Register to reply

Did Iran Sustain a Cyber Attack?

by lisab
Tags: attack, cyber, iran, sustain
Share this thread:
lisab
#1
Sep24-10, 08:56 PM
Mentor
lisab's Avatar
P: 2,980
There's been speculation surrounding the "Stuxnet" worm for some time. Now the Christian Science Monitor (and others) are reporting the worm may have been targeted specifically to hit Iran's Bushehr nuclear power plant, or perhaps its Natanz nuclear centrifuge facility.

It blows my mind that Iran surrounded Bushehr with missiles, but allowed contractors to freely use USB memory sticks - apparently how the worm spreads.

It's an amazing article, a modern 'who dunnit?' which sounds like it's straight out of a Clancy novel.

http://www.csmonitor.com/USA/2010/09...r-weapon-after

http://www.symantec.com/connect/blog...-scada-devices
Phys.Org News Partner Science news on Phys.org
Law changed to allow 'unlocking' cellphones
Microsoft sues Samsung alleging contract breach
Best evidence yet for coronal heating theory detected by NASA sounding rocket
Borek
#2
Sep25-10, 03:34 AM
Admin
Borek's Avatar
P: 23,406
And then we think Ahmadinejad is a crackpot...
Phrak
#3
Sep25-10, 03:50 AM
P: 4,513
Cyberspace is naturally becoming a target for espionage.

Assuming this is due to the efforts of the CIA, or NSA, or what-have-you, was it a success mission, or bumbled probing that became noticed?

lisab
#4
Sep25-10, 08:17 AM
Mentor
lisab's Avatar
P: 2,980
Did Iran Sustain a Cyber Attack?

Quote Quote by Phrak View Post
Cyberspace is naturally becoming a target for espionage.

Assuming this is due to the efforts of the CIA, or NSA, or what-have-you, was it a success mission, or bumbled probing that became noticed?
Well Bushehr was supposed to be up and running but it isn't, and they haven't told why. Also the centrifuge facility had several failures at the time this worm was active (according to the article, it had a halt date). So...maybe the attack was successful, but Iran certainly won't affirm that.

Your list of possible perpetrators is a good start...I'd add Israel, I think.
Ken Natton
#5
Sep25-10, 08:30 AM
P: 272
Could it not be a case of the combined resources of the Wetern world's intelligence agencies failing where one maverick with the ability to write worm viruses succeeded?
Andre
#6
Sep25-10, 09:01 AM
PF Gold
Andre's Avatar
P: 5,458
Maybe, a lot of wizzkids act alone, doing incredible things, anyway I read:

"Bushehr has all kinds of missiles around it to protect it from an airstrike," Langner says. "But this ....."
I have no idea why this was included in the writing. Could be suggestive of more hyperbole, missiles going off and hitting targets whereever, steered by the worm. The article does not state anything like that, but that interpretation is certainly not discouraged.

Maybe that the reporter had asked about such an scenario and got an 'don-t-worry' answer that he did not like, so he may have excluded that.

So let me give that don't-worry answer.

Air defense missiles are designed just to do that, with a limited range to strike air targets, also with a rather limited payload, a few kilograms rather than tonnes. This makes them virtually incapable of hostile action against groundtargets at longer range than one or two hunderd kilometers. Most point defence weapons are in the dozen kilometer order of magnitude range, if not less.

Just my two cents.
Office_Shredder
#7
Sep25-10, 09:23 AM
Emeritus
Sci Advisor
PF Gold
P: 4,500
Quote Quote by Andre View Post
I have no idea why this was included in the writing. Could be suggestive of more hyperbole, missiles going off and hitting targets whereever, steered by the worm. The article does not state anything like that, but that interpretation is certainly not discouraged.
It's supposed to give you the impression that the place is bristling with defenses, and is intended to be impervious, except there's a gaping backdoor.
Borek
#8
Sep25-10, 01:10 PM
Admin
Borek's Avatar
P: 23,406
Quote Quote by Office_Shredder View Post
It's supposed to give you the impression that the place is bristling with defenses, and is intended to be impervious, except there's a gaping backdoor.
That's how I read it.
Ivan Seeking
#9
Sep25-10, 02:10 PM
Emeritus
Sci Advisor
PF Gold
Ivan Seeking's Avatar
P: 12,498
I think this is funny! We have been worried about the grid and defensive systems for a long time now. I forget how many cyber attacks the Pentagon fends off each day, but it's a big number. The notion that this same threat could keep ole looney toons in check for a time, is downright poetic.

It reminds a bit of the homing beacons that we hid in printers sold to Saddam - printers that we knew were going to defensive facilities! When the first Gulf War broke out, we just activated the beacons remotely and keyed missiles to the signals from the beacons.
medgar
#10
Sep25-10, 10:33 PM
P: n/a
Quote Quote by Office_Shredder View Post
It's supposed to give you the impression that the place is bristling with defenses, and is intended to be impervious, except there's a gaping backdoor.
that's the obvious point. missed by some.
Hurkyl
#11
Sep25-10, 10:51 PM
Emeritus
Sci Advisor
PF Gold
Hurkyl's Avatar
P: 16,092
Quote Quote by medgar View Post
that's the obvious point. missed by some.
It's only obvious to those who find it obvious. When one doesn't say what one means, there is always the danger the meaning will get lost.
medgar
#12
Sep25-10, 10:57 PM
P: n/a
Quote Quote by Hurkyl View Post
It's only obvious to those who find it obvious. When one doesn't say what one means, there is always the danger the meaning will get lost.
agreed. sorry if it seemed judgemental.
Borek
#13
Sep26-10, 03:15 AM
Admin
Borek's Avatar
P: 23,406
Don't forget English is not a first language to many of PF posters, sometimes unexpected subtleties work against our understanding of seemingly obvious statements.
skippy1729
#14
Sep26-10, 12:46 PM
P: 148
Quote Quote by lisab View Post
There's been speculation surrounding the "Stuxnet" worm for some time. Now the Christian Science Monitor (and others) are reporting the worm may have been targeted specifically to hit Iran's Bushehr nuclear power plant, or perhaps its Natanz nuclear centrifuge facility.

It blows my mind that Iran surrounded Bushehr with missiles, but allowed contractors to freely use USB memory sticks - apparently how the worm spreads.

It's an amazing article, a modern 'who dunnit?' which sounds like it's straight out of a Clancy novel.

http://www.csmonitor.com/USA/2010/09...r-weapon-after

http://www.symantec.com/connect/blog...-scada-devices
Cool! It's about time someone other than our DOD, State Department or LANL gets cyberattacked!
nismaratwork
#15
Sep26-10, 02:30 PM
P: 2,284
Quote Quote by skippy1729 View Post
Cool! It's about time someone other than our DOD, State Department or LANL gets cyberattacked!
I was waiting for someone to point out that we're just about as dumbly unprepared as most other nations in this arena.

I for one have no problem believing that this was the work of one person, or a small group of hackers or even script-kiddies with a bit of experience. Hell, it could even be a pissed of Iranian national or ex-pat with time and an education.
lisab
#16
Sep26-10, 03:10 PM
Mentor
lisab's Avatar
P: 2,980
Quote Quote by nismaratwork View Post
I was waiting for someone to point out that we're just about as dumbly unprepared as most other nations in this arena.

I for one have no problem believing that this was the work of one person, or a small group of hackers or even script-kiddies with a bit of experience. Hell, it could even be a pissed of Iranian national or ex-pat with time and an education.
I'm not so sure it's a single person or even a small group. Apparently the worm seeks a very specific process control fingerprint, made only by Siemens*. Once it recognizes the fingerprint, it launches and re-writes the process control software. That's pretty specific knowledge.

*I'm not sure if Siemens also uses that process control code for other industrial processes. If it's specific to nuclear reactors, that makes it even more likely that it was written by a nation state.
nismaratwork
#17
Sep26-10, 07:25 PM
P: 2,284
Quote Quote by lisab View Post
I'm not so sure it's a single person or even a small group. Apparently the worm seeks a very specific process control fingerprint, made only by Siemens*. Once it recognizes the fingerprint, it launches and re-writes the process control software. That's pretty specific knowledge.

*I'm not sure if Siemens also uses that process control code for other industrial processes. If it's specific to nuclear reactors, that makes it even more likely that it was written by a nation state.
Or someone who works or worked for Siemens. Never underestimate the power of a pissed-off employee.
CAC1001
#18
Sep26-10, 10:54 PM
P: 18
I have read one thing the Chinese do is have whole specialized teams of elite hackers work together. And not just one team either. They'll have a team for one part of a major hack, then another team handle another part of the hack, and so on; this they believe is how the Chinese stole all sorts of information from some major American corporations without said corporations even being aware at first.


Register to reply

Related Discussions
Speculation mounting of an attack on Iran Current Events 124
Another obstacle to Iran attack is removed Current Events 73
Is a US attack on Iran coming? Current Events 24
Attack Iran ? Current Events 127
Hi everybody, what do you think will Mr. Bush next move is he going to attack Iran? Current Events 64