redundant PLCs so if there is ever a switch of code in one of them (by a worm etc.) that PLC is locked out and measures taken. However when controlling a Centrifuge one probably wouldn't use redundant PLCs. When it comes to profibus vs. Profinet I would say that the fieldbus has very little to do with security. Most modern PLCs have an ethernet connection for talking to higher level systems anyways no matter which bus you use at the field level. Also anyone WHO can write a virus for a PLC is capable of buying one of the many different devices for connecting to a Profibus or MPI port of a Siemens PLC. /Industrial-programmer (not in nuclear area)
Why assume a nation-state is behind this? (Score:5, Interesting)
Why assume that nation-states are behind it, and not corporations? A lot of companies would be hard hit if Iran became a threat to stability. Even major defense contractors, who profit from building weapons, would see little upside in a conflict with Iran.
The news and the internet buzz all say that it has to be a government backed thing, but what if it is simpler than that? It is far simpler to imagine that a private concern is behind it. They can pay for the talent. They have as much at stake as any government.
Re:Government responsible says, 'Look, commies'. (Score:4, Interesting)
Your rant is pure demagoguery.
What you seem to disregard is that Iran is now ruled exclusively by a religious leader [wikipedia.org], and that his dog Ahmadinejad doesn't just not get along with Israel, but calls out for the destruction of Israel pretty much any time there's an open microphone nearby. He does so even though Israel has never done anything bad to Iran and the two countries even had strong military relations prior to 1979.
You also forget that Iran spends millions of oil dollars every year funding terrorist organizations whose sole purpose is to harm and kill American and Israeli civilians.
What your last paragraph is basically saying is that it's OK for Iran to destroy Israel (even if we assume that they could), because Christianity is false. Even if Christianity is false, nobody has the right to destroy another country the way Iran wants to destroy Israel.
Re:Government responsible says, 'Look, commies'. (Score:5, Interesting)
An Israelian general claims to have worked on Stuxxnet.
Iran's oil supply is declining (Score:4, Interesting)
http://crudeoilpeak.info/iran-crude-oil-decline-to-2016 [crudeoilpeak.info]
They'll be able to continue exporting for a few years, 5-10. Then their internal consumption hits production and starts declining. This is when the shtf and people start dying.
So... What choices do they have? Given the history of the external manipulation of their country they appear quite rational.
occam's razor doesn't work w intelligence agencies (Score:4, Interesting)
the FOIA sites at fbi.gov and cia.gov are full of bizarre, unbeilevable stuff.
is it likely that the US military deliberately administered LSD to people to see if it would be a good mind control drug, and that one of them leaped out of a window and died? no, but it happened.
is it likely that the Nazi government was thoroughly penetrated with Soviet agents? no, but it was.
is it likely that Israel and it's neighbors would go to war in 1967? No, but they did.
is it likely that Israel would repeatedly shoot and napalm a ship flying a huge US flag? no, but it happened.
is it likely that the head of the US OSS would come up with a plan to invite NKVD officers to the US for 'joint exercises' with US law enforcement? No, but it happened.
is it likely that the Department of Justice would charge someone with Espionage for telling a journalist that North Korea would probably test a nuclear weapon? No, but it happened.
Not exactly Russians... (Score:5, Interesting)
Arabs, Shias, Sunnis and other Mohammedans (Score:2, Interesting)
It's also worth noting that Iran, despite being Shia, backs Sunni organizations like Hamas, in addition to its own proxy Hizbullah. Similarly, during the 80s war between Iran and Iraq, while much of the Arab world, except Syria, backed Iraq, Libya chose to back Iran. These things are not set in stone. While locally, Shias and Sunnis can't stand each other and often either riot or carry out terrorist acts (e.g. Sipah e Sehaba in Pakistan is a Sunni terror organization that takes it out on Shias), they have no problems allying with the other type of Muslims outside their countries when it comes to a war against Infidels.
Re:Government responsible says, 'Look, commies'. (Score:4, Interesting)
Your rant is pure demagoguery.
What you seem to disregard is that Iran is now ruled exclusively by a religious leader [wikipedia.org], and that his dog Ahmadinejad doesn't just not get along with Israel, but calls out for the destruction of Israel pretty much any time there's an open microphone nearby. He does so even though Israel has never done anything bad to Iran and the two countries even had strong military relations prior to 1979.
You also forget that Iran spends millions of oil dollars every year funding terrorist organizations whose sole purpose is to harm and kill American and Israeli civilians.
What your last paragraph is basically saying is that it's OK for Iran to destroy Israel (even if we assume that they could), because Christianity is false. Even if Christianity is false, nobody has the right to destroy another country the way Iran wants to destroy Israel.
First of all there is a BIG difference between stating that "Israel should not exist" and "We are going to destroy Israel." You swallowing the Israeli propaganda talking points hook line as sinker and regurgitating them is not going to convince any reason minded individual here. And how many times has the US and Israel threatned to attack them? Double standards much? Secondly. What's the difference between terrorizing other countries with stuxnet, infiltration and bombing or killing scientists, by a country or supporting a third party (insert terrorist org here) to do you bidding. If I send a CIA agent to infiltrate and blow up an arms depot or if I pay someone else to do it for me? What's the difference? What about the iran contra? Wasn't that a terrorist organization? Did we not support that organization? Why such hypocrisy? Its OK for us to support terrorist organization but no one else should right? And then there is this [telegraph.co.uk]
Are they rational actors, or not? (Score:5, Interesting)
It all kind of depends on how rationally the mullahs operate.
I'm pretty sure that the concept has been communicated to the Iranians, either semi-directly through back channels or through other third parties that any use of a nuclear weapon against the US or its "close allies" will result in overwhelming nuclear retaliation, the kind that might cause one to question the future of Persian culture centered around Iranian geography.
It's long been rumored that the Israelis have indirectly communicated that any NBC attack will result in nuclear retaliation against all Arab capitals and major Islamic religious sites, allowing for a certain group restraint among Arab countries not wishing to see their capital vaporized should a neighbor's anti-Israeli action get too heated.
And don't think for a second that the Soviets or the Chinese would say a word -- poking a stick at the US via Iran is valuable to the Soviets and the Chinese, but it's not worth trading nuclear strikes with the US.
One would think that Iranian leaders would take this into account when doing the calculus on nuclear weapons. Are they even worth having, outside of defensive use within their own immediate political theater? Would the cost of development be better spent on something else -- a home-grown cruise missile, long-range missile, some other expenditure?
That being said, the mullahs may not be rational -- they may be given to magical thinking and have some kind of literal belief in religion that might cause them to not care. We've certainly seen enough rank-and-file religious nuts blow themselves up.