100% FREE ONLINE DATING
sponsored links
| Topic: Was Stuxnet Built to Attack Iran's Nuclear Program? | |
|---|---|
|
Edited by
smart2009
on
Fri 03/02/12 11:41 PM
|
|
Fmr. CIA head calls Stuxnet virus "good idea".
Could the Stuxnet virus that sabotaged the Iranian nuclear program be used against the U.S. infrastructure or other high profile targets? A retired American general who was the head of the Central Intelligence Agency when Stuxnet would have been created calls the cyber weapon a "good idea," but warns it is out there now for others to exploit. Steve Kroft reports on Stuxnet and the potential consequences of its use. About two years ago, the all-important centrifuges at Iran's nuclear fuel enrichment facility at Natanz began failing at a suspicious rate. Iran eventually admitted that computer code created problems for their centrifuges, but downplayed any lasting damage. Computer security experts now agree that code was a sophisticated computer worm dubbed Stuxnet, and that it destroyed more than 1,000 centrifuges. Many believe the U.S., in conjunction with Israel, sabotaged the system. Retired Gen. Mike Hayden, once head of the NSA and CIA, who was no longer in office when the attack occurred, denies knowing who was behind it, but said, "This was a good idea, alright? But I also admit this was a big idea, too. The rest of the world is looking at this and saying, 'Clearly, someone has legitimated this kind of activity as acceptable.'" Not only that, says Hayden, but the weapon, unlike a conventional bomb that is obliterated on contact, remains intact. "So there are those out there who can take a look at this...and maybe even attempt to turn it to their own purposes," he tells Kroft. In fact, says Sean McGurk, who once led the Department of Homeland Security's efforts to secure U.S. systems from cyberattack , "You can download the actual source code of Stuxnet now and you can repackage it...point it back to wherever it came from." McGurk worries terrorists or a rogue country could refashion it to attack U.S. infrastructure like the power grid or water treatment facilities, even nuclear power plants. He tells Kroft he would never have advised anyone to unleash such a weapon. "They opened the box. They demonstrated the capability...it's not something that can put back." The creators of Stuxnet never intended their worm to be discovered says one of the people most responsible for deconstructing its code. Liam O Murchu, an operations manager for computer virus security company Symantec, thinks whoever launched it partially failed because the virus was discovered. "You don't want the code uncovered, you want it kept secret," says O Murchu. "You want it to just keep working, stay undercover, do its damage and disappear." Creating such a cyberweapon, so sophisticated it could be hiding in any number of computers but only strikes the target it was intended to, probably cost many millions. Now, with the code out there, it can be replicated cheaply. "You just need a couple of millions," says Ralph Langner, an expert in industrial control systems who also was instrumental in analyzing Stuxnet. And it wouldn't take the resources of a government to find the right people he says; they are on the Internet. "If I would be tasked with assembling a cyberforce, yeah, I would know whom to approach. So that's not a real secret," says Langner. http://m.cbsnews.com/fullstory.rbml?catid=57388982&feed_id=0&videofeed=36 Stuxnet is a computer worm discovered in June 2010. It initially spreads via Microsoft Windows,and targets Siemens … http://en.m.wikipedia.org/wiki/Stuxnet Stuxnet Worm UsedAgainst Iran Was Tested in Israel - NYTimes.com http://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html?pagewanted=all Though it was first developed more thana year ago, Stuxnet was discovered in July 2010, when a Belarus-based security company discovered the worm on computers belonging to an Iranian client. Since then it has been the subject of ongoing study by security researchers who say they've never seen anything like it before. Now, after months of private speculation, some of the researchers who know Stuxnet best say that it may have been built to sabotage Iran's nukes. http://www.pcworld.com/businesscenter/article/205827/was_stuxnet_built_to_attack_irans_nuclear_program.html Was Stuxnet Built to Attack Iran's Nuclear Program? Iran's nuclear program may have been the target of the Stuxnet worm, security researchers say. |
|
|
|
|
|
|
|
Fmr. CIA head calls Stuxnet virus "good idea". Could the Stuxnet virus that sabotaged the Iranian nuclear program be used against the U.S. infrastructure or other high profile targets? A retired American general who was the head of the Central Intelligence Agency when Stuxnet would have been created calls the cyber weapon a "good idea," but warns it is out there now for others to exploit. Steve Kroft reports on Stuxnet and the potential consequences of its use. About two years ago, the all-important centrifuges at Iran's nuclear fuel enrichment facility at Natanz began failing at a suspicious rate. Iran eventually admitted that computer code created problems for their centrifuges, but downplayed any lasting damage. Computer security experts now agree that code was a sophisticated computer worm dubbed Stuxnet, and that it destroyed more than 1,000 centrifuges. Many believe the U.S., in conjunction with Israel, sabotaged the system. Retired Gen. Mike Hayden, once head of the NSA and CIA, who was no longer in office when the attack occurred, denies knowing who was behind it, but said, "This was a good idea, alright? But I also admit this was a big idea, too. The rest of the world is looking at this and saying, 'Clearly, someone has legitimated this kind of activity as acceptable.'" Not only that, says Hayden, but the weapon, unlike a conventional bomb that is obliterated on contact, remains intact. "So there are those out there who can take a look at this...and maybe even attempt to turn it to their own purposes," he tells Kroft. In fact, says Sean McGurk, who once led the Department of Homeland Security's efforts to secure U.S. systems from cyberattack , "You can download the actual source code of Stuxnet now and you can repackage it...point it back to wherever it came from." McGurk worries terrorists or a rogue country could refashion it to attack U.S. infrastructure like the power grid or water treatment facilities, even nuclear power plants. He tells Kroft he would never have advised anyone to unleash such a weapon. "They opened the box. They demonstrated the capability...it's not something that can put back." The creators of Stuxnet never intended their worm to be discovered says one of the people most responsible for deconstructing its code. Liam O Murchu, an operations manager for computer virus security company Symantec, thinks whoever launched it partially failed because the virus was discovered. "You don't want the code uncovered, you want it kept secret," says O Murchu. "You want it to just keep working, stay undercover, do its damage and disappear." Creating such a cyberweapon, so sophisticated it could be hiding in any number of computers but only strikes the target it was intended to, probably cost many millions. Now, with the code out there, it can be replicated cheaply. "You just need a couple of millions," says Ralph Langner, an expert in industrial control systems who also was instrumental in analyzing Stuxnet. And it wouldn't take the resources of a government to find the right people he says; they are on the Internet. "If I would be tasked with assembling a cyberforce, yeah, I would know whom to approach. So that's not a real secret," says Langner. http://m.cbsnews.com/fullstory.rbml?catid=57388982&feed_id=0&videofeed=36 Stuxnet is a computer worm discovered in June 2010. It initially spreads via Microsoft Windows,and targets Siemens … http://en.m.wikipedia.org/wiki/Stuxnet Stuxnet Worm UsedAgainst Iran Was Tested in Israel - NYTimes.com http://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html?pagewanted=all Though it was first developed more thana year ago, Stuxnet was discovered in July 2010, when a Belarus-based security company discovered the worm on computers belonging to an Iranian client. Since then it has been the subject of ongoing study by security researchers who say they've never seen anything like it before. Now, after months of private speculation, some of the researchers who know Stuxnet best say that it may have been built to sabotage Iran's nukes. http://www.pcworld.com/businesscenter/article/205827/was_stuxnet_built_to_attack_irans_nuclear_program.html Was Stuxnet Built to Attack Iran's Nuclear Program? Iran's nuclear program may have been the target of the Stuxnet worm, security researchers say. |
|
|
|
|
|
Edited by
s1owhand
on
Sat 03/03/12 02:43 AM
|
|
"The idea behind Stuxnet computer worm is actually quite simple
We don't want Iran to get the bomb. Their major asset toward developing nuclear weapons is the enhanced nuclear enrichment facility. The gray boxes that you see these are real time control systems now if we manage to compromise these systems which control drive speeds and valves we can actually cause a lot of problems with the centrifuges. The gray boxes do not run Windows software, they are completely different technology but if we manage to place a good Windows virus on a notebook that is used by a engineer to configure this gray box then we are in business and this is the plot behind Stuxnet." http://youtu.be/CS01Hmjv1pQ "We started a lab project where we infected our environment with Stuxnet and checked this thing out and then some very funny things happened. Stuxnet behaved like a lab rat that didn't like our cheese. Sniffed but didn't want to eat. Didn't make sense to me. And after we tested with different flavors of cheese I realized "Well this is a directed attack!" - it's completely directed. The dropper is probing actively on the gray box - if a specific configuration is found - and even if the actual program code it is trying to infect is actually running on that target - and if not, Stuxnet does nothing..." 
"If you have heard that the dropper for Stuxnet is complex and high tech - Let me tell you this - The payload is rocket science - it is way above anything we have ever seen before." "It is generic - and as an attacker - you don't have to deliver it by a USB stick....it is a cyberweapon of mass destruction... so unfortunately the biggest number of possible targets are not in the Middle East - they are in the United States, Europe and Japan....and we better start to prepare right now." "My opinion is that Mossad is involved but that the leading force is not Israel - the leading force behind this is the cyber- superpower - there is only one and that is the United States... Fortunately. Otherwise our problems would only be bigger." =-=-= Yes...Stuxnet was truly a historical event. This was way more than the world's first cyberweapon of mass destruction with a very sophisticated directed mean payload. This was also the originators basically declaring to the world that they know exactly what they are doing here and are prepared for the consequences. Not only is this projecting some serious viral warfare prowess - flexing cyber-muscles as it were... It was surely also known that others would be able to decode this and use various aspects of it...AND, well, the originators are saying OK fine - we know how to deal with the threat. And that is the really amazing part of the story. Game on. |
|
|
|
|
