[Itpolicy-np] Re: Stuxnet malware is 'weapon' out to destroy ...
Iran's Bushehr nuclear plant?
Bipin Gautam
bipin.gautam at gmail.com
Fri Sep 24 19:30:14 GMT 2010
More cover on Stuxnet, i am getting lazy no summary this time!
________________
Possible Israeli Cyber Attack Sabotaged Iran's Bushehr Nuclear Reactor
http://www.eurasiareview.com/201009238462/possible-israeli-cyber-attack-sabotaged-irans-bushehr-nuclear-reactor.html
...
How to plan an industrial cyber-sabotage operation: A look at Stuxnet
http://blogs.csoonline.com/1260/how_to_plan_an_industrial_cyber_sabotage_operation_a_look_at_stuxnet
...
Stuxnet: the Trinity test of cyberwarfare:
http://warincontext.org/2010/09/23/stuxnet-the-trinity-test-of-cyberwarfare/
...
DEADF007 - Is Stuxnet The Secret Weapon To Attack Iran's Nukes; Is A
Virus About To Revolutionize Modern Warfare?
http://www.zerohedge.com/article/deadf007-stuxnet-secret-weapon-attack-irans-nukes-virus-about-revolutionize-modern-warfare
...
Stuxnet Introduces the First Known Rootkit for Industrial Control
Systems : http://www.symantec.com/connect/blogs/stuxnet-introduces-first-known-rootkit-scada-devices
...
Stuxnet is a directed attack -- 'hack of the century'
http://www.langner.com/en/index.htm
...
Wary of naked force, Israel eyes cyberwar on Iran
http://www.ynetnews.com/articles/0,7340,L-3742960,00.html
...
http://www.upi.com/enl-win/b00bf188f7671cf2f939d18b1453852f/
An error is seen on a computer screen of Bushehr nuclear power plant's
map in the Bushehr Port on the Persian Gulf, 1,000 kms south of
Tehran, Iran on February 25, 2009. Iranian officials said the
long-awaited power plant was expected to become operational last fall
but its construction was plagued by several setbacks, including
difficulties in procuring its remaining equipment and the necessary
uranium fuel.
On 9/23/10, Bipin Gautam <bipin.gautam at gmail.com> wrote:
> (Source:
> http://www.csmonitor.com/USA/2010/0921/Stuxnet-malware-is-weapon-out-to-destroy-Iran-s-Bushehr-nuclear-plant)
>
> Cyber security experts say they have identified the world's first
> known cyber super weapon designed specifically to destroy a real-world
> target – a factory, a refinery, or just maybe a nuclear power plant.
>
> The cyber worm, called Stuxnet, has been the object of intense study
> since its detection in June. As more has become known about it, alarm
> about its capabilities and purpose have grown. Some top cyber security
> experts now say Stuxnet's arrival heralds something blindingly new: a
> cyber weapon created to cross from the digital realm to the physical
> world – to destroy something.
>
> At least one expert who has extensively studied the malicious
> software, or malware, suggests Stuxnet may have already attacked its
> target – and that it may have been Iran's Bushehr nuclear power plant,
> which much of the world condemns as a nuclear weapons threat.
>
> The appearance of Stuxnet created a ripple of amazement among computer
> security experts. Too large, too encrypted, too complex to be
> immediately understood, it employed amazing new tricks, like taking
> control of a computer system without the user taking any action or
> clicking any button other than inserting an infected memory stick.
> Experts say it took a massive expenditure of time, money, and software
> engineering talent to identify and exploit such vulnerabilities in
> industrial control software systems.
>
> Unlike most malware, Stuxnet is not intended to help someone make
> money or steal proprietary data. Industrial control systems experts
> now have concluded, after nearly four months spent reverse engineering
> Stuxnet, that the world faces a new breed of malware that could become
> a template for attackers wishing to launch digital strikes at physical
> targets worldwide. Internet link not required.
> ...
>
> The Stuxnet malware has infiltrated industrial computer systems
> worldwide. Now, cyber security sleuths say it's a search-and-destroy
> weapon meant to hit a single target. One expert suggests it may be
> after Iran's Bushehr nuclear power plant.
> ...
>
> "Stuxnet is a 100-percent-directed cyber attack aimed at destroying an
> industrial process in the physical world," says Langner, who last week
> became the first to publicly detail Stuxnet's destructive purpose and
> its authors' malicious intent. "This is not about espionage, as some
> have said. This is a 100 percent sabotage attack."
> ...
> So far, Stuxnet has infected at least 45,000 industrial control
> systems around the world, without blowing them up – although some
> victims in North America have experienced some serious computer
> problems, Eric Byres, a Canadian expert, told the Monitor. Most of the
> victim computers, however, are in Iran, Pakistan, India, and
> Indonesia. Some systems have been hit in Germany, Canada, and the US,
> too. Once a system is infected, Stuxnet simply sits and waits –
> checking every five seconds to see if its exact parameters are met on
> the system. When they are, Stuxnet is programmed to activate a
> sequence that will cause the industrial process to self-destruct,
> Langner says.
> ...
> Langner's analysis also shows, step by step, what happens after
> Stuxnet finds its target. Once Stuxnet identifies the critical
> function running on a programmable logic controller, or PLC, made by
> Siemens, the giant industrial controls company, the malware takes
> control. One of the last codes Stuxnet sends is an enigmatic
> “DEADF007.” Then the fireworks begin, although the precise function
> being overridden is not known, Langner says. It may be that the
> maximum safety setting for RPMs on a turbine is overridden, or that
> lubrication is shut off, or some other vital function shut down.
> Whatever it is, Stuxnet overrides it, Langner’s analysis shows.
> ...
>
More information about the Itpolicy-np
mailing list