Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Stuxnet Infects 30,000 Industrial Computers In Iran

timothy posted more than 2 years ago | from the we-all-run-from-i-ran dept.

Bug 263

eldavojohn writes "The BBC and AFP are releasing more juicy details about the now infamous Stuxnet worm that Iranian officials have confirmed infected 30,000 industrial computers inside Iran following those exact fears. The targeted systems that the worm is designed to infect are Siemens SCADA systems. Talking heads are speculating that the worm is too complex for an individual or group, causing blame to be placed on Israel or even the United States — although the US official claims they do not know the origin of the virus. Iran claims it did not infect or place any risk to the new nuclear reactor in Bushehr, which experts are suspecting was the ultimate target of the worm."

cancel ×

263 comments

I think Seimen's comment is funny (5, Interesting)

Anonymous Coward | more than 2 years ago | (#33704280)

"Siemens has advised its customers not to change the default passwords"
http://news.cnet.com/8301-1009_3-20011095-83.html
great....good security there

this is it (5, Interesting)

bhcompy (1877290) | more than 2 years ago | (#33704288)

The future of diplomacy.

strange conclusion. (0)

retchdog (1319261) | more than 2 years ago | (#33704290)

I think that the serious hacking groups could totally pwn the United States on "cybersecurity" if they bothered.

It pains me to say, that maybe we've forgotten the power of individuals and small groups being dedicated to causes which are directly connected to neither State initiatives, nor immediate profit.

Re:strange conclusion. (4, Insightful)

O('_')O_Bush (1162487) | more than 2 years ago | (#33704334)

Really? Because, as someone who has worked in gov't related cybersecurity, I can tell you that they try all the time.

There's no shortage of reasons for hackers to want access to data (classified or otherwise) really really badly.

You just need to get the hollywood fabricated ideas about teams of small teams of omnipotent superhacker "gods" out of your mind, because they don't exist.

Re:strange conclusion. (2, Insightful)

retchdog (1319261) | more than 2 years ago | (#33704390)

no, of course they aren't omnipotent gods, but on the other hand you don't need to be a god to cause serious damage to human beings. you just need to be intelligent; properly specialized; and oddly motivated. fortunately, the old "pick two of three" rule seems to apply here. :)

I do personally know some security professionals whom I suspect would have a pretty good shot at something like this, if they were both unethical and had a little bit of inside knowledge.

admittedly, most of what i know about US gov't cybersecurity is what i read on slashdot which tends to be negative. so i am biased there. still, it's a bit hasty to assign credit to a state. small groups of the right people could get a lot done. i mean, all you need is the information; this isn't the manhattan project.

Re:strange conclusion. (3, Informative)

cpghost (719344) | more than 2 years ago | (#33704430)

i mean, all you need is the information; this isn't the manhattan project.

Getting information was not so difficult, even from within the Manhattan Project [wikipedia.org] . If a government is hellbent on infiltrating secret projects of a rival government, they sure have enough resources at hand.

Re:strange conclusion. (1)

SuricouRaven (1897204) | more than 2 years ago | (#33705080)

Intelligent or lucky. If you have enough hackers trying long enough, even if they are all script kiddies, sooner or later you're going to get a McKinnon - someone of no special skill who, just by luck, finds exactly the right computers insecure at exactly the right time.

Such people are likely too inexperienced to be using suitably paranoid anti-tracking measures, so you can probably catch them. But it's a bit late by then.

Re:strange conclusion. (1)

taxman_10m (41083) | more than 2 years ago | (#33704456)

Who said anything about the government? If some other nation really wanted to mess things up in the USA they'd attack banking or something (which is something Russia apparently did to Estonia in 2007 according to wikipedia).

Re:strange conclusion. (4, Interesting)

IamTheRealMike (537420) | more than 2 years ago | (#33704614)

You just need to get the hollywood fabricated ideas about teams of small teams of omnipotent superhacker "gods" out of your mind, because they don't exist.

Really? How big do you think the team that created Stuxnet is then? Or do you really think that one guy found 4 new zero days, wrote a P2P control mechanism, a custom kernel mode rootkit, a bunch of PLC code in an obscure form of assembly language and a shim DLL to hide the PLC infection from the operator?

The Stuxnet team is the closest thing to the Hollywood stereotype of a small team of omnipotent superhacker gods the world has seen.

Re:strange conclusion. (4, Insightful)

gad_zuki! (70830) | more than 2 years ago | (#33704694)

The stuxnet team is most likely the product of a large intelligence department. That is to say a group effort from a nation state, not some independent hacking gods with nothing better to do.

The point is that expertise in scada, coming up with 4 zero days, getting 2 signed driver keys from JMicron and Realtek, and distributing the exploit without the internet to Iranian factories is not something a non-state can do.

Re:strange conclusion. (4, Funny)

Cylix (55374) | more than 2 years ago | (#33704904)

I do all of that while cooking my morning breakfast.

However, I am the most interesting man in the world....

Stay thirsty my friends.

Re:strange conclusion. (0)

Anonymous Coward | more than 2 years ago | (#33704710)

Or it is written by US gov.

Re:strange conclusion. (4, Insightful)

SashaMan (263632) | more than 2 years ago | (#33704776)

Uhh, you're missing the GP's point. It's HIGHLY doubtful a small group of scruffy super smart hackers a la Angeline Jolie and friends in "Hackers" created this virus. Given the complexity you point out (and by the way, you missed a very important point - stuxnet utilizes stolen encryption keys from TWO Tiawanese chip manufacturers), it's much more likely that a large, coordinated government or corporate organization that was able to assemble experts from many different fields was behind the attacks.

Re:strange conclusion. (5, Interesting)

IamTheRealMike (537420) | more than 2 years ago | (#33704824)

So we're arguing about the definition whether the team was "small" or "large" then :-) Given that Stuxnet is around half a megabyte in size, I'd guess the code itself was written by a team of around 5 people, probably with each person owning an area of functionality. Say another 5 for project infrastructure, eg, building testing environments, finding the zero days and doing whatever was required to steal the digital certs.

I'm sure there is a fairly large supporting cast for this "Myrtus/Guava" project, but I'd wager a crisp benjamin the bulk of the work was done by less than 10 people. Now whether this sort of effort is "small" or "large" is a matter of perspective - for a state sponsored military project it'd be very small, for a computer virus project it'd be pretty large.

By the way, if the authors of Stuxnet are reading this - nice work, but I seriously hope you know what the hell you are doing. Remotely sabotaging industrial facilities in a part of the world that's on a political knife edge can go wrong in so many ways I don't even want to think about it.

Re:strange conclusion. (5, Funny)

Anonymous Coward | more than 2 years ago | (#33705026)

By the way, if the authors of Stuxnet are reading this - nice work, but I seriously hope you know what the hell you are doing. Remotely sabotaging industrial facilities in a part of the world that's on a political knife edge can go wrong in so many ways I don't even want to think about it.

Thanks for the tip. We'll definitely keep that in mind.

Re:strange conclusion. (0)

Anonymous Coward | more than 2 years ago | (#33705068)

"30,000 industrial computers" is just aluminum chaff dumped into a radar beam's scanning arc. It's probably "Mission Accomplished" for Bushehr.

And cut out this This Side and That Side nonsense. The whole Mideast thing is so polluted the only way to solve it is to start from zero. Ignore all past transgressions. By everybody. But first you have to stop the settlements and that won't happen because Israeli politicians pander for votes. Just like all politicians. Everywhere.

Re:strange conclusion. (2, Informative)

Anonymous Coward | more than 2 years ago | (#33704908)

omnipotent superhacker gods the world has seen.

Ladder logic is NOT that hard. Most of the industrial companies I have worked with there is *MAYBE* 1 or 2 guys who write the whole system. The systems are pretty freeking easy to access. It is all standard control codes (otherwise no tools would work right).

These things are meant to hook together in rings of controllers that act as a unit no matter who you buy the controllers from. Many of the bigger companies such as Siemens even make it pretty easy to glue junk together with their software.

You seriously do not want to know... It is that bad. It is stuuuuuuuuuupid easy to program these things. An okayish programmer could come up with a worm in a couple of months (probably less).

The reason they are this way? You ask? Well it used to be pretty simple. They was no internet for them to get plugged into. No networks. It was all serial connections. There is no access/authentication control response from these things. You didnt want people to have access to these things. You just locked the door to the room they were in. However, over the years remote management became more common. However the access controls were never put into place.

There are millions of these fairly simple (at least compared to todays computers) controllers out there. How they work is *WELL* understood there are dozens upon dozens of websites out there that tell you exactly how to program your controller. Hell you can buy the SDKs from the major companies (they dont cost much).

The only speculation on is who wrote it. Not how easy it is. Those of us who write this sort of software know how easy it is. Then the access controls that are in place are not even very good. They are easy to brute force in under a couple of hours or so (the password space being very small, susceptible to man in the middle attacks for the longer ones, and replay attacks).

It really is as easy as putting the right bytes out on the serial line and poof the other box is reprogrammed. That is how many are programmed in the first place...

When I first started working with industrial controllers I was seriously scared. You should be too. It is that bad. It wouldnt take much. Right now the only thing is cost. As the things these sorts of things plug into cost quite a bit. The controllers are tad on the pricey side (anywhere from 200-1500 each). But the access controls on them are horrible. Making them dead easy to program.

Re:strange conclusion. (0)

Anonymous Coward | more than 2 years ago | (#33704622)

Make no mistake, they exist. You just can't find them and therefore believe that if you can't find them, they must not be. Typical of most people.

Re:strange conclusion. (4, Interesting)

einhverfr (238914) | more than 2 years ago | (#33704830)

There are some strange things that the state-sponsor theory of Stuxnet is at a loss to explain.

The first of these is the P2P update cycle of the worm. One important element of this is that to update the one has to re-seed the network with a new version. However anybody with appropriate skills can do this, so the worm could be easily retooled to strike back at the creator. The idea that a nation would be incompetent enough to allow such a weapon as this to be redirected back at their critical infrastructure doesn't sit well with me.

The second major problem has to do with the fact the virus tends to be digitally signed via stolen private keys of reputable companies from around the globe many of which have no presence in the Middle East. Theft of these private keys is suggestive of a long-term effort probably involving past viruses and trojans.

Also while Iran is a major hotspot of infections they aren't the only ones. Indonesia is a close second.

These things are easy to explain from perspective that assumes a criminal syndicate but hard to explain from the perspective of a theory of state sponsorship.

Stuxnet is groundbreaking in a large number of ways. It's also an interesting question as to whether the malfunctions in the SCADA systems expected under Stuxnet could be similar to those experienced by Deepwater Horizon before the tragic explosion. While it might not be stuxnet in that case, it raises important questions about possible consequences of such a virus. These consequences are significantly more severe for a state sponsor than for a criminal one.

Re:strange conclusion. (5, Interesting)

IamTheRealMike (537420) | more than 2 years ago | (#33705090)

Also while Iran is a major hotspot of infections they aren't the only ones. Indonesia is a close second.

These things are easy to explain from perspective that assumes a criminal syndicate but hard to explain from the perspective of a theory of state sponsorship.

Well. Let's ignore the problem of motive for now (there are far easier ways for criminals to turn a profit than this) - one has to wonder why Stuxnet is written as a traditional self-propagating virus.

Apparently it has some kind of self-kill logic which tries to ensure it doesn't spread after three "hops", which suggests whoever wrote it didn't want it to become a totally uncontrolled worldwide infection.

Presumably whoever wrote this knew they wouldn't be able to obtain actual physical access to the facility they wanted to damage, nor would they be able to insert an undercover agent, nor would they be able to compromise an existing employee. If you wanted to attack a high security facility and your intelligence agency wasn't able to penetrate it using more traditional techniques, creating a virus that spreads indiscriminately and hoping you get lucky seems like a pretty reasonable strategy.

The truth may be somewhere in the middle. The top candidates are the US and Israel based on "who dislikes Iran the most". Israeli intelligence has proven several times before they apparently don't care about being detected or involving other nations as collateral damage, see the recent UK passport forging that was a part of an assassination. A guy who used to be a director of anti-proliferation strategy for the US government has remarked that the style doesn't seem like a US operation given how much noise the approach would inevitably create, and the tremendous impact outside of the intended target.

Now obviously he is biased, but I'd tend to agree with him. It seems kind of unlikely the US would do something so dramatically non-covert. The way Stuxnet works practically guaranteed it would be eventually detected and subjected to intense scrutiny. The fact that there's so many clues and possible evidence trails lying around also suggests that whoever did it wasn't too concerned with being caught, eg, it's possible the stolen digital certs or the C&C servers will provide a trail that can be investigated.

So out of "countries that hate Iran" which of those is most likely to perform an operation that is very likely to be detected and very likely to piss off a large number of random other nations or organizations? If I had to pick an intelligence agency in the world that most resembled a criminal syndicate, the Mossad would be pretty high up the list. Speculation is fun isn't it.

Bushehr as target (1)

Jurily (900488) | more than 2 years ago | (#33704292)

I read somewhere that there are no Siemens systems in Bushehr, making that particular plant immune to this worm. Is that true?

Re:Bushehr as target (1)

trapnest (1608791) | more than 2 years ago | (#33704500)

Where could you possibly read something like that?

Re:Bushehr as target (4, Informative)

Zocalo (252965) | more than 2 years ago | (#33704748)

There was a screenshot [upi.com] posted that was purported to be the Bushehr plant's control systems shortly after the claims that it was the target of Stuxnet first appeared. SIMATIC WinCC is Siemens' SCADA front-end tool for Windows clients, so either this image is of another nuclear plant or Bushehr does indeed use Siemens software.

In any event, in the early analyses of Stuxnet, that the target was Bushehr was speculative based on:
  • The high number of infections in Iran
  • That the software was so complicated and targeted at very specific PLCs within a Siemens SCADA environment implying a particular installation was being targeted
  • That the second point above in turn implied that a nation state that had acquired inside knowledge about the target was behind the worm, although which one wasn't even speculated at
  • Bushehr was believed to have experienced some kind of technical issue within a suitable time frame

Assuming the screenshot and target of Stuxnet are both Bushehr, then I don't actually know which is worse; that someone would trust apparently pirated software to run a nuclear plant, or that someone would deliberately try to disrupt the operations of one...

Re:Bushehr as target (5, Interesting)

IamTheRealMike (537420) | more than 2 years ago | (#33704880)

Actually I prefer the theory that it went after the centrifuges at Natanz [geekheim.de] .

On July 17, 2009 WikiLeaks posted a cryptic notice:

Two weeks ago, a source associated with Iran’s nuclear program confidentially told WikiLeaks of a serious, recent, nuclear accident at Natanz. Natanz is the primary location of Iran’s nuclear enrichment program. WikiLeaks had reason to believe the source was credible however contact with this source was lost. WikiLeaks would not normally mention such an incident without additional confirmation, however according to Iranian media and the BBC, today the head of Iran’s Atomic Energy Organization, Gholam Reza Aghazadeh, has resigned under mysterious circumstances. According to these reports, the resignation was tendered around 20 days ago.

... and from the same article ...

A cross-check with the official Iran Students News Agency archives confirmed the resignation of the head of Iran’s Atomic Energy Organization.

According to official IAEA data, the number of actually operating centrifuges in Natanz shrank around the time of the accident Wikileaks wrote about was reduced substantially .

Re:Bushehr as target (4, Informative)

fava (513118) | more than 2 years ago | (#33704894)

There is an analysis of the screenshot at http://www.hackerfactor.com/blog/index.php?/archives/396-No-Nukes.html [hackerfactor.com]

The conclusion is that it is probably a screenshot of a wast water treatment plan, not a nuke facility.

Re:Bushehr as target (2, Interesting)

ColdWetDog (752185) | more than 2 years ago | (#33705170)

Interestingly, the photographer (or at least someone logging in under his name) states that the photo is real. Hard to tell. It's in English, but that isn't all that surprising given that the contractor is Russian and the Iranians don't necessarily speak Russian - English would be the usual 'common' language. It does seem to be a water treatment process, but nuclear reactors located in the middle of nowhere might include such functions.

The fun part about the picture is the popup "Your software license has expired". A commenter on the blog noted that use of non licensed software was common before the system was completed and turned over to the customer. Maybe we should alert the Iranian version of the Business Software Alliance [bsa.org] and arrange for an 'inspection'.

I don't even see how (0)

Anonymous Coward | more than 2 years ago | (#33704294)

How do those trojans spread? Isn't virtually every Windows client box behind a firewall these days? Or are mostly Windows Server OS affected?

Re:I don't even see how (1)

Dan667 (564390) | more than 2 years ago | (#33704418)

usb thumb drives.

Re:I don't even see how (1, Funny)

Anonymous Coward | more than 2 years ago | (#33704542)

Nah. In Iran it'd be USB thumbscrew drives

Re:I don't even see how (2, Funny)

ColdWetDog (752185) | more than 2 years ago | (#33704692)

usb thumb drives.

More like middle finger drives.

Re:I don't even see how (2, Interesting)

confused one (671304) | more than 2 years ago | (#33704728)

a nuke plant in the U.S. was infected a while back... The contractor bypassed the firewall and hooked the system to their computers via a network connection while they were debugging the software. This inadvertently created a connection between the internal protected systems at the nuclear plant and the wide-open, wild and wooly internet. Fortunately, the plant was shut down for maintenance and no critical systems were infected.

Yawn (0)

Anonymous Coward | more than 2 years ago | (#33704298)

Old news, all info listed here has been known for weeks.

Not so bad of a result (4, Interesting)

DoofusOfDeath (636671) | more than 2 years ago | (#33704314)

If Iran really is trying to develop a nuclear weapons ability, then they're heading for a nasty conflict one way or another.

If conflict is inevitable, then it's probably far better for their computers to catch a nasty flu, than for people do due in a U.S./Israeli airstrike.

Re:Not so bad of a result (0, Redundant)

DoofusOfDeath (636671) | more than 2 years ago | (#33704342)

than for people do due

I meant "than for people to die..."

Muscle-memory is a bitch.

Re:Not so bad of a result (0)

Anonymous Coward | more than 2 years ago | (#33704360)

it's probably far better for their computers to catch a nasty flu and launch a nuclear attack, than for people do due in a U.S./Israeli airstrike.

FTFY

oh... shit!

Re:Not so bad of a result (5, Insightful)

Dan667 (564390) | more than 2 years ago | (#33704410)

intersting it is totally ok for israel to have nukes. When is israel going to have weapon inspectors and give them up? If there really was interest in getting this stopped that would be the first step.

Re:Not so bad of a result (5, Insightful)

Ironsides (739422) | more than 2 years ago | (#33704504)

When is israel going to have weapon inspectors and give them up?

When Israel signs the Nuclear Non-Proliferation Treaty.

Re:Not so bad of a result (1, Insightful)

Beelzebud (1361137) | more than 2 years ago | (#33704522)

I love the double standard! So, if that's the case, then people should STFU about Iran building anything, considering they haven't signed that treaty either...

Re:Not so bad of a result (5, Informative)

Ironsides (739422) | more than 2 years ago | (#33704584)

I love the double standard! So, if that's the case, then people should STFU about Iran building anything, considering they haven't signed that treaty either...

Iran signed 1 July 1968 [un.org] . What was that about a double standard and STFU?

Re:Not so bad of a result (4, Interesting)

Lemmy Caution (8378) | more than 2 years ago | (#33704658)

There was a little revolution between then and now: the CIA-created Shah regime signed that treaty. And, of course, parties are free to leave the NNPT whenever they like: that's how treaties work.

Iran is one of the best examples of "blowback" out there.

Re:Not so bad of a result (0)

Ironsides (739422) | more than 2 years ago | (#33704716)

Interesting you don't mention how that government came to be [wikipedia.org] in the first place.

By the way, revolutions apparently have nothing to do with treaties signed. Otherwise Russia would not have to follow any the USSR signed. And, as you said, Iran can leave the NNPT any time it wants.

Re:Not so bad of a result (0)

Anonymous Coward | more than 2 years ago | (#33704612)

True, but it is generally prudent to stop crazed assholes* with the stated goals of wiping other states from the map from having any such weapons.

*Please note that this is not directed at the Iranian people - most of whom are probably your everyday normal person - but at the government that is in power there.

Re:Not so bad of a result (4, Insightful)

DoofusOfDeath (636671) | more than 2 years ago | (#33704718)

True, but it is generally prudent to stop crazed assholes* with the stated goals of wiping other states from the map from having any such weapons.

You mean the Israeli settlers in East Jerusalem and the West Bank?

Re:Not so bad of a result (2, Informative)

Xaositecte (897197) | more than 2 years ago | (#33705036)

If Israel really wanted to wipe out the Palestinians, they could do it without Nukes.

Surrounding Islamic countries however, have repeatedly attempted to wipe out Israel without nukes, and failed. Historical record implies if they had access to nukes, they'd use them.

Re:Not so bad of a result (1)

DoofusOfDeath (636671) | more than 2 years ago | (#33705058)

If Israel really wanted to wipe out the Palestinians, they could do it without Nukes.

Perhaps, but rounding them up into a massive concentration camp because they wanted some lebensraum isn't so swell, either.

Re:Not so bad of a result (2, Informative)

Anonymous Coward | more than 2 years ago | (#33704814)

What about crazed Israeli leaders?

Martin van Creveld is a Israeli historian and researcher -

In a September 2003 interview in Elsevier (Dutch weekly) on Israel and the dangers it faces from Iran, the Palestinians and world opinion van Creveld stated:

We possess several hundred atomic warheads and rockets and can launch them at targets in all directions, perhaps even at Rome. Most European capitals are targets for our air force.... We have the capability to take the world down with us. And I can assure you that that will happen before Israel goes under.[4]

(emphasis added)

http://en.wikipedia.org/wiki/Martin_van_Creveld#Views_on_current_affairs [wikipedia.org]

Assuming he is correct, and I have no reason to doubt him given his credentials, does this sound like the position of a rational, cooperative, civilized nation-state?

Re:Not so bad of a result (1, Informative)

GeekLove (1604967) | more than 2 years ago | (#33704638)

I love the double standard! So, if that's the case, then people should STFU about Iran building anything, considering they haven't signed that treaty either...

Are you really that flipping naive? Israel is using nukes as a deterrent, defensive weapon, which has so far worked. Iran has stated that they want to "wipe Israel off the face of the earth," http://www.guardian.co.uk/world/2005/oct/27/israel.iran [guardian.co.uk] and would probably use nukes as an offensive weapon, at least that is my interpretation of "burn in the fire of Islamic fury." So GFY before you tell people to STFU!

Re:Not so bad of a result (5, Informative)

Anonymous Coward | more than 2 years ago | (#33704740)

Actually, Ahmadinejad never said that. The quote is a mistranslation and has mendaciously used as propaganda by Zionists and useful idiots as proof of Iran's alleged destructive intentions.

If you bothered to read the entire page you linked to, the Guardian published a retraction: http://www.guardian.co.uk/theguardian/2009/apr/23/corrections-clarifications [guardian.co.uk]

Re:Not so bad of a result (0)

Anonymous Coward | more than 2 years ago | (#33704864)

Interesting that I was moderated down, despite the fact that my comment is 100% accurate.

Would the moderator who did this have the courage to explain themselves and explain why they modded up the parent comment that posted a false claim based on a faulty translation?

Is there some reason why you see the need to suppress the truth and then try to promote a lie above it?

Re:Not so bad of a result (1)

Xaositecte (897197) | more than 2 years ago | (#33705064)

"the regime occupying Jerusalem must vanish from the page of time"

is still a pretty inflammatory quote.

Re:Not so bad of a result (0)

Anonymous Coward | more than 2 years ago | (#33705138)

huh what?
is your argument actually, "the regime occupying Jerusalem must vanish from the page of time" is somehow not a verbose way of saying " we must destroy Israel."
  ???

Re:Not so bad of a result (1, Interesting)

Beelzebud (1361137) | more than 2 years ago | (#33704752)

Way to use a mistranslation to prove your point...

Re:Not so bad of a result (1, Insightful)

ultranova (717540) | more than 2 years ago | (#33704858)

Iran has stated that they want to "wipe Israel off the face of the earth"

And considering Israel's history of attacking and occupying its neighbours and shooting rockets at residential buildings, suppressing all criticism with accusations of antisemitism, and likely being the initiators of this virus, who can blame Iran?

I wouldn't want Israel to be next door to me either; would you?

Re:Not so bad of a result (4, Insightful)

Xaositecte (897197) | more than 2 years ago | (#33705104)

How often have surrounding Arab states invaded Israel?

How often has Israel invaded surrounding Arab states?

Historical records do not agree with your statements.

Re:Not so bad of a result (2, Insightful)

SuricouRaven (1897204) | more than 2 years ago | (#33705140)

That's shooting rockets *back* as residential buildings. Hamas started on that one - they thought that if they launched their own rockets from residential or public buildings, Israel would be too afraid of the bad PR to risk counterattacking the launch sites. It partially worked.

Israel is not a good neighbour - but their actions are not unprovoked. They have to live with a seemingly endless stream of rockets being fired into their own residential areas over the border, frequent attempts at suicide or car-bomb attacks, and neighbours who routinely say that all jews should be exterminated. Given the circumstances, you can't really blame them for reacting so strongly.

Re:Not so bad of a result (4, Insightful)

phantomfive (622387) | more than 2 years ago | (#33704918)

It's not a double standard, it's a self-centered standard. I am opposed to countries like Iran, who have special holidays for hating my country, getting nuclear weapons. I don't want people who have declared themselves enemies of my country to have nuclear weapons. Unfair? Yes. Do I care, not really. Sometimes there are more important things than fairness (and real fairness in life is impossible anyway).

Re:Not so bad of a result (0)

Anonymous Coward | more than 2 years ago | (#33705050)

"It's not a double standard, it's a self-centered standard."

There is no difference.

"Unfair? Yes. Do I care, not really. Sometimes there are more important things than fairness (and real fairness in life is impossible anyway)."

Ironic, really, this is ironic.

Re:Not so bad of a result (1)

DoofusOfDeath (636671) | more than 2 years ago | (#33704572)

intersting it is totally ok for israel to have nukes.

If you think I was implying that it's okay for Israel to stop Iran's nuke problem, that wasn't my point at all.

My point was much more generic and simple: all things being equal, I'd rather computers get viruses than that people die in an airstrike.

Re:Not so bad of a result (0)

Thing 1 (178996) | more than 2 years ago | (#33704742)

Please take some time to think about the colloquialisms that you use. "All thing" are never "equal". The root of this phrase comes from the debugging process, "I'll change just this one variable and see what the results are" -- in other words, changing one variable and leaving everything else the same. "All other things being equal" is the correct phrase. And regardless of how many people start using the phrase "all things being equal" we'll never come to see all thing actually being equal (at least, not until the heat death of the universe).

Email titled "Death To America!" (4, Funny)

erroneus (253617) | more than 2 years ago | (#33704356)

Yeah, that'll teach'm to open up emails and PDFs titled "Death To America!" while running an OS and applications software written and controlled by a U.S. company.

Re:Email titled "Death To America!" (3, Funny)

Anonymous Coward | more than 2 years ago | (#33704412)

... on Intel processors designed in Israel.

Re:Email titled "Death To America!" (0)

Anonymous Coward | more than 2 years ago | (#33704436)

i lol'd

Re:Email titled "Death To America!" (0)

Anonymous Coward | more than 2 years ago | (#33704498)

Yeah, that'll teach'm to open up emails and PDFs titled "Death To America!" while running an OS and applications software written and controlled by a U.S. company.

Siemens, American company?

Re:Email titled "Death To America!" (2, Informative)

lennier1 (264730) | more than 2 years ago | (#33704514)

Just for the record:
Siemens = German

Re:Email titled "Death To America!" (1)

ColdWetDog (752185) | more than 2 years ago | (#33704670)

Actually Siemens is a pretty globally dispersed corporation, although you are correct in that it's based out of Germany. So they're dancing to many drummers.

Re:Email titled "Death To America!" (2, Funny)

SuricouRaven (1897204) | more than 2 years ago | (#33705146)

German, American... regardless, I imagine the chips are made in China.

Re:Email titled "Death To America!" (4, Insightful)

Grishnakh (216268) | more than 2 years ago | (#33704548)

Yep, this is the part that's so funny to me. Iran is so anti-America, Ahmadinejad is spouting conspiracy theories at the UN saying the US orchestrated 9/11, but then they're trusting Microsoft Windows (an American product known for security problems) to run their industrial computers? How stupid can you get?

The Chinese are the complete opposite of these buffoons. They know that relying on another country's secret, proprietary software is foolhardy, so they've adopted Linux for governmental uses and have even developed their own Linux distro, Red Flag. Maybe it can't run all the latest applications or whatever, but trusting a product made by your enemy to run your country's infrastructure is just dumb.

Re:Email titled "Death To America!" (0)

Anonymous Coward | more than 2 years ago | (#33704640)

Yep, this is the part that's so funny to me. Iran is so anti-America, Ahmadinejad is spouting conspiracy theories at the UN saying the US orchestrated 9/11, but then they're trusting Microsoft Windows (an American product known for security problems) to run their industrial computers? How stupid can you get?

Well, look at the alternative. Using Linux would be ideologically worse.

Re:Email titled "Death To America!" (0)

Anonymous Coward | more than 2 years ago | (#33704900)

Why would using Linux be worse? IIRC, it was people from IUST who engineered a good part of the SMP part of the Linux kernel in the mid to late 90s.

Microsoft seems to be trying to distance themselves from being American only, which is probably why they handed the source code of Windows to the Russian Federation, and the Chinese PLA.

Re:Email titled "Death To America!" (1)

SuricouRaven (1897204) | more than 2 years ago | (#33705166)

If there ever were open war - and I mean real open war, not just border skirmishes - then the US government could just ask Microsoft for a little help. It would be trivial for them to direct all Windows Update requests from Iranian IP ranges to a 'poison pill' patch that caused the computers to lock up and start flooding their LAN segments with broadcast ping requests.

Leaps of logic (5, Insightful)

Anonymous Coward | more than 2 years ago | (#33704402)

I have a hard time taking it seriously that a "Nation State" is the most likely source of the infection and I have an even harder time that it is the Untited States behind it. Siemens is a huge (German) manufaturer of control systems, their equipment is installed throughout the industrialized world. The Bushehr reactor is being built with help from Russia but I am sure there are engineers from many different countries involved (notably absent would be Israel and the U.S.). These engineers should include people responsible for the security of both the Windows and the Siemens systems.

I would argue that these engineers are the likely source of the information used to create the 'worm'. They have to be. Nobody else should have the information available to them to program the specific scenero to meet all of the inputs required to cause the mayhem the worm is intended to cause.

Perhaps over a couple of beers they decided they didn't like some of the things they were seeing? Maybe they wrote the worm or maybe they just provided the information to the people that did. But either way, it reeks of being an inside job.

Re:Leaps of logic (4, Insightful)

IamTheRealMike (537420) | more than 2 years ago | (#33704582)

The skills "reprogram industrial PLCs" and "find four new zero days in Windows" don't overlap a whole lot. Given what this virus does, it's very hard to believe it's the work of one or two guys. The whole thing smells strongly of a highly skilled and well financed team assembled for a specific reason. After all, it apparently is searching for a specific device or type of device and then tries to sabotage it - presumably this code was thoroughly tested, which means whoever wrote it is likely to have a small recreation of parts of the target factory somewhere. Not cheap or easy to set up.

Re:Leaps of logic (4, Interesting)

gad_zuki! (70830) | more than 2 years ago | (#33704668)

Bored engineers came up with 4 zero-day exploits and two stolen keys to sign Realtek and Jmicron drivers? Whoever did this had some serious black-hat resources at his disposal. Most likely a nation state as an individual or group would be able to sell these exploits for a tidy sum.

Its also important to realize that revealing these exploits and compromised keys to the public is a huge opportunity cost. Someone decided that attacking Iran was worth it. That seems like a decision a government would make.

Quoth the CIA (4, Funny)

CarpetShark (865376) | more than 2 years ago | (#33704450)

although the US official claims they do not know the origin of the virus

"Hey, we just want them fucked up. We don't give a shit about the details."

Must be reading that line wrong (4, Insightful)

devphaeton (695736) | more than 2 years ago | (#33704460)

"Talking heads are speculating that the worm is too complex for an individual or group, causing blame to be placed on Israel or even the United States "

How does "too complex for an individual or group" equate to "must be Israel or the United States"? I hope I'm reading this wrong.

Otherwise I might have to troll about "German companies blaming the US and the Jews for everything" or something.

Re:Must be reading that line wrong (1)

mr100percent (57156) | more than 2 years ago | (#33704920)

People hack Windows for Fun or Profit. Script kiddies don't hack to cause Sabotage, and they don't hack expensive industrial control systems. I'm pretty sure whoever was this sophisticated didn't just get an equipment manual and write a virus for an embedded processor, they most likely got their hands on one to dissect and test a virus on, which some hacker kiddie can't do. It seems very likely someone bankrolled this with lots of money and resources. China is out since they are supporting Iran, and Russia is profiting from Iran as well. With the usual suspects out, it's time to look at Iran's enemies for this.

Re:Must be reading that line wrong (0, Insightful)

Anonymous Coward | more than 2 years ago | (#33705156)

i had a shave this morning with occam's razor. and it told me the fucking jews did it.

Interesting (highly speculative) link to Israel (4, Interesting)

IamTheRealMike (537420) | more than 2 years ago | (#33704462)

from here [digitalbond.com]

I’m surprised at how often project names for secret projects have some relation on the project. This is really for you conspiracy theorists, but read the Book of Esther in the bible where Esther informs the King of a plot against the Jews. The King then allows the Jews to defend themselves, kill their enemies, Esther’s was born as Hadassah which means Myrtle. According to Symantec, “While we don’t know who the attackers are yet, they did leave a clue. The project string b:\myrtus\src\objfre_w2k_x86\i386\guava.pdb appears in one of their drivers.” Myrtus is Myrtle. Yes this is a stretch, and of course even if this naming meant something it could be a feint to draw suspicion away from the actual attacker.

Re:Interesting (highly speculative) link to Israel (4, Interesting)

Kozz (7764) | more than 2 years ago | (#33704502)

from here [digitalbond.com]

I’m surprised at how often project names for secret projects have some relation on the project. This is really for you conspiracy theorists, but read the Book of Esther in the bible where Esther informs the King of a plot against the Jews. The King then allows the Jews to defend themselves, kill their enemies, Esther’s was born as Hadassah which means Myrtle. According to Symantec, “While we don’t know who the attackers are yet, they did leave a clue. The project string b:\myrtus\src\objfre_w2k_x86\i386\guava.pdb appears in one of their drivers.” Myrtus is Myrtle. Yes this is a stretch, and of course even if this naming meant something it could be a feint to draw suspicion away from the actual attacker.

Or, from the Guava wikipedia page [wikipedia.org] , the fruit is part of the Myrtle family. Furthermore, From http://en.wikipedia.org/wiki/Myrtus#Uses_in_myth_and_ritual [wikipedia.org] ,

In Jewish liturgy, it is one of the four sacred plants of Sukkot, the Feast of Tabernacles representing the different types of personality making up the community - the myrtle having fragrance but not pleasant taste, represents those who have good deeds to their credit despite not having knowledge from Torah study. Three branches are held by the worshippers along with a citron, a palm leaf, and two willow branches. In Jewish mysticism, the myrtle represents the phallic, masculine force at work in the universe.

Re:Interesting (highly speculative) link to Israel (1)

Thing 1 (178996) | more than 2 years ago | (#33704784)

Interesting. "b:" is generally a floppy drive as well (although can be remapped, if one is running low on drive letters).

Re:Interesting (highly speculative) link to Israel (1)

taxman_10m (41083) | more than 2 years ago | (#33704866)

Do new computers sold in Israel still generally come with a floppy drive? Here in the USA it's been a while since I saw a newish computer that still had a floppy drive.

Re:Interesting (highly speculative) link to Israel (1)

PHPfanboy (841183) | more than 2 years ago | (#33705070)

Nope.

Re:Interesting (highly speculative) link to Israel (0)

Anonymous Coward | more than 2 years ago | (#33704886)

You can use it for network shares. That's far more likely to be the case here.

Re:Interesting (highly speculative) link to Israel (0)

Anonymous Coward | more than 2 years ago | (#33704984)

IMHO that would implicate American-born "non denominational" evangelical Christians as much as Israelis. They want war in the mid east, and they read the bible.

If groups of hackers in Iran and China (1)

compucomp2 (1776668) | more than 2 years ago | (#33704486)

are government sponsored "cyber armies," and constitute some sort of nefarious plot to bring down the United States (or Israel), then what is this?

But hey, these guys are on your team, so it's cool and it's all good, when the guys on the other team are evil demons who threaten your existence.

Re:If groups of hackers in Iran and China (1, Insightful)

Anonymous Coward | more than 2 years ago | (#33704592)

"then what is this?"

Iran being stupid and buying the bulk of their equipment from a short list of companies corrupt and unethical enough to sell their wares to that country. Then that equipment gets targetted because of their asinine behavior.

Certainly not what you want others to believe. There is no clear evidence, unlike attacks from North Korea and China.

Obviously, lack of information allows absolute speculation to run rampant for some people. It shows your fears, loathing, and hate.

It's not as if systems in the US and elsewhere are immune. Iran simply has limited choice in their equipment supply, so they are getting hammered more by a virus written for and targetting those systems. Other similar systems are being hit elsewhere. Iran just is getting a bulk of it because they don't use much else. The computer equivalent of a monocrop..

Re:If groups of hackers in Iran and China (1)

compucomp2 (1776668) | more than 2 years ago | (#33705144)

"Corrupt and unethical"? "Asinine behavior"? Do I really need to recite the skeletons the Americans have accumulated in their closet over the last 60 years?

"No clear evidence?" You mean, random American security researchers proclaiming almost blindly that the attacks originated from the government? How is that more credible than Iranian security researchers proclaiming that this is a Zionist/American plot?

Your post, and the fact that it is modded insightful, shows American/Western hypocrisy at its core. It's like two sports teams going at each other. Your team is always right, moral, and justified, and the other team is always wrong and nefarious. However it seems like Americans will never realize this and will always be hypocritical and sanctimonious.

"Bushehr" named in reference to the Bush era? (0)

G3ckoG33k (647276) | more than 2 years ago | (#33704496)

"new nuclear reactor in Bushehr" named in reference to the Bush era?

While Bush Sr had it, Bush Jr was the worst president for a century.

Re:"Bushehr" named in reference to the Bush era? (2, Informative)

Cyberax (705495) | more than 2 years ago | (#33704570)

I think it's a stretch to make an assertion that Bush has traveled 1500 years back in time: http://en.wikipedia.org/wiki/Bushehr [wikipedia.org]

Obligatory Beavis and Butthead (0)

Anonymous Coward | more than 2 years ago | (#33704528)

"Siemens"
"Bushehr"
Hehehehehahahehehehe

And if this were the US? (0)

Anonymous Coward | more than 2 years ago | (#33704534)

Flip the target.

What would we be seeing in the headlines? "Cyber Terrorists attempt to take down US power grid with VIRUS."

Of course that would never happen here. We don't connect our power grid to the same networks that regular Internet traffic travels. We never have security breaches or virus infections at classified facilities. I'm so glad the US is 100% safe from this type of scenario now, and will be forever.

/gingerly rolls eyes....

Re:And if this were the US? (1)

dloose (900754) | more than 2 years ago | (#33704850)

ugh, I hate gingers

Servers you right (1)

devent (1627873) | more than 2 years ago | (#33704546)

From Slashdot: The attackers behind the recent Stuxnet worm attack used four different zero-day security vulnerabilities to burrow into — and spread around — Microsoft's Windows operating system, according to a startling disclosure from Microsoft. Two of the four vulnerabilities are still unpatched.

Servers you right using Windows for anything critical. Are they waiting one month for a fix as the rest of the Windows users?

and why would that be a problem, exactly? (1, Flamebait)

CAIMLAS (41445) | more than 2 years ago | (#33704650)

So assume the US or Israel were at direct fault for this, ignoring the fallacy of "no single group" for a moment.

Why is that a problem, exactly?

We've got many, many quotes from the Iranian leaders (many of them) which are along the lines of:

* death to Israel
* we will hit Israel with a nuke
* we wish to see Israel as bright as the sun
* we can hit Europe with our ballistic missiles!
* America is our Enemy

This, all in light of their nuclear program having no explicable goal at this point aside from nuclear weaponry. A year or two ago, you could excuse it as being for 'peaceful means' but not any longer.

If someone says "I'm going to come over and beat the shit out of you sometime this week while you sleep" you act proactively, one way or another.

I would much rather the approach of calling the police and getting them put on house arrest than the approach of boarding up the guy's house and burning it down.

If people do conclude this was a US/Israel attack, they should take it as an indication to everyone watching that the US and Israel are not bloodthirsty. This is about as non-aggressive as you can get in terms of a physical attack, and the thought and planning involved is significantly more than simply launching an airstrike or missiles.

Re:and why would that be a problem, exactly? (1, Insightful)

Anonymous Coward | more than 2 years ago | (#33704686)

We've got many, many quotes from the Iranian leaders (many of them) which are along the lines of:

Citation please, along with the actual non-paraphrased quotes.

If people do conclude this was a US/Israel attack, they should take it as an indication to everyone watching that the US and Israel are not bloodthirsty.

Right. That works so long as you are willing to ignore all the examples of war crimes and atrocities committed by both of them.

Re:and why would that be a problem, exactly? (1, Insightful)

Anonymous Coward | more than 2 years ago | (#33704930)

There is a tendency. Certain countries committing atrocities end up labeled bloodthirsty, fanatic, aggressor, evil. Another specific set of countries committing atrocities end up being excused like: "they did it for the greater good", "justified self-defense", "reducing further damage", "preventing world war III", "protecting democracy".

Re:and why would that be a problem, exactly? (3, Interesting)

joe_frisch (1366229) | more than 2 years ago | (#33704902)

The problem is that as far as I know, international law doesn't know how to deal with national cyber-attacks. Are they the equivalent of a physical attack? If they do large scale financial damage (loss of services)? If they do large scale physical damage (destroy a factory of power plant), if they kill a few people (factory accident), kill a lot of people (chemical plant explodes)?

If a cyber-attack on financial institutions costs billions of dollars is that an act of war?

If a cyber-attack from country A caused a Bophal like disaster in country B, is country B justified in launching a physical attack on population centers of country A?

Words are one thing - attacks (physical or cyber) that cause damager are another.

Re:and why would that be a problem, exactly? (3, Interesting)

mr100percent (57156) | more than 2 years ago | (#33704964)

No you don't. Show me a quote from an Iranian leader currently in power who said "We will hit Israel with a nuke." US Republicans and Israeli Likudniks have said to nuke Iran, but do you have a statement showing the reverse?

Iranians do see Israel and the US as enemies, since the US overthrew the democractic government of Iran in the 1950s, and tried to do it again after 1979. The amount of warmongering from Bush and Rumsfeld in both statements and actions (bombing Iranian embassy in an airstrike) only put them further on edge.

Your claim that their nuclear program can ONLY be for weapons and not energy is a silly claim, and you make it without proof. The IAEA and academics disagree with you.

you F4il It (-1, Troll)

Anonymous Coward | more than 2 years ago | (#33705044)

won't vote in NatioNal gay niiger to avoid so as to you got there. Or

Oooops ... (0)

Anonymous Coward | more than 2 years ago | (#33705052)

it has caused irreparable damage to the pumps that used to pump oil onto tankers for export to the US.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...