Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Stuxnet's Earliest Known Version Discovered and Analyzed

Unknown Lamer posted about a year and a half ago | from the no-u235-for-you dept.

Security 77

An anonymous reader writes "Symantec researchers have discovered an older version of the infamous Stuxnet worm that caused the disruption at Iran's nuclear facility in Natanz: Stuxnet 0.5. According to a whitepaper released by the researchers at RSA Conference 2013, Stuxnet 0.5 has first been detected in the wild in 2007 when someone submitted it to the VirusTotal malware scanning service, but has been in development as early as November 2005. Unlike Stuxnet versions 1.x that disrupted the functioning of the uranium enrichment plant by making centrifuges spin too fast or too slow, this one was meant to do so by closing valves."

cancel ×

77 comments

Sorry! There are no comments related to the filter you selected.

LOL (-1)

Anonymous Coward | about a year and a half ago | (#43025357)

I want to bust my nut in your dad's butt.

Oh and fuck Dice.com.

Re:LOL (-1)

Anonymous Coward | about a year and a half ago | (#43025505)

Hey bro, you can have dad's ass after I'm done.

2005? (2, Funny)

Anonymous Coward | about a year and a half ago | (#43025475)

It took that long to get this damn this to do what it was supposed to do? What was it originally called, Windows Longhorn Stuxnet Edition?

Re:2005? (2, Funny)

Anonymous Coward | about a year and a half ago | (#43025559)

It was a government IT project. Of course it took years. Probably cost 100 times the original estimate too.

Re:2005? (1)

Anonymous Coward | about a year and a half ago | (#43025645)

Yep, if only they hadn't hired private sector contractors to please those that complain about government inefficiency, maybe it would have gotten done in a reasonable time under a reasonable budget.

Re:2005? (0)

Anonymous Coward | about a year and a half ago | (#43025717)

Oh shut up. The only reason they ever completed the project is those private contractors. If it wasn't for them it would have been a typical government money sink that produces no discernable deliverable.

Re:2005? (1)

Desler (1608317) | about a year and a half ago | (#43025783)

Says someone who has never worked in the government or for a contractor (I've done both for more than a decade). If you think private-sector contractors are either more efficient or more competent you couldn't be more wrong.

Re:2005? (2)

fazey (2806709) | about a year and a half ago | (#43025929)

So, what? You worked for one private contractor and now they are all shit? I think you miss the point of private contractors. You get what you pay for _as long as you do the research_. Otherwise you may get the jackass using wordpress who will accept your 100k contract.

Most of my dealings with the government on the state level, is that they have their heads wedged up their ass, and none of their employees are happy doing what they do... so they are all jaded and drag their ass.

Re:2005? (0)

Anonymous Coward | about a year and a half ago | (#43026035)

anyone who adopts the position that all government is inept and corrupt is only trying to obtain the power for private corporations to control your life and bleed you dry. At least government is by the people, for the people and are not trying to turn you into slaves to capitalize

Re:2005? (1)

Runaway1956 (1322357) | about a year and a half ago | (#43026395)

If that be so, then what was the purpose of the great "War On Drugs"?

Re:2005? (0)

Anonymous Coward | about a year and a half ago | (#43027659)

If that be so, then what was the purpose of the great "War On Drugs"?

To incarcerate every African-American of course. A gentile society cannot allow coloured folk to be running around free.

Re:2005? (0)

Anonymous Coward | about a year and a half ago | (#43029031)

Get rid of competition for alcohol and tobacco companies?

Re:2005? (1)

n3tm0nk (2725243) | about a year and a half ago | (#43026623)

Anyone who thinks that the govt has the interests of each and every individual in mind is living in a small fragile bubble of reality. Corps and govt are both corrupt. Both are human created institutions and thereby corrupt by default. Don't like it, get off the planet.......

Re:2005? (0)

Anonymous Coward | about a year and a half ago | (#43027255)

Oh I know. It's so much better when the government has control and bleeds you dry - lol.

Speaking of by the people for the people, how's that been working out for us lately?

Re:2005? (0)

Anonymous Coward | about a year and a half ago | (#43027593)

sooo, they aren't trying to work the system from within? Ya, that's the ticket. Or maybe it's just a side effect from the kool-aide you've swallowed.

Re:2005? (1)

tqk (413719) | about a year and a half ago | (#43037815)

anyone who adopts the position that all government is inept and corrupt is only trying to obtain the power for private corporations to control your life and bleed you dry.

Oh, please. At the higher levels, you're damned right they are inept and corrupt. The line employees, not so much. I've had jobs with gov't and contracted to them. The managers are between a rock and a hard place (fixing stuff is mind boggling BS), but the people I rubbed shoulders with day to day knew what they were doing and cared. Some are still my best friends.

BTW, I do call myself a libertarian/Objectivist, and I'm no fan of corporates nor regulatory capture.

Re:2005? (3, Insightful)

Anonymous Coward | about a year and a half ago | (#43026093)

The only reason the private contractors were needed is because the private contractors lobbied for "small government" that got the govt IT employees laid off. (Nevermind that in-house govt IT ops always did their job at a reasonable cost, where over budget years late is considered a good turnout for a private contract job.)

Ever wonder how every self-described libertarian here seems to be a private contractor?

Re:2005? (2)

OakDragon (885217) | about a year and a half ago | (#43026515)

Wow, this derailed in a different direction than I expected. Should I skip down a few topics to get to the Jew bashing?

Re:2005? (0)

Anonymous Coward | about a year and a half ago | (#43028075)

It was a government IT project. Of course it took years. Probably cost 100 times the original estimate too.

All that means is the private corporation behind the contractors overbilled, underdelivered, and were slow as hell too.
Not really a ringing endorsement the libertarian approach to "excellence" (by which I mean smoking crater of ruined bullshit).

State sponsored (4, Insightful)

schneidafunk (795759) | about a year and a half ago | (#43025529)

Is there any doubt that this is government sanctioned? Who has the knowledge (or will) to write a program to disrupt centrifuges. Also this tidbit from the article: "Both the Flamer and Tilded platform code bases are different enough to suggest different developers were involved."

Re:State sponsored (0, Informative)

Anonymous Coward | about a year and a half ago | (#43025579)

Who has the knowledge (or will) to write a program to disrupt centrifuges.

Anyone willing to search the Internet for the info? Are you really so naive to think that only governments or their agents have this info?

Re:State sponsored (0)

Anonymous Coward | about a year and a half ago | (#43025671)

To add to my post, I'm not saying this wasn't a state-sponsored job, but it's silly to think that this info can't be gotten by non-governmental agents or affiliated people.

Re:State sponsored (1)

schneidafunk (795759) | about a year and a half ago | (#43025693)

In that case, post a link with the inner workings of an Iranian nuclear plant and then point out a vulnerability that is software controlled.

Re:State sponsored (5, Insightful)

schneidafunk (795759) | about a year and a half ago | (#43025773)

From the white paper: "PLC device attack code
The code conducts an attack by closing valves in the six top rated cascades out of the possible 18 cascades. The states of two types of valves are modified:
Centrifuge valves – a set of three valves (feed, product, tails) that work in unison per centrifuge to control uranium hexafluoride (UF6) flow into each centrifugeStage valves – one per stage to control UF6 flow into each stage
Auxiliary valves – valves that control UF6 flow into or out of each stage (stage valve) or the cascade as a whole"

Keep in mind, this is working backwards by dissecting the virus. The programmers would have to know this information up front to create the virus. I do not see anyone but "governments or their agents" creating this virus. Another explanation is naive.

Re:State sponsored (1)

Desler (1608317) | about a year and a half ago | (#43025919)

Because breaching government systems and stealing sensitive and/or classified info has never been done by anyone before, right?

Re:State sponsored (1)

Anonymous Coward | about a year and a half ago | (#43026041)

Well, lets just think, what does anybody have to gain out of it?

Outside of a government, does anybody care enough? And if they do, do they have the needed knowledge? And if they have that, lets remember the thing had to enter through usb key, so they also had to have funds enough or be in the general area of the thing.

Lets be honest, the damn thing shows a huge amount of knowledge combined with accesability. And in the end, there probably isn't anybody that earns anything out of this except potentially the company selling the items. But given they likely want to continue doing business, its unlikely they sabotage their own items (at least not for their own profit).

You would need a very knowledgable hacker that can get near enough of the facility AND doesn't use his skills to earn money on it.

That last thing is very unlikely.

Re:State sponsored (2)

schneidafunk (795759) | about a year and a half ago | (#43026097)

In addition, there is evidence that multiple developers worked on it. From TFA: "Both the Flamer and Tilded platform code bases are different enough to suggest different developers were involved."

Re:State sponsored (0)

Anonymous Coward | about a year and a half ago | (#43027205)

I hate to invoke al-qaeda. They aren't a government agency, yet they were cared enough to plan and execute 9-11. There are plenty of people out there who could/would get a bug up their ass and decide to disable an Iranian nuclear facility. Think of the 4-chan bragging rights. If you were looking for a job in the NSA/CIA/US military industrial complex, what better resume entry could you have?

Let's look at other cases. Ross Perot sending a group of paramilitary douchenozzles to save some EMC hostage contractors back in the 80's. You think the owner of blackwater wouldn't want the same type of story attached to his name?

What about the guy who scraped together the funds to fly to Afghanistan and was wandering the area with a samurai sword to "hunt" Osama bin Laden?

Iran has a big target on their back (justifiable or not), there are plenty of private sector ideological whackjobs with the financing and motivation to facilitate an attack like this.

Re:State sponsored (1)

tqk (413719) | about a year and a half ago | (#43043071)

If you were looking for a job in the NSA/CIA/US military industrial complex, what better resume entry could you have?

Navy Seals. Army sniper. (Mossad|KGB|SAS|...) hitman. Foreign Legion. Personally, I don't consider Iran a terribly hard target.

Of course, you need to remember that that nitwit Mitnick is now considered a "systems security expert" by many. No, really! Nowadays, a genius IQ plus two bucks will get you a decent cup of coffee.

Re:State sponsored (1)

fazey (2806709) | about a year and a half ago | (#43025975)

Look at any of the defcon topic lists for the past 10 years. They have been preaching the insecurity of SCADA for years.

Re:State sponsored (2, Informative)

Anonymous Coward | about a year and a half ago | (#43026333)

I... am not 'wholly certain' that your assessment is accurate -- although I concur it appears to be the most probable.

While the equipment to refine Uranium is pretty ... restricted, and I've never programmed a centrifuge -- I have programmed SCADA.

As one of the relatively few actual programmers to do so -- there's still a pretty decent community.

It's relatively uncommon, but not impossible to find or recruit such skill. Frankly, exploiting pretty much any SCADA system is... absolutely trivial if you actually understand software and what they do -- instead of being just a glorified "configuration programmer" (and even some of those guys stumble onto things by mistake)

Like hacking webservers circa 1998 trivial, when early vhost compromises infected hundreds of pages at a time and attrition just... gave up on page mirroring.

The hard "part" is basically two things:
  - Only a person working on a specific system knows how to reliably exploit (although not crash quite often) it and related ones (e.g. a specific valve controller, model)
  - Alternately, people researching some system may discover a class of exploit specific a vendor and go looking for those.
  - And lots of these are on what amounts to a NAT'd off internet.

Given a known system as a target -- the hard part as an outsider is gaining access to the configuration, manuals, instructions -- the vendors don't like to just ship you "Here's the manual for controller 3805b, revision 1.34b" (and when you can get the manual, they are /often/ that good, with signing history, versions annotated, tables indicating what changed in what revision). They don't even like to ship to people that are legitimate most of the time. If you're a contractor of a customer they'll often outright refuse unless there was a prior agreement. If you're a customer, they'll try to use it to upsell consulting. But you can eventually get one with the right pens on the right letterhead. The SCADA vendors do absolutely horribly weird, bizarre things with their protocols, register layouts, and data -- but they do seem to track it well.

That stated -- with purchase of a piece of hardware (may cost $2,000 to hundreds of thousands or millions), or careful google searching -- you can often find... enough to talk to the device. To query some basic settings, or switch between classes of operation. Sort of like a printer, you know how to hit the button to change the paper trays, but you don't know how to reprogram the size in tray #4 and only let "bob" use it without a pin #.

Knowing the probable configuration is something any sort of decent process engineer could guess at with high accuracy. Obtaining the relevant manuals is something a relatively small (but still large within its community) is fairly likely to have.

I'd say you can very confidently conclude it was a long term (nevermind the observed duration) effort with a minimal team of at least three individuals, or one "forty years of experience" software-and-domain-specific expert that frankly has better things to do.

Nobody but a psychopath or a government has the incentive to do such a thing, but completely ruling an individual or group of individuals out is not reasonably guaranteed correct.

Most of the items you indicate need to be known up front are issues of configuration that could be authored in advance.

Re:State sponsored (1)

Frosty Piss (770223) | about a year and a half ago | (#43026451)

Keep in mind, this is working backwards by dissecting the virus. The programmers would have to know this information up front to create the virus. I do not see anyone but "governments or their agents" creating this virus. Another explanation is naive.

Has this really ever been in question?

Re:State sponsored (0)

Anonymous Coward | about a year and a half ago | (#43026561)

You obviously didn't bother to read the posts they were replying to.

Re:State sponsored (0)

Anonymous Coward | about a year and a half ago | (#43026843)

It's still in question.

Anyone who thinks only governments could want to slow Iran down is jumping to conclusions.
Anyone who thinks only foreigners could want to slow Iran down is jumping to conclusions.
Anyone who thinks only ordinary Iranians could want to slow Iran down is jumping to conclusions.
Anyone who thinks only Iranian officials could want to slow Iran down is jumping to conclusions.
Anyone who thinks only Iranian scientists, engineers, and technicians could want to slow Iran down is jumping to conclusions.
Anyone who thinks only suppliers could want to slow Iran down is jumping to conclusions.
Anyone who thinks only Iranian "allies" could want to slow Iran down is jumping to conclusions.
Anyone who thinks only dedicated hackers could want to slow Iran down is jumping to conclusions.
Anyone who thinks only enemies of Iran could want to slow Iran down is jumping to conclusions.

Fork away.

What we do know:
- Somewhat effective thus not likely to stop.
- Been going on for a long time thus whoever involved is and/or was dedicated and patient.
- Unlikely to be a single person although not impossible.
- Not all that impressive technically or programming-wise but neat and clever (it's "hack-ish" in the good sense of the word).
- Not all that structured or dogmatic or regimented.
- Filled with conflicting unnecessary clues that typical "educated idiots" are unable to resist pouncing on, be it your NYToilet paper or inflated blogger. I.e. the social hack within the code itself is completely ignored.

So yeah, It's still in question.

Re:State sponsored (1)

Frosty Piss (770223) | about a year and a half ago | (#43027791)

No, Anonymous Coward, it it not aquestion.

Also not a question is your lack of balls.

Re:State sponsored (1)

cavreader (1903280) | about a year and a half ago | (#43028039)

I have access to the resources needed to create and test such a virus and I am not a government agent nor working for one right at the moment. That doesn't mean I know how to develop such a program but I do have access to the tools and hardware needed in this particular case.The PLC/SCADA/HMI operations were not the sophisticated part of Stuxnet it was the delivery, installation, and spoofing the program employed to remain hidden and multiply under certain conditions once it was released into the ecosystem. Of course it was some government operation but automatically blaming the US or Israel without any conclusive evidence could just be another part of the deception used by the real culprits. The rest of the world, from countries to terrorist groups, always receive the benefit of the doubt when it comes to holding them accountable for their actions but the US is never afforded the same level of scepticism even when the evidence is missing or weak. The installation required physical access to a PC running and monitoring the processes within Iran's primary centrifuge operations center and I doubt they let anyone walk in off the street just to look around. Iran uses mainly Russian and Central European IT consulting firms when they go outside their own talent pool. Could one of these people have been a US or Israeli spy or did Russia or any of it's confederates do it and assume the blame would automatically put on the US or Israel? The virus installation also used 2 stolen security certificates physically stolen from 2 seperate companies in Japan that also happened to share the same office complex. With all the "experts" studying this virus there has been no definitive or conclusive evidence against anyone. Geo-politics mixed with conspiracy theories have replaced hard evidence and common sense in today's 140 character dissertations on the "truth".

Re:State sponsored (1)

Frosty Piss (770223) | about a year and a half ago | (#43028553)

I have access to the resources needed to create and test such a virus and I am not a government agent nor working for one right at the moment. That doesn't mean I know how to develop such a program but I do have access to the tools and hardware needed in this particular case.

Yes, but there has been a *LOT* that has been known about this virus from the initial analysis that pointed directly at a sophisticated government project. From the very nature of the attack in how it did what it did to the unique machines that it did these things, to the strong evidence from the beginning of a "team" development project, very few if any people "in the know" did not believe that there was strong evidence that it was a formal governmental project.

Re:State sponsored (1)

cavreader (1903280) | about a year and a half ago | (#43030025)

It was definitely built and deployed by a national intelligence organization. But the actual PLC changes were the easy part. An individual or non-governmental agency with basic control systems experience could have made changes to scramble to bypass the fault threshold without sending an alert to the HMI resulting in centrifuges operating abnormally. However, only a governmental agency could have deployed this virus. The stolen security certificates, utilization of at least 2 0-day Windows vulnerabilities, and the physical access to the Iranian facility which no civilian group could gain access. Inside intelligence was required during development and pre-deployment to determine what the Iranians were actually using and how they had their systems configured. Obtaining this information was the work of a foreign agent or an Iranian working at the facility that was compromised, most likely paid a lot of money. Combine the payload with the installation and distribution functionality and you have an operation that no single individual or loosely related hacker collective could pull off. The thing that bothers me is the US and Isreal are being accused of creating this virus without any supporting evidence. If the US or Isreal did do it I say more power to them. The Stuxnet virus is preferable to a cruise missile to destroy the centrifuges. If the "experts" want to accuse someone it would just be nice if they had evidence to back up their claims. It is actually insulting that other countries are being summarily dismissed because they lack the technical prowess to do something like this.

Re:State sponsored (0)

Anonymous Coward | about a year and a half ago | (#43032017)

If the US or Isreal did do it I say more power to them. The Stuxnet virus is preferable to a cruise missile to destroy the centrifuges.

Perhaps not attacking another country would be preferable to both?

If you're American, which I assume you are, these aggressions don't benefit you. They only benefit the criminals who run your country.

Re:State sponsored (1)

cavreader (1903280) | about a year and a half ago | (#43037383)

When Iran stops having their weekly "Death to America" rallies so their oh so honest and upfront government can demonize the people of an entire nation for all their problems, real and imagined, I might give a shit about aggressive acts aimed at that them. Iran is one of the most meddlesome countries in the world. Their acknowledged support for terrorist groups across the ME and 3rd party proxies in other places across the world invites aggression against them. Iran has a somewhat complicated government structure. The mullahs rule by fiat, the elected officials are nothing more than window dressing with no power on any important issues and their military which guarantees the mullahs rule as long as the powerful military leaders get what they what. The Revolutionary Guard is a cross between a multi-national corporation, intelligence agency, and well trained military forces. While the US and other western powers may sell military weapons to other countries the Iranians sell weapons to all those countries who do not buy weapons from the US. No matter what wrong the US or anyone else has supposedly inflicted on Iran it has ultimately always been the Iranians themselves who took the bribes and made promises of cooperation for favors and implemented the desired actions of foreign 3rd parties against the Iranian citizenry. Iran also stands as a shining example of how the morons masquerading as liberals and progressives can stage a revolution and then lose everything to the hardcore Islamist parties. The Brotherhood in Egypt must have been taking good notes at the time. While the forward thinking college students in 1979 were celebrating invading sovereign US territory and detaining US citizens at gunpoint the Islamists were actually organizing and killing anyone who got in their way and in the end that included the hostage takers as well. Now they can't actually admit the failure of their revolution so they need to pretend they really didn't get taken for suckers and everything worked out just as they planned it. A rigid theocracy enforced by killing anyone who complains.

Name one government not run by people who place gaining money and power at the top of their to do list and believe any actions to gain that power and money are only wrong when you happen to get caught. The pecking order among countries is determined by the amount of force they can bring to bear on others. When that power is equal to all parties of a conflict you can then try negotiations but that is not mutually exclusive to using hard force.

Re:State sponsored (0)

Anonymous Coward | about a year and a half ago | (#43028469)

The programmers would have to know this information up front to create the virus. I do not see anyone but "governments or their agents" creating this virus. Another explanation is naive.

No, not at all. There's no reason to rule out the possibility that someone infiltrated Iranian research computers and got the information. Also no reason to assume nobody infiltrated Siemans and got information on the centrifuges from them... they made the control systems so they too would have required access to such information. No reason to assume a person who has worked with such systems as a contractor was not involved, either directly or as a point of compromise.

The point I'm driving at is that while it would indeed be easier for a government agency to have such information, they are not the only ones who might have it. I'm constantly annoyed by the claims that the developers need some kind of "resources" which only a government can provide. That's the only naive thinking here- the only resources needed were time, know-how, and access to a computer system and the internet.

Do I think it was a government-backed project? Well ya, of course I do. It walks like a duck and quacks like a duck, so there's a good chance that's what it is. But I'm not going to rule out other parties, and the biggest question remains completely uncertain: Which government(s) were behind the project. There is rampant speculation that the US and/or Israel were behind it, and it does make sense, but there really is no solid proof of that. And there are plenty of players in Global Politics who would be more than happy to see Iran fucked with and see the US and Israel take the heat for it.

Clutching at straws, much? (0)

Anonymous Coward | about a year and a half ago | (#43030033)

You think because by far the likeliest culprit is Israel or the USA or both working together that it can't have been them because, you know... "Too obvious", and it must have been some other enemy of either or both trying to make them look bad?

Re:State sponsored (1)

CAIMLAS (41445) | about a year and a half ago | (#43032295)

Jihadist engineers working at Siemens, under the false presumption that Siemens power plants would only be employed in Western countries?

Re:State sponsored (0)

Anonymous Coward | about a year and a half ago | (#43025803)

The specs on that facility were not something you could just google.
That came from assets inside.

Re:State sponsored (1)

Desler (1608317) | about a year and a half ago | (#43025905)

And they didn't say they were. Who's to say that someone with sufficient skill couldn't break into the Iranian government's network and steal the info? There are plenty of examples of people breaking into governmental systems and stealing data.

Re:State sponsored (0)

Anonymous Coward | about a year and a half ago | (#43025605)

Of course it is, it's also brilliant.

Re:State sponsored (1, Interesting)

jandersen (462034) | about a year and a half ago | (#43025759)

Whoever it was, is a complete moron, I suspect. This kind of attack can - and will - be used against everybody else in turn. And if you can interfere with the functioning of valves and other HW, then you can also find a way to cause leakage of hazardous materials.

How about a major leak in a bio-warfare lab in the States? Would we like that?

Re:State sponsored (2)

crazyjj (2598719) | about a year and a half ago | (#43025871)

Yes, because the American government is famous for thinking ahead carefully before it acts.

Re:State sponsored (1)

Anonymous Coward | about a year and a half ago | (#43026089)

Whoever it was, is a complete moron, I suspect. This kind of attack can - and will - be used against everybody else in turn. And if you can interfere with the functioning of valves and other HW, then you can also find a way to cause leakage of hazardous materials.

How about a major leak in a bio-warfare lab in the States? Would we like that?

The values are in the centrifuges, not the power plant. The centrifuges are used to refine the uranium. The fact that Stuxnet moved on to interrupt the motors of the centrifuges instead of the values was pretty damn clever considering it only affected two of the models of motors (one of them manufactured in Iran).

Now, can a virus similar to Stuxnet attack the control boards, valves, etc of *any* power plant, refinery, or whatever? Of course it can. That's why the hardcoded usernames & passwords found in the SCADA systems are so dangerous.

Re:State sponsored (0)

Anonymous Coward | about a year and a half ago | (#43026473)

You are thinking too small. How about interfering with the valves that control water treatment facilities so that they are stuck wide open and an entire city comes down with lethal chlorine or fluoride (or both) poisoning?

Re:State sponsored (1)

smallfries (601545) | about a year and a half ago | (#43027287)

Mostly. It would start with interesting ideas and strongly developed characters that tell an interesting story of our time. Sadly by the time the final curtain drops in the desert outside of Las Vegas we will all be convinced that the story ran its course long ago and that the untimely appearance of the hand of god himself to trigger a nuclear detonation is the sad work of a creative mind all spent. In short the main problem that it would cause is that the extra 300 pages of padding cannot hide the lack of a good ending.

Re:State sponsored (2)

downhole (831621) | about a year and a half ago | (#43029077)

I think the fallacy with this is that the techniques required to do this sort of attack are out there for anybody to discover. No matter what the US or any other country does, somebody will use it eventually. We (presuming it's the US) just have the level of technical know-how and resources to get it done sooner than most other countries. Somebody somewhere will use it against us in 20-30 years whether we use it now or not, so why not use it now and get some benefit from it while we're still the only ones that can do it? Especially if it allows us to stop something very dangerous from happening without directly killing people or staging massive raids or invasions.

Re:State sponsored (1)

Runaway1956 (1322357) | about a year and a half ago | (#43026421)

Possibly, some free lancer who used to work for the company that made the specific hardware that was targeted?

I have zero doubt that it was government sponsored, to be honest. But, you're asking a question that has at least one obvious possible answer. Hey, I can go one better with my obvious answer: that free lancer happens to be Jewish and/or a Zionist.

Re:State sponsored (0)

Anonymous Coward | about a year and a half ago | (#43026919)

Is there any doubt that this is government sanctioned?

No. There isn't. And there hasn't been for quite some time. Are you actually under the illusion that you're making a semi-novel argument? You might as well have asked "is there any doubt that 9/11 was perpetrated by Al-Qaeda linked terrorists? Bin Laden's been talking about it for years!".

Re:State sponsored (-1)

Anonymous Coward | about a year and a half ago | (#43026983)

Are you under the illusion that your comment added anything of value to this thread?

Re:State sponsored (0)

Anonymous Coward | about a year and a half ago | (#43028865)

Yes. Mocking morons always has value.

Re:State sponsored (1)

schneidafunk (795759) | about a year and a half ago | (#43037173)

I find it funny that you call me a moron but totally agree with me. I guess I should be used to condescending anonymous cowards, providing no additional insight. Grow some balls and post under your name, and cite sources if you want to be taken seriously.

Re:State sponsored (0)

Anonymous Coward | about a year and a half ago | (#43028575)

Is there any doubt that this is government sanctioned?

No. There isn't. And there hasn't been for quite some time. Are you actually under the illusion that you're making a semi-novel argument? You might as well have asked "is there any doubt that 9/11 was perpetrated by Al-Qaeda linked terrorists? Bin Laden's been talking about it for years!".

Except for the minor detail that there is actual evidence including claims made by Al-Qaeda supporting the statement that they were behind it.
There IS some doubt, or should be, as to who is behind this effort. Not much, but the fact remains that nobody has proven anything and the arguments for it being a government all boil down to supposition. It is highly unlikely anybody other than a government did it, but highly likely is not the same as 100% proof positive. The part that bothers me is that people are acting like it's proven fact, when it's still not proven. And as for WHICH government or governments were behind it, we can point to likely players but there is no actual proof as to who was involved.

Re:State sponsored (1)

Anonymous Coward | about a year and a half ago | (#43028905)

Except for the minor detail that there is actual evidence including claims made by Al-Qaeda supporting the statement that they were behind it.

You mean like _this_ minor detail:

http://news.techeye.net/security/obama-administration-admits-the-usa-was-behind-stuxnet

In addition to the fact that every single professional malware analyst has stated that only a nation-state could have created Stuxnet?

jackass.

Re:State sponsored (0)

Anonymous Coward | about a year and a half ago | (#43034091)

Did you even read the link you posted? It specifically says: "The recently disclosed Flame attack - which had targeted the computers of Iranian officials and mined for information - was not a part of the Olympic Games plot. However, the Obama administration would not tell the New York Times if it was responsible. "

Judgmental Jackass.

Re:State sponsored (0)

Anonymous Coward | about a year and a half ago | (#43027065)

Is there any doubt that this is government sanctioned? Who has the knowledge (or will) to write a program to disrupt centrifuges. Also this tidbit from the article: "Both the Flamer and Tilded platform code bases are different enough to suggest different developers were involved."

No, there is no doubt.

Even tiny nation-states have their own cyber forces now. Heck, even African countries with people living in dung huts have cyber warriors.

Re:State sponsored (1)

Sulphur (1548251) | about a year and a half ago | (#43027657)

No, there is no doubt.

Even tiny nation-states have their own cyber forces now. Heck, even African countries with people living in dung huts have cyber warriors.

They should never have networked the dung huts.

Re:State sponsored (0)

Anonymous Coward | about a year and a half ago | (#43027969)

Is there any doubt that this is government sanctioned? Who has the knowledge (or will) to write a program to disrupt centrifuges. Also this tidbit from the article: "Both the Flamer and Tilded platform code bases are different enough to suggest different developers were involved."

There is not much doubt it was government sanctioned... but little doubt does not equate to positive proof either. The bigger question is which government (or governments) sanctioned it.

Short list (0)

Anonymous Coward | about a year and a half ago | (#43028153)

U.S. or Israel are on the top of my list.

Re:State sponsored (0)

Anonymous Coward | about a year and a half ago | (#43028659)

Is there any doubt that this is government sanctioned? Who has the knowledge (or will) to write a program to disrupt centrifuges. Also this tidbit from the article: "Both the Flamer and Tilded platform code bases are different enough to suggest different developers were involved."

You already obviously won't believe any other explanation if you're somehow getting "government sanctioned" as a conclusion from the reasons you gave. Given the right documentation, I would venture to guess that any halfway decent programmer could have written the viruses. What about your quoted tidbit says government, anyways? "...different enough to suggest different developers were involved." or in other words "a contract project where different contractors were involved". You know, like how it works at so many major and minor companies throughout the world.

But hey, you're entitled to your own (stupid) opinion.

I got nothing. (0)

Anonymous Coward | about a year and a half ago | (#43025565)

Radioactive vaporware?

Re:I got nothing. (0)

Anonymous Coward | about a year and a half ago | (#43025699)

Radioactive vaporware

Did you eat at Taco Bell last night?

Re:I got nothing. (0)

Anonymous Coward | about a year and a half ago | (#43026665)

No, that's as much of a threat to my survival as Iran's nuclear ambition..

When did it first jump species? (5, Funny)

Anonymous Coward | about a year and a half ago | (#43025673)

When did it first jump species from laundry dryers to centrifuges?

Full source code (1)

Katatsumuri (1137173) | about a year and a half ago | (#43025685)

1. Amplify Plutonium-Gamma Shield
2. Deharmonize Neptunium Impeller
3. Calibrate Uranium-Rod Driver
4. Set Voltage on Saturn-Class Capacitor
5. Test Jupiter Wave Complier

Not as big a worry now (1)

Anonymous Coward | about a year and a half ago | (#43025843)

The Natanz facility that was the target of Stuxnet 0.5 and 1.0 is 300 feet below a mountain. There are normally several elevator shafts, one emergency stairway, and several additional ventilation ducts leading down to where Iran was processing uranium ore from 3.5% (power reactor grade) to 20% (weapons grade). Unfortunately 3 days before the most recent Israeli election, an accident happened at the facility. An explosion large enough to be felt 5km away seems to have occurred at the facility, severely damaging all of the elevator shafts, blocking the emergency stairway, and blocking the ventilation ducts. It seems everyone at the facility was killed, and damage was extensive. Improper storage of weapons grade uranium can create a large unintended explosion.

Re:Not as big a worry now (1)

Lumpy (12016) | about a year and a half ago | (#43026203)

All you have to do to get out is simply dial one of the off planet bases on the stargate and then have a team power down that gate then dial back home to the russian gate.

Re:Not as big a worry now (1)

Anonymous Coward | about a year and a half ago | (#43028639)

Actually the explosion was at Fordow, not Natanz, nobody claimed otherwise, although Iran claimed there was no explosion and the reports were "Western Propaganda". And 20% is not weapons grade, you need to get up to about 90% to be considered weapons-grade.

Re:Not as big a worry now (1)

downhole (831621) | about a year and a half ago | (#43028997)

As I understand it, 20% is the absolute minimum concentration where it is possible to create a critical mass, and thus a nuclear detonation. I'm guessing that getting an actual detonation at that concentration level requires a ton of advanced warhead design/engineering and boosting techniques, and is still probably pretty low-yield. Probably nobody would actually bother doing it because it's much easier and more reliable to just keep on refining until you get to 90%+ where you can skip a lot of the tricky stuff and get higher yields and lighter, smaller weapons.

How do you submit Stuxnet to Virustotal? (1)

Anonymous Coward | about a year and a half ago | (#43026541)

Surely it is more than just one file

Why do we continue to pretend (0)

Anonymous Coward | about a year and a half ago | (#43027077)

that the New York Times didn't out the whole program like 8 months ago:
https://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html?pagewanted=all&_r=0 [nytimes.com]

Stuxnet was/is part of a program called 'Olympic Games' and Obama gave the order to continue developing the attacks that were begun during the Bush administration...

We'll soon see a Stuxnet patent (1)

billrp (1530055) | about a year and a half ago | (#43029979)

"Method and Apparatus for Bringing Down an Industrial Plant thought the Internet"
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>