Stuxnet malware is ‘weapon’ out to destroy … Iran’s Bushehr nuclear plant?
I find this fascinating, and wonder if this is just the first shot in a cyber war that will take down significant parts of the computerized infrastructure on both sides of the political divide.
So is it the US, or Israel, or a Blofeldian supervillan?
It seems possible. From what I’ve read, there’s no doubt that it was targeting Iran and this thing definitely had a very specific target in mind. It had four 0-day exploits, stolen certificates, targeted a specific type of computer running specific software that it knew was still vulnerable to a bug that was patched in 2008.
From what I understand, they would have tested it on the SCADA systems it was designed to attack and would have to have had a lot of inside information about the target.
To me, it sounds like it took a team to write it, one or more people on the inside for information and possibly to deliver it, and a decent amount of money.
From what I’ve read, the way it was written implies that there was a few groups working on independent subsystems of the virus (various different languages used, various coding styles). Certainly, whoever wrote it had an intimate knowledge of the internals of Windows and the Siemens control hardware that it is targeting.
This latest attack also matches Israel’s known capabilities. (Not to say it is Israel, that is, but no doubt the Israelis will only be too keen for everybody to think they have the capability of doing something like this.)
new article today: Iran has admitted that stuxnet has damaged their nuclear facilities.
http://www.nytimes.com/aponline/2010/09/25/world/middleeast/AP-ML-Iran-Cyber-Attacks.html?_r=1&hp
My guess would be that Iran simply didn’t have effective controls in place to protect this unanticipated threat. Building an attack mechanism for a single target is inefficient (and hackers/crackers are often lazy in that respect, while busting their asses in other regards). If Iran is saying that they had some measure of compromise because of stux, I would guess that they just fell victim to inadequate system hardening (or the dreaded ‘whoopsie’).
You obviously didn’t read the original article quoted above. Stuxnet has been written for a specific target, it carefully checks for fingerprints of a specific hardware system and only delivers its payload on that system. It also looks like it spread from a USB key that was planted inside a specific facility using an inside agent.
Fuckin’ awesome.
It’s also important in a historical sense: it means that we have now officially entered William Gibson’s version of the future.
Wired.com had a great editorial on it. Their theory is/was presented as targeting their centrifuges, not the nuclear facility.
http://www.wired.com/threatlevel/2010/09/stuxnet/
I don’t know the credibility, or whether it’s an importuner distinction to any of you, but to me there’s a difference between writing a code to target a military facility (enriching uranium is, IMO, an inherently militaristic activaty – like making tanks) and writing a code to target a civilian power plant.
It seems to me that the prime suspects in this code are 1) The American DARPA program, 2) Israel, 3) Russia, 4) China, 5) India, 6) Pakistan – to my mind in that order. Possibly some combination of them, the USA and Israel have close enough ties that imagining they worked together on what is probably the single coolest weapon ever invented isn’t beyond the realm of possibility to me.
The U.S. government has had a long-standing problem of not being able to get the best computer minds to work for them, for a huge host of reasons. No chance of a billion-dollar payback, absence of utterly cool working conditions, not being able to talk to others about the work. But also, a lack of really interesting problems.
Whether the U.S. did this one or not, there’s got to be talk among the elite coders about the opportunity to do spectacular things that would otherwise be illegal while being given all the resources in the world. That’s a game-changer in many ways.
I believe that all of the above countries sell arms to Iran. What would be their motivation to attack Iran’s nuclear facility?
For the last 65 years, the world has made a distinction between arms and nuclear weapons.
Russia has been supporting Iran’s nuclear program, so they would presumably have other ways to block it if they were worried about weaponry. But the others have lots of incentive. If Iran sets off even one bomb then it won’t be a customer for anything for a long time.
Israel avoids this problem by having a general draft - most of the best coders in the country between the ages of 18 and 21 work for the military.
Seems kinda dangerous. According to the Wired artice, its infected 100,000 computers and that the particular controller is used in alot of critical industrial applications. If a power plant in Italy blows up, theres gonna be a lot of geopolitical awkwardness.
It hadn’t occurred to me that the US government had those kinds of problems.
But even if they did, getting recruited to do something like this has to be a huge stroke on someones ego/challenge of their skills/whatever motivation needed to overcome that, don’t you think?
I smell a slew of James Bond-esque spy thrillers centered around coding, like… hey, wasn’t there a Harrison Ford movie like this already?
They all have nukes, Iran does not. Anyone else with nukes makes their nukes less important, and removes one bargaining chip in future relations with that country.
There’s a huge differences between “Nukes” and “Arms.”
Selling arms isn’t a big deal, at worst, someone could eventually use them against you – but they’re probably dependent on you for maintaining their arms too, so it’s unlikely. And if they do, you already have nukes.
There are a lot of general possibilities, and nothing concrete, but all reasonable assertions as to potential motive. And that rules out any purely xenophobic tendencies, or genuine ambitions for world conquest/hegemony which, while unlikely, are perfectly possible from any number of nations clandestine organizations.
You’re correct, Russia has/had every chance to hinder their program, and hasn’t. While still a possible suspect, it’s unlikely they’d have done it this way.
Hadn’t even occurred to me, Israel may be more likely than the States then. I very much doubt they’ll do anything to dispel the image they did it.
It exploited a patched vulnerability in a system that, if run properly, never would’ve mattered anyway.
OK, but if Iran can run their system incorrectly at a facility where they are presumably pretty aware of the possibility of sabatoge, it certainly seems possible that some neglected system in another country could have the same vulnerability.
oooh! I want a cobra, a dragon, and a chick with a neural implant and big breasts!
It checks that it is on the correct system before doing the bad stuff and is supposedly pretty specific about what it looks for. While the writers obviously know enough to attack other places if they wanted, so far it seems to benign to other sites it infects.
This reminds me of the Macintosh “Scores” virus, which targeted applications used by EDS (Ross Perot’s company) back in the late 80’s.
Oh I don’t know about that, my guess is that the term you might be looking for is plea bargain.
While I doubt script kiddies would be drafted, er, reformed. I would wonder how many of those elite slicers have a little secret.
Declan