
Was Stuxnet built to attack Iran's nuclear program? - labboy
http://www.networkworld.com/news/2010/092110-was-stuxnet-built-to-attack.html
======
motters
When I was writing software for industrial PLCs and other controllers over
five years ago I always thought that factory guys were paranoid about
connecting them to the general IT system which in turn was connected to the
internet. Quite specifically they were worried about viruses getting into the
industrial PCs and causing production line stoppages. At the time it was just
a theoretical possibility. Now it seems they were quite wise to be cautious.

------
bd_at_rivenhill
Sounds a bit like the old exploding Siberian pipeline trick to me.

<http://en.wikipedia.org/wiki/Siberian_pipeline_sabotage>

------
allenp
Buried in the article: "Whoever created Stuxnet developed four previously
unknown zero-day attacks and a peer-to-peer communications system, compromised
digital certificates belonging to Realtek Semiconductor and JMicron
Technology, and displayed extensive knowledge of industrial systems."

Sounds like Siemens has some work to do, although I wouldn't be too hard on
them if the CIA or another state is really launching these attacks.

~~~
bd_at_rivenhill
If it really is the CIA, then Siemens might actually be in on it. Bonus for
them if they can charge the Iranians to patch the holes that Stuxnet has
exposed while continuing to feed the agency with new ones.

~~~
varjag
Siemens AG is not quite an American company.

~~~
dkarl
Would that stop them from working for the CIA? Corporations are about as
patriotic as the money they're paid with.

~~~
varjag
It most definitely would, since Siemens as a company is too expensive and
complicated to bribe - even on CIA scale. Also it is public, and is too
bureaucratic to get away with that without a trace.

Of course nothing prevents recruiting an engineer or two as CIA operatives,
but it's not the same as involving the company.

------
VladRussian
grep uranium | grep -v U238 > /dev/reactor

"according to screen shots of the plant posted by UPI, it uses the Windows-
based Siemens PLC software targeted by Stuxnet."

Windows in embedded systems. For nuclear reactors. Sounds promising.

~~~
varjag
Windows used as development and as visualization/monitoring environment. PLCs
themselves are not running Windows.

~~~
VladRussian
So, the windows part provide absolutely no control input into the system?
Including no operator control input from PC?

------
yread
from [http://www.digitalbond.com/index.php/2010/09/16/stuxnet-
targ...](http://www.digitalbond.com/index.php/2010/09/16/stuxnet-target-
theory/)

 _I’m surprised at how often project names for secret projects have some
relation on the project. This is really for you conspiracy theorists, but read
the Book of Esther in the bible where Esther informs the King of a plot
against the Jews. The King then allows the Jews to defend themselves, kill
their enemies, … Esther’s was born as Hadassah which means Myrtle. According
to Symantec, “While we don’t know who the attackers are yet, they did leave a
clue. The project string b:\myrtus\src\objfre_w2k_x86\i386\guava.pdb appears
in one of their drivers.”_

Seriously you couldn't make it up!

~~~
Luc
> "I’m surprised at how often project names for secret projects have some
> relation on the project."

Never a good idea. In World War 2, the Brits figured out the Germans had a
single-beam navigation device by it's codename 'Wotan' (a one-eyed god):

[http://en.wikipedia.org/wiki/Battle_of_the_beams#Y-Ger.C3.A4...](http://en.wikipedia.org/wiki/Battle_of_the_beams#Y-Ger.C3.A4t)

------
maukdaddy
This type of attack is going to become much more common in the future.

"Nation States" and their various agencies have been interested in SCADA
systems for quite a while. There is no security to speak of in industrial
control systems. These systems are out of the view of all but the most
sophisticated hackers, and only make the news when things go boom.

~~~
motters
I imagine that very few people other than control systems engineers ever have
anything to do with Siemens PLCs and their data blocks. Those PLCs are also
quite pricey items. Your average script kiddie is never going to have any
access to or knowledge of these sorts of system.

------
lordgilman
Also buried in the article: "Peterson believes that Bushehr was possibly the
target. "If I had to guess what it was, yes that's a logical target," he said.
"But that's just speculation."

------
Confusion
If they are smart and powerful enough to do:

"develop four previously unknown zero-day attacks and a peer-to-peer
communications system, compromise digital certificates belonging to Realtek
Semiconductor and JMicron Technology, and display extensive knowledge of
industrial systems."

then why did this happen?

"In recent weeks, they've broken the cryptographic code behind the software"

~~~
Luc
They're talking about the encryption of the executable code and data of the
worm itself. It can't run if it doesn't decrypt itself at some point. It's not
meant to be bombproof, it's just another hurdle.

~~~
Confusion
OK, then it's just sloppy journalism, because that's not 'breaking the
encryption of the code', but rather 'snooping on the execution of the code'.

------
stcredzero
I suspect that next time, the targeting systems of such a worm will be better
obfuscated. If this can be achieved, then such sabotage could be carried out
with perfect plausible deniability. I find this highly disturbing.

------
jbillingsley
I wouldn't put it past Siemens to be in on this. After all the most profits
are made by playing both sides.

