Stuxnet Cyber Attack- Politics by New Means

Discussion in 'Current Affairs, News and Analysis' started by bakerlite, Sep 26, 2010.

Welcome to the Army Rumour Service, ARRSE

The UK's largest and busiest UNofficial military website.

The heart of the site is the forum area, including:

  1. "A highly sophisticated computer worm that has burrowed into industrial systems worldwide over the past year may have been a “search-and-destroy weapon” built to take out Iran's Bushehr nuclear reactor, according to news reports published on Tuesday"

    "Stuxnet is a directed attack -- hack of the century"

    Stuxnet malware is 'weapon' out to destroy ... Iran's Bushehr nuclear plant? -

    Was Stuxnet built to attack Iran's nuclear program? | ITworld

    Langner Communications: The Production-to-Business Company

    YouTube - Richard Clarke on Cyber Threats: Defense is Key

    The effects of the "Stuxnet" are being felt in USA, Canada, India, Pakistan and particularly Iran.

    Is this the pre-emptive strike that we have been anticipating?

  2. Israel has plenty of extremely talented computer programmers and STUXNET is a fascinating bit of software, (Malware than can even be remotely updated), that is considered to be so refined and technically complex but target specific, (the programmers would have needed an in depth knowledge of the workings of a nuclear plant for starters), as to be outside the capability of non State actors to fund and write.
  3. BuggerAll

    BuggerAll LE Reviewer Book Reviewer

    The article mentioned that this worm could be introduced to closed systems by USB memory stick. Unless the person who plugs the stick is deliberately attacking the system this means that the worm has got to get its self onto the stick. That means the worm has got to be small enough to fit onto a stick along with whatever is supposed to be there and its got to be able to hide from virus checkers etc.

    I'm old and I don't really understand. Can any of you youngsters explain it to me. Wibble....

  4. It means extremely sophisticated and compact targeted coding. Not the stuff of e-vandals in their bedrooms.

    What we have seen is probably the first State on State deployment of an e-weapon and the e-arms race will start hotting up exponentially.

  5. Viruses and malware that piggy back on USB sticks are nothing new, they have been doing it for years. Its the reason MOD terminals have their USB ports clamped shut. And also remember than memory sticks have been 100Mb+ for sometime so space is not an issue. But still, the fact that is it targeting tech known to be in Iranian use keeps this all very interesting.
  6. Probably better than dropping a Bloodhound on Iranian nuclear power stations.
  7. But less likely to get a DSO?
  8. Stuxnet infects Windows systems and searches for industrial control Programmable Logic Controllers (PLCs are used to control machinery) that are run off the system and buggers their code as well.

    So it is not as simple are cleaning up the machine that drives the PLC's but looking at each of the PLCs to see if they have corrupted code on them. Why? Ah well, Professor......

    "By writing code to the PLC, Stuxnet can potentially control or alter how the system operates. A previous historic example includes a reported case of stolen code that impacted a pipeline. Code was secretly “Trojanized” to function properly and only some time after installation instruct the host system to increase the pipeline's pressure beyond its capacity. This resulted in a three kiloton explosion, about 1/5 the size of the Hiroshima bomb."

    Stuxnet Introduces the First Known Rootkit for Industrial Control Systems | Symantec Connect

    So, no need to drop things which go bang on a very complex bit of kit with a great many computer driven control systems (and cause all manner of grief for yourself) when you can completely bugger it or perhaps even make it go bang with a bit of malware.

  9. This is the genius of malware like STUXNET. It's theoretically possible to get the code to make something like a nuclear plant go into meltdown at a pre determined point. Cunning stuff.
  10. So it's windows specific - and it appears that it makes use of VBScript which will only run on a windows platform... When will people ever learn.

    Still, we have Windows for Warships... Ummm...
  11. Interesting stuff indeed. Oddly the Symantec article doesnt mention where the pipeline attack is supposed to have happened, anyone know?
    (By the way, how would a pipeline rupture produce a 3 kt explosion, just asking out of interest?)
  12. This could be it - Very interesting read.

    And a pipeline rupture doesnt stop at the water main on your street. In this case it was a major part of the gas fields infrastructure, a fair bit of methane going pop.

    In the above the trojan was developed by the manufacturers themselves, so indicating the complexity required to effect the Iranians kit.
  13. Very interesting and brings back some memories for me before I retired .

    Over 15 years ago the Co I worked for were …. well we thought at the time … at the leading edge of technology because we had systems in operation to allow PLC’s to be remotely programmed for complex maintenance , correction or development purposes . No Broadband then just modem links but items plant could be totally controlled from Germany , France or Italy where we had initially sourced them . The on board computers were initially running DOS and then later versions of Windows starting with 3.1 and we were able to carry out similar work but not quite as complex . We used off the shelf computers in which we disabled physically and electronically 3.5 “ drives to minimise chance of unauthorised activities such as local downloads .

    What I find fascinating is the bringing together of all of the features and what would appear to be weaknesses of Windows , the Internet , Memory Sticks , networks and of these PLC controlled systems to enable very complex and sophisticated software to allow attack and control .
  14. I thought the Chinese tried a Cyber attack on the US Military a couple of years back(allegedly)?
  15. That raises an interesting issue Border_Reiver. Was previous software and hardware simpler and more thoroughly understood by those creating it? And if so, is it now so complex that people only understand their small parts of it rather than a wide breadth? Then again it could just be laziness on their parts for not thinking of security as there was no real need for it till now.