On a Vancouver stage last Thursday, a young Irish computing expert gave a filmed presentation showing how the world could end with the pop of a balloon.
That's just great.
We may never know for sure. The odd thing is that Stuxnet, so far, hasn't actually been proved to have done anything. Stuxnet contains a "switch" believed to target one very specific, tailored Siemens system – but no one knows which one, or what the switch is intended to do.We may never know for sure? That's bullshit. We saw the same thing recently when CNN did a piece on 911 conspiracy theories. Did they examine the theories? No. They went directly to "will this conspiracy theory become like the Kennedy Assassination? Analyzed for generations as an unsolved mystery?" Which of course is a total cop out designed to protect the guilty. See: funny or sad.
Israel has little to gain from denying or confirming anything. It cannot own up to what some see as a monumental act of irresponsibility – the creation of a worm that could attack any sensitive system anywhere in the world. On the other hand, its struggle with Iran is also psychological, and it does it no harm to be thought capable of disarming a nuclear programme without launching a missile.Eating one's cake and having it too then?
So Bradley Manning leaks a helicopter video to Wikileaks, and he goes on trial for "damaging national security." But a state-sponsored group of hackers writes code that can control infrastructure, and we must assume it will be copied by "terrorists," and what is the response? We may never get to the bottom of it?
UPDATE: Iran 'detains western spies' after cyber attack on nuclear plant
Iran has detained several "spies" it claims were behind cyber attacks on its nuclear programme. The intelligence minister, Heydar Moslehi, said western "spy services" were behind the complex computer virus that recently infected more than 30,000 computers in industrial sites, including those in the Bushehr nuclear power plant, appearing to confirm the suspicion of computer security experts that a foreign state was responsible. The announcement also suggests that the attack involving the Stuxnet worm virus, which computer experts believe may have been designed to spy on Iran's nuclear facilities rather than destroy them, has caused more alarm in the regime than has so far been acknowledged.
In remarks carried on Iranian state television and the Mehr news service, Moslehi said Iran had discovered the "destructive activities of the arrogance [of the west] in cyberspace", adding that "different ways to confront them have been designed and implemented". "I assure all citizens that the intelligence apparatus currently has complete supervision on cyberspace and will not allow any leak or destruction of our country's nuclear activities. "Iran's intelligence department has found a solution for confronting [the worm] and it will be applied. Our domination of virtual networks has thwarted the activities of enemies in this regard."
Moslehi gave no details of when the arrests had taken place or whether those detained were Iranians or foreign citizens. (more at link)
AFP describes them as "nuclear spies." "We have always faced the destructive action of these (spy) services and a number of nuclear spies have been arrested," he said."
JPost whistles past the graveyard... (http://www.jpost.com/IranianThreat/News/Article.aspx?id=189934)
Also see a discussion of what might be going on at Winter Patriot blog. Winter himself explains:
A computer 'worm' contains the instruction sequence necessary to propogate itself as well as the instruction sequence that does the damage. The first step significant step in defending against such a worm is reverse-engineering -- converting the "machine code" that the computer executes into "assembly code" which lists the instructions being executed.It's all just One Big WTF? at this point.
And therefore, using a worm as a weapon of war is, in the words of one of my most security-savvy computer-friends, "one of the stupidest things anyone has ever done anywhere". It is, as he put it, "like dropping an atomic bomb, then showering the survivors with leaflets explaining how to build an atomic bomb". He reckons the probability of this worm being revamped and used as an offensive weapon by the Iranians (or terrorists connected with Iran) as 100%. "How could they NOT use it?" he asked. "They're pissed off and they have the code!"
The Stuxnet worm has people worried. Threats that were once theoretical have become real because it allows the attacker to take control of critical systems like pumps, motors, alarms and valves in commercial systems.
It could, technically, make factory boilers explode, destroy gas pipelines or even cause a nuclear plant to malfunction. The virus targets control systems made by German industrial giant Siemens commonly used to manage water supplies, oil rigs, power plants and other industrial facilities.
In the last day or so we learn that Stuxnet has successfully penetrated China, extensively, as well as Iran.
"This malware is specially designed to sabotage plants and damage industrial systems, instead of stealing personal data," an engineer surnamed Wang at antivirus service provider Rising International Software told the Global Times. "Once Stuxnet successfully penetrates factory computers in China, those industries may collapse, which would damage China's national security," he added. Another unnamed expert at Rising International said the attacks had so far infected more than six million individual accounts and nearly 1,000 corporate accounts around the country, the official Xinhua news agency reported.
Graham Cluley, an expert on viruses, said the sophisticated code may have been written by an insider at Siemens.
The worm may have been written by someone with detailed knowledge of Siemens' computer systems, Graham Cluley said on Friday. Speaking to Computer and technology news website, V3, Cluley said the person may possibly be a current or former employee of the German industrial giant whose control systems are widely used to manage industrial facilities such as oil rigs and power plants. ...Another expert on the issue, Mikko Hypponen, chief research officer at F-Secure, told V3 that based on evidence he'd seen, the worm looks like a government attack. "If you look at the level of difficulty and complexity behind Stuxnet, it has to be a government effort," he further explained.Go here for a ten slide technical explanation of how the worm spread.
Yesterday we learned who might be the likely culprit: Israel.
"So let’s assume that using Stuxnet, Israel has indeed launched the world’s first precision, military-grade cyber missile. What are the implications?"We thing the primary implication is that a military attack on Iran has now been foreclosed as a viable option. It can't be justified anymore. Security has already been breached. Furthermore, the Stuxnet worm takes control over the control systems and can even, theoretically, cause an explosion.
"We have never seen anything like this before. It's the most complex piece of malware in the history of computing. What the thing does, is actually it's designed to blow something up, it's as simple as that. The virus is a cyberwar weapon."
Curiously, Langner also said not to worry, because obviously the worm is so specific that it hit its target.
Stuxnet itself is no longer a cause for concern, he said. "Don't worry about Stuxnet any longer," he said. "Obviously it hit its target. It is so specific it won't attack anything else."OK, well, maybe we misunderstand because we are not getting the "obvious" part. Forgive us for being obtuse, but did something large in Iran explode that we failed to notice, like a power plant or something?
We are not so sure about his conclusion, because now China has reported big problems with Stuxnet. Maybe Stuxnet wasn't finished after all?
Maybe, in light of the new special romance between Israel and China, what seems possibly obvious to us is that Israel maybe just explained to China who is wearing the pants?
We get the point, if that was the point.
"Nothing says theocracy like a biblical reference in your terroristic cyber attack." ~ Penny
Langner says this will lead to copycat activity.
But now that it's out there, other people will try to replicate it, he warned. "Everybody will be able to study exactly what Stuxnet does and how it is done," he said. "So we must assume that Stuxnet will now act as a template for any kind of hackers, organized crime, terrorists in order to study how it can be done. "Stuxnet is history," he said. "We need to work on what will come next."
Yes, we can see that part happening, too.