Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Security United States IT

Stuxnet Infected (But Didn't Affect) Chevron Network In 2010 82

Penurious Penguin writes "The Wall Street Journal, in correspondence with Chevron representatives, reveals that back in 2010, Stuxnet reached Chevron, where it managed to infect — but not significantly affect — the oil giant's network. According to a Chevron representative speaking to CNET, the issue was 'immediately addressed ... without incident.' The Stuxnet worm is believed to be the work of the U.S. and Israel, and this report is confirmation that it struck well wide of its intended targets. Chevron's general manager of the earth sciences department, Mark Koelmel, said to CIO Journal, 'I don't think the U.S. government even realized how far it had spread ... I think the downside of what they did is going to be far worse than what they actually accomplished.'"
This discussion has been archived. No new comments can be posted.

Stuxnet Infected (But Didn't Affect) Chevron Network In 2010

Comments Filter:
  • by icebike ( 68054 ) * on Saturday November 10, 2012 @03:39PM (#41944931)

    The transport used was fairly generic in nature, but since the payload was aimed at a specific controller [wikipedia.org] used on centrifuges its not surprising that it had little effect elsewhere [symantec.com].

    Even if that Siemens motor controller was common, its use case in Iran was rather specific, and chances are the payload was pretty specific to exact firmware levels. From Wiki:

    While the worm is promiscuous, it makes itself inert if Siemens software is not found on infected computers, and contains safeguards to prevent each infected computer from spreading the worm to more than three others, and to erase itself on 24 June 2012.

    Had it been given a shorter life span than two years, chances are it would never have been discovered.

    The real risk here is that others have climbed on board this train and are using essentially the same engine for other purposes.
     

  • I wonder... (Score:5, Insightful)

    by Frosty Piss ( 770223 ) * on Saturday November 10, 2012 @03:39PM (#41944933)

    Unless Chevron is running centrifuges in Iran, Stuxnet probably wouldnâ(TM)t have been much of an issue as the Stuxnet code was pretty specific. But of course the real issue for Chevron it *how* they allowed Stuxnet to infect at all? What was the vector, and why was it either Interwebs connected or techs were using infected thumb drives?

    • Re:I wonder... (Score:4, Insightful)

      by CodeheadUK ( 2717911 ) on Saturday November 10, 2012 @04:25PM (#41945235) Homepage
      I'm also slightly confused as to how it didn't get reported to the AV vendors at that point. Signatures could have been in circulation for some time, preventing the embarrassing situation that occurred when the thing turned up two years later and everyone had their trousers down.
      • Our govt has a very tight relationship with Microsoft, Symantec and McAfee. It's not surprising that certain things are not flagged as malicious. It's also curious that there are signatures in their database for things that have never been officially found in the wild. It's been noted a few times that Kasperasky has added signatures for virus's and trojans long before they show up in the wild.

        • by icebike ( 68054 ) *

          Our govt has a very tight relationship with Microsoft, Symantec and McAfee.

          Given the impossibility of keeping ANYTHING secret in this country, how can you make such statements without a shred of proof? If such existed, someone would have spilled the beans long before now.

          There are other anti-virus products produced in Russia and Germany. These too totally missed Stuxnet.
          Are these companies compromised by the US government as well?

          Hanlon's Razor:
          Never attribute to malice that which is adequately explained by stupidity.

          It seems far more likely to me that McA

        • Our govt has a very tight relationship with Microsoft, Symantec and McAfee.

          And oil companies like Chevron?

    • by Anonymous Coward

      If it was anything like the spread at our work thumb drives is only one of the possible methods of attack. The others mimicked the conficker worm can is able to spread over peer to peer networks. In a company with many 10s of thousands of employees I'm not surprised they got infected. We here at an only slightly smaller than Chevron oil company got infected too, but the virus never made it as far as our control system networks. It spread globally through the business network though until they took all the f

      • Where I work, p-2-p is blocked, and are most streaming / download services. As well, plugging a thumb drive into your desk-top logs you out and blocks your account - which is kind of stupid since portable hard drives work fine - but only if the guid for the device is registered on the network (but of course that could be spoofed).

        The REAL deterrent is that if they catch you using unauthorized hardware / software, you get escorted out permanently.

        At least that's the way we do it were I work...

        - Frosty

    • by tlhIngan ( 30335 )

      Unless Chevron is running centrifuges in Iran, Stuxnet probably wouldnÃ(TM)t have been much of an issue as the Stuxnet code was pretty specific. But of course the real issue for Chevron it *how* they allowed Stuxnet to infect at all? What was the vector, and why was it either Interwebs connected or techs were using infected thumb drives?

      Probably infected thumb drives. Or hooking the infected PC to the airgapped network to update the software.

      These networks are airgapped for security as well as keeping

  • I think the downside of what they did is going to be far worse than what they actually accomplished.

    So you think nuclear proliferation is acceptable and that Iran will manage being a Nuke Bomb owner in a sensible way? Really?

    A "bomb" in the hands or the Iranians is truly a terrifying thing.

    • But Iran won't infect Chevron (to no affect) with a nuclear bomb. C'mon, man, this is a Corporation we're talking about here! Have you no sense of proportion!?
    • Re: (Score:2, Insightful)

      by Anonymous Coward

      I think the downside of what they did is going to be far worse than what they actually accomplished.

      So you think nuclear proliferation is acceptable and that Iran will manage being a Nuke Bomb owner in a sensible way? Really?

      A "bomb" in the hands or the Iranians is truly a terrifying thing.

      And hundreds of bombs in the hands of crazy terrorist harboring and financing muslim government no eh ? See Pakistan.
      And although India is not a muslim country, they are about as trigger happy as the Pakistanis insofar as nuclear weapons are concerned.
      Israel, has hundreds of nuclear warheads, the majority of which are being carried on modern AIP submarines bought from Germany.
      And what about NK, a crazy country that fires real artillry shells on South Korea and even sinks SK ships ?

      The least of our worries i

      • See Pakistan.

        Of course Pakistan is a HUGE concern. But that doesn't mean we should ignore Iran.

      • by Anonymous Coward

        And although India is not a muslim country, they are about as trigger happy as the Pakistanis insofar as nuclear weapons are concerned.

        Fuck you! India has always held a non-first use policy (in other words, it will be used only as a retaliation to a nuclear strike). They have pretty open about this policy. I have never heard any one complain about Indian nuclear policy (unlike Pakistan which refuses to promise non-first use)

      • by Anonymous Coward

        I think the downside of what they did is going to be far worse than what they actually accomplished.

        So you think nuclear proliferation is acceptable and that Iran will manage being a Nuke Bomb owner in a sensible way? Really?

        A "bomb" in the hands or the Iranians is truly a terrifying thing.

        And hundreds of bombs in the hands of crazy terrorist harboring and financing muslim government no eh ? See Pakistan.
        And although India is not a muslim country, they are about as trigger happy as the Pakistanis insofar as nuclear weapons are concerned.
        Israel, has hundreds of nuclear warheads, the majority of which are being carried on modern AIP submarines bought from Germany.
        And what about NK, a crazy country that fires real artillry shells on South Korea and even sinks SK ships ?

        The least of our worries is Iran.

        But I guess, same as Iraq, when you can't kind a rational casus belli just invent one. Now where are those WMD in Iraq ?

        I agree, it's quite disturbing that Israel has these weapons.

        • by equex ( 747231 )
          imagine mitt romney with nukes.
          • I am and no fear was created.
            maybe you could update your troll bait since he lost the election.

            • by evanism ( 600676 )

              I am not an American, but I will tell you it is no accident that Russia had 2 nuke subs parked off the coast this week.

              The perception of everyone I speak to is that Romney is a crazy. His being elected would lead to a major war using false flag in a matter of months.

              What amazes me is the perception of Romney voters, they simply cannot see it.

              • by equex ( 747231 )
                Yeah, i was gonna brace for WW3 if that maniac won.Glad to hear russia are prepared too ;) I'm still not writing off that false flag operation, its not like Obama is an angel from heaven either.
    • It's somewhat naive to think that Iran hasn't already purchased some nuclear weapons from a country that is willing to sell. North Korea wasn't interested in nuclear weapons for it's own use, so much as the political clout it brings and the financial benefit of being able to sell to countries like Iran. It Israel and Iran start to duke it out, I expect Israel would use small scale nuclear weapons first.

    • by Anonymous Coward

      Americans are crazy and have no problem invading one foreign country after another. Even a foreign country that has done nothing wrong to them but has been bombed and its own citizens put into oppression the American government and their allies.

      At least Iran does not invade other countries nor threatens them unless of course the other countries interfere with them first.

      A reminder it was the US government who installed the Shah in the first place that started that countries hatred to the US. If any country

    • by rtb61 ( 674572 )

      A nuclear weapon in the hands of people who have already used them and call for 'FIRST STRIKE' is truly a terrifying thing. There fixed it for you, at least it's accurate now. Especially when those same people are all to happy to murder innocent people by remote control and guilt it measured by, seems like they might be up to something, kill them anyhow and success is measured by effective of public relations lies about success and it's treason to tell the truth.

      • Especially when those same people are all to happy to murder innocent people by remote control and guilt it measured by, seems like they might be up to something,

        Not quite.

        Most of those killed in drone attacks were terrorists: military [dawn.com]

        • by rtb61 ( 674572 )

          Innocent until publicly proven guilty in a court of law dickwad.

          • Innocent until publicly proven guilty in a court of law

            You are quite mistaken, and a big hint is your phase, "court of law." A court of law is used in criminal matters to judge guilt or innocence before imposing punishment of the guilty. Dealing with Al Qaida, the Taliban, and company, is primarily a question of war and military action, not law enforcement, arrests, and courts of law. (Besides, what legal jurisdiction do you propose over the tribal territories in Pakistan? The Pakistani government itself cannot reliably control events there.) Bin Laden mad

    • by Anonymous Coward

      A "bomb" in the hands of the Iranians is truly a terrifying thing.

      The USA is the only country to deploy nuclear weapons (Japan), anthrax (Korea), napalm or agent Orange (Vietnam) during a war. A "bomb" in the hands of the Americans is a truly terrifying thing.

  • If your using the same controllers as the target for that virus, but your not running applications requiring precise speed control you would not even notice anything has changed. As I understand it, centrifuges rely on a well controlled rotation speed to hit a certain amount of G force. Most industrial applications don't require speed control to be that exact and generally are not going to be running fast enough to cause destruction from the stress. It sure is sad that the trolls have nothing better to d

Genius is ten percent inspiration and fifty percent capital gains.

Working...