Corporations cannot commit treason, nor be outlawed, nor excommunicated, for they have no souls - Sir Edward Coke
|
|
|
Cyber jihadists could use Stuxnet worm to attack the west
ACCORDING TO Mikko Hypponen, F-Secure's chief security researcher, there has been a revolution in malware with Stuxnet. "The worst case scenario is that Al-Qaeda or another organisation could gain access to this type of knowledge and information, and make use of it to launch attacks on critical infrastructure - like blow up nuclear power plants or do something to our food chain."
Discovered at the middle of last year, Stuxnet has become a major talking point for those involved in computer security, but more than that, also among those interested in international espionage.
"I think Stuxnet is a new phenomenon, the first example of its kind, and will be something we will look back at in years to come," said Hypponen, whose information security experience spans many years and who was involved in classified briefings regarding the new threat.
"There will be copies of Stuxnet, from the same source and elsewhere," he predicted.
Stuxnet is a Windows worm that is propagated on USB sticks and over private networks, but with one very unique feature - it doesn't replicate over the Internet. Malware that we generally see on computers is generally designed to spread as far as possible, as cyber criminals aren't too worried about what it will infect.
But Stuxnet is different, because it wants to reach environments that are disconnected from the Internet on purpose, like the nuclear programme in Iran. But that's not to say that it won't infect your Windows PC.
Hypponen said, "It infects any Windows PC that you put an infected USB stick in. But when it infects a PC it does nothing. It will only replicate on any other USB stick you put into it."
This means that Stuxnet is a worm that can go around the world silently, doing nothing to the systems it infects, waiting for a precise moment to strike. And it will strike, but only if it reaches a Windows PC that has a specific type of program installed.
"It's called Step 7, made by Siemens and which is used to program Programmable Logic Control (PLC) devices," said the researcher. "These boxes control factories, pumps, general purpose systems. These are running their own operating system, which isn't Windows as it isn't reliable enough."
But the PLC boxes need to be programmed by a Windows computer before they are sent over to a factory or wherever they need to go. If a USB stick has transferred Stuxnet to one of these computers, this is the point where Stuxnet will start to make its move, if it finds itself on a system that has a specific type of PLC box connected.
"It will reprogram the PLC, so that any changes are hidden. And it will wait, hoping that somebody disconnects the PLC from the Windows computer and takes it to a factory."
If that does happen, Stuxnet will still do nothing, apart from check what kind of factory the PLC box is supposed to be controlling.
"It's trying to find a specific environment with a specific configuration of high frequency power converters made by two different manufacturers. When it finds the right kind, then it knows it's in the right environment."
Tags: Security
Share this:
Share
A stuxnet-type cyberattack can only work when the terrorists control big corporations.
You miss the point of Stuxnet and why it is sophisticated. It's not some amateur trojan designed to just go around and ruin whatever it encounters. That would waste all the effort put into it. Stuxnet's sophistication lies in that it singles out and subtly destroys an exact high-valued target while not giving away its presence.
What you're describing is akin to sending in a deep cover spy just to blow his cover by knocking off a low-level henchman.
The most stupid accusation ever!!! But is something normal for americans:
- so, YOU make weapon, then YOU accuse us, that we want to use it against you.
What if, WE make a nuclear weapon, use it against you then accuse you that you want to kill us?? How does that sound to you?
Don't forget that the terrorism appeared only as a form of DEFENSE after you started stealing oil and other resources form weak countries.
It is not possible for small countries to protect in other way. Like it is not possible for Irish people to protect them self through normal war.
Want terrorism to stop? IT IS SIMPLE: GO HOME.
Wrong. For Stuxnet to work, it has to go straight ahead, past the first church it encounters, then go left, enter the second church and say Grace. Then it has to look for a medium-sized library and read all but one book in this library. Then the same steps have to be taken in a second, smaller library, but here ALL books have to be read. If these condition are met (and on a full moon), there's 1 chance in a billion Stuxnet could be dangerous.
Now let's hope someone doesn't return his/her/its book in the first library so all of this can be avoided.
Stuxnet took advantage some exploits that we ourselves (BETTER HAVE) patched but it had to of been delivered personally too. Most of those kinds of systems are stand alone.
Given the fact that we know about stuxnet nullifies any surprise attack if they even attempt it.
I highly doubt this will go anywhere as stuxnet.
First of all, this is not a bug in Siemens software/hardware - this worm re-programs it in a standard way, using the same method that user is supposed to use, so no fault of the manufacturer.
Secondly, if you're not aiming for very specific target, you don't need to have the target hardware or even a very detailed specification - altering parameters of various control outputs by a random number whose maximum value is slowly increasing with time is going to break something, eventually, no matter what sort of machinery we're talking about.
So no, threat of this sort of malware shouldn't be easily dismissed.
It's the guy from die hard. Yippee ki yay mother fker
Well unless you are planning to make your own nuke using siemens tech, itmakes feck all difference what they have you dimwit!
Siemens has known about this for some time now so why have they not patched the Step-7 program and PLC firmware to stop it ?
I have been a user of their horrible PLCs and awful software (not by choice) and we have not been notified of any updates being available. It seems very irresponsible of Siemens to me. Even microsoft is more responsive than they are. This is the best argument yet for staying far away from their products and when given a choice I ALWAYS do !!!
Whoever created Stuxnet had access to the exact type of Pakistani-made centrifuges that Iran purchased. Unless terrorists or whoever have this kind of technological access, they're not going to do much to "western" systems, or at least nothing more than simple trojans do anyway. Hell, if such parties had access to such technology, they might as well make a nuclear bomb rather than bother with industrial sabotage.
Apart from the creators of the virus, the Iranians also have the Stuxnet technology now. Although they most likely don't have the source code, they could reverse engeneer it which probably won't be that diffucult. Not good.