Friday, September 24, 2010

Sophisticated Worm "Stuxnet" Specifically Targeted at High-Value Iranian Assets

There is still a tremendous amount of speculation surrounding the Worm known as Stuxnet. That said, there are a number of things for which a general consensus is forming. Stuxnet is the first known 'Directed Cyber Weapon', or a piece of malware that is specifically targeted toward real-world process. It is also the first known piece of maleware designed to do significant physical damage; that is beyond just causing havoc with the software/programing, but destroy the physical components of the target. A successfully attacked target could not simply be reset or reprogrammed, it would have to be physically repaired or replaced [think instead of a virus corrupting the operating system it caused your computer to overheat and melt].

The target appears to be Iran; more specifically the Bushehr nuclear power plant and/or the Natanz uranium enrichment plant. There is some evidence to show it is having a desired effect. Reports show a slowdown in Iran's enrichment blamed on 'technical problems' that the operators have not been able to fix.

If the target is Iran, the list of possible perpetrators or creators of the Stuxnet worm is short. Israel takes the first nine spots on the list of ten 'suspects' with the United States being the tenth. That assumes the experts are correct and the program is to complex to have been created by a lone hacker or even a group of hackers not supported by a nation state.

I look at all of this and I see a warning shot. Israel wants Iran to know that it can reach out and touch it in more ways then one. Israel wants Iran to know that it can use its own infrastructure against it. This attack did not hurt nor endanger anyone, but the same technology could be used to devastating effects if the creator desired. The leap from shutting down a centrifuge to shutting down a few cooling unit back ups (to create a melt down) is likely insignificant. The warning thus becomes that Israel will do what ever it has to to ensure its survival; if shutting down some equipment is insufficient, they can just as easily make the land surrounding the power plant uninhabitable from an intentionally created 'technical glitch'.

This should also be another wake up call the the US federal government. Cyber security is becoming increasingly important and it is time to create (or hopefully just upgrade) some serious defenses. Having a few cyber weapons of our own would be wise for a quick counter strike.

http://www.ft.com/cms/s/0/e9d3a662-c740-11df-aeb1-00144feab49a.html

"A piece of highly sophisticated malicious software that has infected an unknown number of power plants, pipelines and factories over the past year is the first program designed to cause serious damage in the physical world, security experts are warning.
...
Stuxnet can hide itself, wait for certain conditions and give new orders to the components that reverse what they would normally do, the experts said. The commands are so specific that they appear aimed at an industrial sector, but officials do not know which one or what the affected equipment would do.

While cyber attacks on computer networks have slowed or stopped communication in countries such as Estonia and Georgia, Stuxnet is the first aimed at physical destruction and it heralds a new era in cyberwar.
...
“It is not speculation that this is the first directed cyber weapon”, or one aimed at a specific real-world process, said Joe Weiss, a US expert who has testified to Congress on technological security threats to the electric grid and other physical operations. “The only speculation is what it is being used against, and by whom.”
"

http://www.bbc.co.uk/news/technology-11388018

"One of the most sophisticated pieces of malware ever detected was probably targeting "high value" infrastructure in Iran, experts have told the BBC.

Stuxnet's complexity suggests it could only have been written by a "nation state", some researchers have claimed.

It is believed to be the first-known worm designed to target real-world infrastructure such as power stations, water plants and industrial units.
...
"The fact that we see so many more infections in Iran than anywhere else in the world makes us think this threat was targeted at Iran and that there was something in Iran that was of very, very high value to whomever wrote it," Liam O'Murchu of security firm Symantec, who has tracked the worm since it was first detected, told BBC News.

Some have speculated that it could have been aimed at disrupting Iran's delayed Bushehr nuclear power plant or the uranium enrichment plant at Natanz.
"

http://debka.com/article/9038

"debkafile's sources disclose that Israel has had special elite units carrying out such assignments for some time. Three years ago, for instance, cyber raiders played a role in the destruction of the plutonium reactor North Korea was building at A-Zur in northern Syria.
On Monday, too, the Christian Science Monitor and several American technical journals carried revelations about a new virus called Stuxnet capable of attacking and severely damaging the servers of large projects, such as power stations and nuclear reactors.

All the leaked reports agreed on three points:

1. Stuxnet is the most advanced and dangerous piece of Malware every devised.
2. The experts don't believe any private or individual hackers are capable of producing this virus, only a high-tech state such as America or Israel.
3. Although Stuxnet was identified four months ago, the only servers known to have been affected and seriously damaged are located in Iran.
Some computer security specialists report lively speculation that the virus was invented specifically to target part of the Iranian nuclear infrastructure, either the Bushehr nuclear plant activated last month or the centrifuge facility in Natanz.
debkafile's sources add: Since August, American and UN nuclear watchdog sources have been reporting a slowdown in Iran's enrichment processing due to technical problems which have knocked out a large number of centrifuges and which its nuclear technicians have been unable to repair. It is estimated that at Natanz alone, 3,000 centrifuges have been idled.
None of the reports indicate whether other parts of Iran's nuclear program have been affected by Stuxnet or the scale of the damage it may have caused.
"

1 comment:

Related Posts with Thumbnails

Like what you read; Subscribe/Fan/Follow