Stuxnet malware is 'weapon' out to destroy ... Iran's Bushehr nuclear plant?
http://www.csmonitor.com/USA/2010/0921/
Stuxnet-malware-is-weapon-out-to-destroy-Iran-s-Bushehr-nuclear-plant
By Mark Clayton Mark Clayton – Tue Sep 21, 3:08 pm ET
Cyber security experts say they have identified the world's first known cyber super weapon designed specifically to destroy a real-world target – a factory, a refinery, or just maybe a nuclear power plant.
The cyber worm, called Stuxnet, has been the object of intense study since its detection in June. As more has become known about it, alarm about its capabilities and purpose have grown. Some top cyber security experts now say Stuxnet's arrival heralds something blindingly new: a cyber weapon created to cross from the digital realm to the physical world – to destroy something.
At least one expert who has extensively studied the malicious software, or malware, suggests Stuxnet may have already attacked its target – and that it may have been Iran's Bushehr nuclear power plant, which much of the world condemns as a nuclear weapons threat.
The appearance of Stuxnet created a ripple of amazement among computer security experts. Too large, too encrypted, too complex to be immediately understood, it employed amazing new tricks, like taking control of a computer system without the user taking any action or clicking any button other than inserting an infected memory stick. Experts say it took a massive expenditure of time, money, and software engineering talent to identify and exploit such vulnerabilities in industrial control software systems.
Unlike most malware, Stuxnet is not intended to help someone make money or steal proprietary data. Industrial control systems experts now have concluded, after nearly four months spent reverse engineering Stuxnet, that the world faces a new breed of malware that could become a template for attackers wishing to launch digital strikes at physical targets worldwide. Internet link not required.
"Until a few days ago, people did not believe a directed attack like this was possible," Ralph Langner, a German cyber-security researcher, told the Monitor in an interview. He was slated to present his findings at a conference of industrial control system security experts Tuesday in Rockville, Md. "What Stuxnet represents is a future in which people with the funds will be able to buy an attack like this on the black market. This is now a valid concern."
A gradual dawning of Stuxnet's purpose
It is a realization that has emerged only gradually.
Stuxnet surfaced in June and, by July, was identified as a hypersophisticated piece of malware probably created by a team working for a nation state, say cyber security experts. Its name is derived from some of the filenames in the malware. It is the first malware known to target and infiltrate industrial supervisory control and data acquisition (SCADA) software used to run chemical plants and factories as well as electric power plants and transmission systems worldwide. That much the experts discovered right away.
But what was the motive of the people who created it? Was Stuxnet intended to steal industrial secrets – pressure, temperature, valve, or other settings –and communicate that proprietary data over the Internet to cyber thieves?
By August, researchers had found something more disturbing: Stuxnet appeared to be able to take control of the automated factory control systems it had infected – and do whatever it was programmed to do with them. That was mischievous and dangerous.
But it gets worse. Since reverse engineering chunks of Stuxnet's massive code, senior US cyber security experts confirm what Mr. Langner, the German researcher, told the Monitor: Stuxnet is essentially a precision, military-grade cyber missile deployed early last year to seek out and destroy one real-world target of high importance – a target still unknown.
"Stuxnet is a 100-percent-directed cyber attack aimed at destroying an industrial process in the physical world," says Langner, who last week became the first to publicly detail Stuxnet's destructive purpose and its authors' malicious intent. "This is not about espionage, as some have said. This is a 100 percent sabotage attack."
MORE: http://www.csmonitor.com/USA/2010/0921/
Stuxnet-malware-is-weapon-out-to-destroy-Iran-s-Bushehr-nuclear-plant
Stuxnet malware? Out to destroyIran's Bushehr nuke plant?
2 posts
• Page 1 of 1
Stuxnet malware? Out to destroyIran's Bushehr nuke plant?
by Oscar » Fri Sep 24, 2010 9:09 am
- Oscar
- Site Admin
- Posts: 9965
- Joined: Wed May 03, 2006 3:23 pm
Stuxnet Computer Worm Has Vast Repercussions
by Oscar » Sat Oct 02, 2010 3:31 pm
Stuxnet Computer Worm Has Vast Repercussions
http://www.npr.org/templates/story/stor ... =130260413
TOM GJELTEN NPR 1 October 2010
A powerful new computer worm apparently is capable of causing power plants or pipelines to blow up. It's a cyber superweapon called Stuxnet. Experts suspect it was designed to disable nuclear facilities in Iran, but Stuxnet could have consequences its creators did not anticipate.
When cybersecurity experts get together, they usually talk about such things as the latest techniques in credit card fraud. But the big session at the Virus Bulletin conference Thursday in Vancouver, British Columbia, Canada, was one called "Stuxnet: An In-Depth Look." It was arranged by the Symantec company, whose researchers have been analyzing the computer worm for several weeks.
Eric Chien, technical director at Symantec's Security Response Unit, says he and his colleagues have been stunned by what they've found.
"I've been dealing with malicious code threats for 15 to 20 years now, I've seen every large sort of outbreak, and we've never seen anything like this," Chien says. "It's fundamentally changed our job, to be honest."
That's because studying a computer worm designed to sabotage a power plant or gas refinery is a far cry from thinking about some virus engineered by a lone hacker.
"It changes the urgency at which we have to analyze these threats and understand them and make sure that people who are affected know they are affected and how to get themselves cleaned up," Chien says.
The Symantec researchers say the Stuxnet worm was designed by a well-funded, well-organized group, perhaps affiliated with a government. They're convinced it was meant to target facilities in Iran. The worm was apparently designed to penetrate and take over the computerized control system used in nuclear plants there.
But it's becoming clear that the repercussions may go far beyond Iran.
"Now that it's released, numerous other people will take that and go, 'aha,' " says Stephen Spoonamore, a veteran cybersecurity consultant who has spent years pursuing hackers. He thinks some other group may now be able to take the Stuxnet computer code and modify it slightly to create its own cyber superweapon.
Symantec's Chien is not sure it will be all that easy. But if nothing else, he says, other cyberwarriors are likely to be inspired by what Stuxnet has been able to do.
"People have been talking about this in theory for a long time, and we've had movies that have demonstrated this kind of thing, but it's never been done," Chien says. "And now, it's been done."
The Stuxnet story raises the question of what the consequences of using a cyberweapon might be. Maybe Pandora's box has been opened — this weapon, or one modeled after it, could soon come back in even more dangerous form.
Security experts call this "blowback."
Some experts are convinced the Israeli government developed and used the Stuxnet worm as a weapon, to disable a nuclear plant in Iran.
After all, hitting the nuclear plant with a 500-pound bomb would have produced far more collateral damage than attacking it with a cyberweapon, right?
Spoonamore is not so sure. "Compared to releasing code that controls most of the world's hydroelectric dams or many of the world's nuclear plants or many of the world's electrical switching stations? I can think of very few stupider blowback decisions," he says.
Here's the situation: Even as U.S. and other Western cybersecurity officers scramble to find new ways to protect industrial facilities from a Stuxnet-like attack, their governments in all likelihood have their own people developing new cyberweapons that are not unlike the Stuxnet worm.
Deputy Defense Secretary William Lynn, speaking Thursday night about U.S. cyberwar plans at a meeting in New York, said he did not know where Stuxnet came from. Asked about the U.S. military's own offensive
cyber-arsenal, Lynn refused to comment.
A cyber professional who has worked on both sides says the offensive and defensive players bring different mindsets to their work: Those on the
offensive side tend to focus more narrowly on the accomplishment of their war-fighting mission and may not pay as much attention to the wider
consequences.
http://www.npr.org/templates/story/
story.php?storyId=130260413&sc=nl&cc=nh-20101001
http://www.npr.org/templates/story/stor ... =130260413
TOM GJELTEN NPR 1 October 2010
A powerful new computer worm apparently is capable of causing power plants or pipelines to blow up. It's a cyber superweapon called Stuxnet. Experts suspect it was designed to disable nuclear facilities in Iran, but Stuxnet could have consequences its creators did not anticipate.
When cybersecurity experts get together, they usually talk about such things as the latest techniques in credit card fraud. But the big session at the Virus Bulletin conference Thursday in Vancouver, British Columbia, Canada, was one called "Stuxnet: An In-Depth Look." It was arranged by the Symantec company, whose researchers have been analyzing the computer worm for several weeks.
Eric Chien, technical director at Symantec's Security Response Unit, says he and his colleagues have been stunned by what they've found.
"I've been dealing with malicious code threats for 15 to 20 years now, I've seen every large sort of outbreak, and we've never seen anything like this," Chien says. "It's fundamentally changed our job, to be honest."
That's because studying a computer worm designed to sabotage a power plant or gas refinery is a far cry from thinking about some virus engineered by a lone hacker.
"It changes the urgency at which we have to analyze these threats and understand them and make sure that people who are affected know they are affected and how to get themselves cleaned up," Chien says.
The Symantec researchers say the Stuxnet worm was designed by a well-funded, well-organized group, perhaps affiliated with a government. They're convinced it was meant to target facilities in Iran. The worm was apparently designed to penetrate and take over the computerized control system used in nuclear plants there.
But it's becoming clear that the repercussions may go far beyond Iran.
"Now that it's released, numerous other people will take that and go, 'aha,' " says Stephen Spoonamore, a veteran cybersecurity consultant who has spent years pursuing hackers. He thinks some other group may now be able to take the Stuxnet computer code and modify it slightly to create its own cyber superweapon.
Symantec's Chien is not sure it will be all that easy. But if nothing else, he says, other cyberwarriors are likely to be inspired by what Stuxnet has been able to do.
"People have been talking about this in theory for a long time, and we've had movies that have demonstrated this kind of thing, but it's never been done," Chien says. "And now, it's been done."
The Stuxnet story raises the question of what the consequences of using a cyberweapon might be. Maybe Pandora's box has been opened — this weapon, or one modeled after it, could soon come back in even more dangerous form.
Security experts call this "blowback."
Some experts are convinced the Israeli government developed and used the Stuxnet worm as a weapon, to disable a nuclear plant in Iran.
After all, hitting the nuclear plant with a 500-pound bomb would have produced far more collateral damage than attacking it with a cyberweapon, right?
Spoonamore is not so sure. "Compared to releasing code that controls most of the world's hydroelectric dams or many of the world's nuclear plants or many of the world's electrical switching stations? I can think of very few stupider blowback decisions," he says.
Here's the situation: Even as U.S. and other Western cybersecurity officers scramble to find new ways to protect industrial facilities from a Stuxnet-like attack, their governments in all likelihood have their own people developing new cyberweapons that are not unlike the Stuxnet worm.
Deputy Defense Secretary William Lynn, speaking Thursday night about U.S. cyberwar plans at a meeting in New York, said he did not know where Stuxnet came from. Asked about the U.S. military's own offensive
cyber-arsenal, Lynn refused to comment.
A cyber professional who has worked on both sides says the offensive and defensive players bring different mindsets to their work: Those on the
offensive side tend to focus more narrowly on the accomplishment of their war-fighting mission and may not pay as much attention to the wider
consequences.
http://www.npr.org/templates/story/
story.php?storyId=130260413&sc=nl&cc=nh-20101001
- Oscar
- Site Admin
- Posts: 9965
- Joined: Wed May 03, 2006 3:23 pm
2 posts
• Page 1 of 1
Return to Uranium/Nuclear/Waste
Who is online
Users browsing this forum: No registered users and 3 guests