Jump to content
Washington Football Team Logo
Extremeskins
Forum Rules and Guidelines

The first eWMD, The Stuxnet Virus... BARES FRUIT!

JMS

By JMS
in The Tailgate

Recommended Posts

JMS

JMS

Posted
Posted

I don't know if any of you guys are folowing this thing. It's pretty amaizing.... "Somebody", released a computer virus in Iran which targets the industrial controlers which Iran purchased to run their nuclear facility. Estimates say it's infected 30,000 computers in Iran. They are calling it the first e-Weapon of Mass Destruction.

It's been active for more than a year, but the Iranians just figured out why their systems weren't working correctly when they called in German consultants who sold them the industrial controlers (Seimans). The Germans evidently found the worm.

Folks are guestimating Israel is behind it. That may be, because Israel is a very technologically savy country. I want to just point out however that the United States is as the forefront of offensive and defensive computer capabilities.

George Bush sunk a lot of money in developing offensive computer malware capability. Not only that but today the US defense department has a major combat command dedicated to cyber defense.... That means today organizationally we equate cyber defense with a major theatre of operation like Europe, the Pacific, or the Middle east. Not sure many Americans understand that.

We might be witnessing the way countries will wage war against each other in the future right now in Iran. It's realy something to watch develop.

Iran is saying Struxnet didn't do much to them, at the same time they are anouncing the Nuke facility won't be operational ontime ( they say unrelated)... and they are conducting major arrests sweeps looking for the folks who infected them.

If they are saying 30,000 computers are infected... It could easily be two or three times that number. The virus is suupposed to give outsiders control of those industrial controlers. If that's the case this game could be played out over years.... Somehow I don't think McAffy or spybot is going to help the Iranians out of this mess. Frankly it's uncertain they would be able to secure a network of so many systems. It's a very complex and cutting edge task even for us.

Link to comment
Share on other sites
twa

twa

Posted
Posted

We touched on it a bit in another thread

The infection is not limited to Iran though,it seems Seimans is the linkage ...maybe someone there didn't like certain applications or customers?

http://www.v3.co.uk/v3/news/2270478/iran-confirms-stuxnet-hit#ixzz10kjDfR6Y

http://www.nytimes.com/2010/09/30/world/middleeast/30worm.html?_r=1

added

Holiday concerns in China over 'cyber superweapon'

http://www.google.com/hostednews/afp/article/ALeqM5jypOqui89lMMVDjDANvQF36iqAkA?docId=CNG.27a028ad8f0542cd7177615afc42a4d3.401

Link to comment
Share on other sites
Corcaigh

Corcaigh

Posted
Posted
That is pretty awesome. Do you have any articles on this?

I know at Ft Meade MD they are really ramping up the cyber command.

Rather than awesome it could be extraordinarily dumb. Your enemy can take the code, modify it and use it themselves on their enemies.

In this way it's very unlike other types of weapon. Anyone tasked with cyber-warfare better be tasked with cyber-defense too, as focusing just on offense could lead to very bad unintended consequences.

Link to comment
Share on other sites
twa

twa

Posted
Posted

There is certainly that Corcaigh,in fact this addresses it somewhat with a Hollywood flair

simply progress in motion

http://www.bizjournals.com/boston/blog/bottom_line/2010/10/considering_stuxnet.html

So what’s the big deal, you may ask. This means the Israelis don’t have to bomb the plants, as they did in 1981 with a nuclear plant in Baghdad, Iraq. And while there is as of yet no proof, the general consensus is that this Stuxnet worm is likely an Israeli creation.

Too bad the Stuxnet creators have now released into the wild the exact weapon our enemies need to recreate another hacker movie, “Live Free or Die Hard.” If you don’t recall, that was the fourth Bruce Willis “Die Hard” movie, in which a former government coder initiated what is called the “Fire Sale,” from the idea that everything must go - in this case every control system for all utilities and infrastructure in the United States.

Sure, right now the Stuxnet is designed only to destroy the specific Siemens industrial control systems used in those Iranian plants, but guess what - that system is used in nuclear plants all around the world. In fact, it is used in all sorts of power systems. From Siemens’ own website: “We are the leading service partner for an installed fleet of power plants representing approximately one-fifth of all large-scale and industrial power plants worldwide.” According to an NPR report, that Siemens system runs most of the hydroelectric dams in the world. Imagine what would happen to Los Angeles and Las Vegas if just the Hoover and Grand Cooley dams were shut down because of a Stuxnet-derived attack.

Read more: Stuxnet: 'Hackers' meets real life - Boston Business Journal

Link to comment
Share on other sites
JMS

JMS

Posted
  • Author
Posted
Incorrect detail in the OP. US Cyber Command is not a unified combatant command. It is a subornidate command to US strategic command. This means we equate cyber with an area like Korea(a sub-unified comman), not like the Pacific(a unified combatant command).

US Cyber Command is headed by a four star general Just like CENTCOM, EUCOM, and PACOM... south Korea is currently a 3 star role and there has been talk fo downgradeing that to a two star role.

Do you know of any other subordinate command headed by a four star other than Afghanistan with Peutraus?

Link to comment
Share on other sites
JMS

JMS

Posted
  • Author
Posted
Rather than awesome it could be extraordinarily dumb. Your enemy can take the code, modify it and use it themselves on their enemies.

In this way it's very unlike other types of weapon. Anyone tasked with cyber-warfare better be tasked with cyber-defense too, as focusing just on offense could lead to very bad unintended consequences.

Both the United States and Israel group offensive and defensive leadership in the same organizations......

In both countries defense is more than just a list of protocols, it entails hundreds of millions even billions in architecture, systems and specialized networks.

Link to comment
Share on other sites
JMS

JMS

Posted
  • Author
Posted
Rather than awesome it could be extraordinarily dumb. Your enemy can take the code, modify it and use it themselves on their enemies.

In this way it's very unlike other types of weapon. Anyone tasked with cyber-warfare better be tasked with cyber-defense too, as focusing just on offense could lead to very bad unintended consequences.

That's one reason why the US has invested hundres of millions even billions in cyber defense. It's why we operate more than 14 global networks just for the DoD, not to mention specialized networks for energy, state, and justice.

Suffice it to say, The United States is treating this sphere of warfare very seriously and putting a lot of thought into it. The Struxnet Virus is akin to the first time a pilot hand droped a granade from an airplane in WWI. Or first took his pistol up into his plane to shoot at the enemy. It's a pretty historic moment and reflects an entirely new thinking in warfare..

This type of warfare is going to favor those who take it seriously and those who plan for the coming engagements.... We are well down both paths.

Personally, I think it's much more likely this virus is a US invention rather than an Israeli one. Our cyber warfare budget is likely more than 10 times that of Israel's... maybe 100 times.

Link to comment
Share on other sites
Redskins Diehard

Redskins Diehard

Posted
Posted
US Cyber Command is headed by a four star general Just like CENTCOM, EUCOM, and PACOM... south Korea is currently a 3 star role and there has been talk fo downgradeing that to a two star role.

Do you know of any other subordinate command headed by a four star other than Afghanistan with Peutraus?

Dude, you make more incorrect stuff up about the DoD than anyone else on this board. Yes, I know of another Command that is headed by a 4 star...Korea. Gen Walter Sharp(his friends call him Skip). US Forces Command-Korea

Link to comment
Share on other sites
JMS

JMS

Posted
  • Author
Posted
Dude, you make more incorrect stuff up about the DoD than anyone else on this board. Yes, I know of another Command that is headed by a 4 star...Korea. Gen Walter Sharp(his friends call him Skip). US Forces Command-Korea

I'm not making it up. I was just misinformed on both counts. Your first point that Cyber command was not a unified combatant command was right. Your second point that the Korean subornidate command is run by a four star general was also correct.

Link to comment
Share on other sites
JMS

JMS

Posted
  • Author
Posted

That along with the fact that Iran said the Nuke power plant would not come online on schedule leads me to believe the virus might be more sucessful than Iran is letting on. Iran is claiming stuxnet hasn't done anything and it's just an annoyance rather than a serious issue. But then they start arresting folks and anouncing project delays in the same breadth. IF Iran has to harden their networks this could set them back years.

Link to comment
Share on other sites
Corcaigh

Corcaigh

Posted
Posted

Suffice it to say, The United States is treating this sphere of warfare very seriously and putting a lot of thought into it. The Struxnet Virus is akin to the first time a pilot hand droped a granade from an airplane in WWI. Or first took his pistol up into his plane to shoot at the enemy. It's a pretty historic moment and reflects an entirely new thinking in warfare..

The USA is far, far less prepared than you think. Threats emerge daily and as much infrastructure uses public networks and commercially available products which enemies can test and probe for weaknesses, attacks which disable those would cause chaos. If the Pentagon can keep their network up and running it's nice, but if the rest of society is entirely shut down the cost and impact would be crippling.

This type of warfare is going to favor those who take it seriously and those who plan for the coming engagements.... We are well down both paths.

Personally, I think it's much more likely this virus is a US invention rather than an Israeli one. Our cyber warfare budget is likely more than 10 times that of Israel's... maybe 100 times.

The USA is taking it seriously but the threats are very, very difficult to counter. And unfortunately, a pure technology-based approach won't work. The weakness in all this is humans and the greatest threat is a socially-engineered attack which exploits someone on the inside.

Link to comment
Share on other sites
JMS

JMS

Posted
  • Author
Posted
The USA is far, far less prepared than you think. Threats emerge daily and as much infrastructure uses public networks and commercially available products which enemies can test and probe for weaknesses, attacks which disable those would cause chaos. If the Pentagon can keep their network up and running it's nice, but if the rest of society is entirely shut down the cost and impact would be crippling.

The Internet is fairly wide open. They are just now figuring out strategies on how to defend it. Oddly enough one of their ulitmate options is to simple turn off the Internet. The President has sought and has been granted the authority to shutdown the internet rather than have it serve for a conduit to attacks.

http://news.techworld.com/security/3228198/obama-internet-kill-switch-plan-approved-by-us-senate/?olo=rss

So I agree with you that the civilian infrastructure is not nearly as prepared as we would like. We are at the beginning stages of hardening the internet vulnerabilites and some companies do a better job than others. Inventorying our vulnerabilities and designing corrective actions is at the begining stages. Least that's how it seems to me.

The military however and the Governemnt are much further along. It's not true that the military uses commecial networks.. At least not true the military traffic mixes with commercial traffic on the lines we lease from civilians. As I've said we run more than 14 global networks all with differing degrees of performance, classification, and services. All of those networks are hardenned and sit behind formitable cyber defense and physical defense infrastructure.

I would not go so far as to say we are invulnerable from attack. I would go so far as to say we are well ahead of anybody else in the world on this potential war front. We spend more money on it, and we've been at it longer than anybody else.

The USA is taking it seriously but the threats are very, very difficult to counter. And unfortunately, a pure technology-based approach won't work. The weakness in all this is humans and the greatest threat is a socially-engineered attack which exploits someone on the inside.

Well it used to be we secured capabilities by disconnecting them from networks. That didn't work very well. Then we used to secure capabilities by denying access to them except to folks who were approved. Again you are correct that proved ineffective too. Today we secure capabilities by having out of band networks hooked up to devices so we can diagnose problems when they occure and maintain control even when the devices are slamed on their end user interface. Control data is not mixed with end user data. We ensure services by investing in OSS systems which can diagnose intrusions, attacks, or suspicious activity between nodes. Today we are able to electronically ensure data services. Meaning we can break down a service into it's base components and individually diagnose in real time where problems lie...

Oddly enough the military is not at the cutting edge fo this technology. The Military is learning from consordiums of commerical companies whch band together to create these types of capabilities. In today's environment companies like Macafee are being bought up by companies like Intel to better match security software to security firmware. Intel purchased Macafee for what 8 billion dollars? Why wall street was asking. It's because Intell knows cyber security is going to be one of the biggest growth areas for computers in the coming decades... And Macafee with their HBSS system is one of the leaders in this field.

I agree with you that we are not entirely safe. That it's unlikely we've thought of everything. I just think we've put a lot of money into this field; and in that we are much further along than any would be advisary. Advisaries like China, Russia, and North Korea which all have demonstrated cyber offensive capabilities.

Link to comment
Share on other sites
  • 2 months later...
JMS

JMS

Posted
  • Author
Posted

suspected NEW US Cyber Command, flexes offensive capabilities and it bares fruit..

'Stuxnet virus set back Iran’s nuclear program by 2 years'

Top German computer consultant tells 'Post' virus was as effective as military strike, a huge success; expert speculates IDF creator of virus.

The Stuxnet virus, which has attacked Iran’s nuclear facilities and which Israel is suspected of creating, has set back the Islamic Republic’s nuclear program by two years, a top German computer consultant who was one of the first experts to analyze the program’s code told The Jerusalem Post on Tuesday.

“It will take two years for Iran to get back on track,” Langer said in a telephone interview from his office in Hamburg, Germany. “This was nearly as effective as a military strike, but even better since there are no fatalities and no full-blown war. From a military perspective, this was a huge success.

http://www.jpost.com/IranianThreat/News/Article.aspx?id=199475

Figure we could do this basically indefinitely....

Link to comment
Share on other sites
JMS

JMS

Posted
  • Author
Posted

(1) It's hard to take Fox News seriously as a news source.

(2) What explosion are they talking about? Struxnet doesn't cause things to blow up... It causes centrafugest to stop spinning sporatically or to spin at variable speeds intermitantly... Causing erradic quality control and inhibiting their ability to refine radioactive material. It took Iran a year and a team of german computer scientists to even figure out they were infected.

(3) It wold be very very stupid for Iran to opennly start killing American Generals, and Iran isn't stupid.. After all Iran has about 3 times as many generals as the United States has; and that would basically be an open delcaration for us to start killing their top leaders. Iran wouldn't win that kind of confrontation. We could blow up any target in Iran and make it look like a car bomb, Including I'mADinnerJacket's tent.

Link to comment
Share on other sites
twa

twa

Posted
Posted

There are other sources if you are interested,the explosion refers to Irans nuclear scientists(and Stuxnet expert) ,surely you remember them dying.

Openly is not the way it generally works,as has been shown in Iraq,Lebanon,Afghanistan ect.

Link to comment
Share on other sites
JMS

JMS

Posted
  • Author
Posted
Caused them to spin too fast and damaged them,also random shut downs of systems

I think it did all of the above... but it did so sporatically... one day these centerfuges would work and those wouldn't quite work; the next day those would work but these wouldn't quite work. The net result was the Iranians trying to produce very refined quantities of radioactive material were not able too...

But what was that about an explosion?: I've not read anything about an explosion...

By writing code to the PLC, Stuxnet can potentially control ??or alter how the system operates. A previous historic example includes a reported case of stolen code that impacted a pipeline. Code was secretly “Trojanized” to function properly and only some time after installation instruct the host system to increase the pipeline's pressure beyond its capacity. This resulted in a three kiloton explosion, about 1/5 the size of the Hiroshima bomb.

http://www.symantec.com/connect/blogs/stuxnet-introduces-first-known-rootkit-scada-devices

This looks more like a geeks wild immagination than a real event.

Googling on stuxnet and explosion yeilds blog entries on San Bruno gas explosion, not anything on Iran. Adding Iran to the google search also doesn't yeild any report an an explosion..

Link to comment
Share on other sites
JMS

JMS

Posted
  • Author
Posted
yea, we were surprised to see the random shut downs.

I don't think we were suprised. I think we wrote the freaking thing.... Everybody thinks it might have been Israel. I think it more likely that it was the United States. Our Cyber Command has about 10 times as much resources as the Israeli's do. We've got a four star heading that effort up which is pretty significant. George Bush authorized them to develop offensive capabilities.

I think they reached out and thwacked Iran, and thwacked htem so hard that it took a year before Iran even figured out they were thwacked.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...