Stuxnet, Virus developed by Isreal/USA to attack Iran's Nuclear Faculties

[AHarvey]

I'll have a watch of that, i was watching this last night on youtube and it had a part about Stuxnet

https://www.youtube.com/watch?v=HQJMg6FdcvQ

 

[Sankari]

Stuxnet reportedly compromised Iranian PLCs, collecting information on industrial systems and causing the fast-spinning centrifuges to tear themselves apart.

Stuxnet’s design and architecture are not domain-specific and it could be tailored as a platform for attacking modern SCADA and PLC systems (e.g., in automobile or power plants), the majority of which reside in Europe, Japan and the US.

Stuxnet reportedly ruined almost one fifth of Iran's nuclear centrifuges.

Magnificent.

 

[Arazi]

There was a documentary on PBS last night, CyberWar, a large portion of the show was dedicated to this stuxnet virus.

This one.

 

[dowie]

Symantec estimates that the group developing Stuxnet would have been well-funded, consisting of five to ten people, and would have taken six months to prepare. The Guardian, the BBC and The New York Times all reported that experts studying Stuxnet considered that the complexity of the code indicates that only a nation state would have the capabilities to produce it.

So it required 5-10 people but only a nation state could employ 5-10 people to create complex code? WTF?


I mean given the target the overall allegation made isn't unreasonable - but that assertion above seems very dubious by itself.

 

[Dunks]

So it required 5-10 people but only a nation state could employ 5-10 people to create complex code? WTF?


I mean given the target the overall allegation made isn't unreasonable - but that assertion above seems very dubious by itself.

I imagine it's due to the knowledge required of Irans nuclear programme and the details of the systems and hardware they are using and how they would get the code onto the system due to the air gap etc etc.

 

[deusexlumina]

So it required 5-10 people but only a nation state could employ 5-10 people to create complex code? WTF?


I mean given the target the overall allegation made isn't unreasonable - but that assertion above seems very dubious by itself.

I imagine what they are hinting it is funding,infrastructure and availability of certain resources. Someone may correct me but I'd imagine that to develop something like this you'd need access to hardware very similar to the target or at least a very good emulation.

 

[Jokester]

It's more to do with the financial out lay for no (apparent) returns which eliminates criminal gangs or lone hackers being involved.

 

[SexyGreyFox]

I imagine it's due to the knowledge required of Irans nuclear programme and the details of the systems and hardware they are using and how they would get the code onto the system due to the air gap etc etc.

Spoiler

They knew exactly what to aim at. There were numbers in the code that the Virus companies couldn't work out but one guy in Europe said they belonged to components in Iran linked to their nuclear industry. Basically it went all around the World but would only attack when it found those numbers.

What was also special was that the code was 5 times bigger than any other malware code but completely clean of bugs, every piece of code did something.

 

[Arazi]

They knew exactly what to aim at. There were numbers in the code that the Virus companies couldn't work out but one guy in Europe said they belonged to components in Iran linked to their nuclear industry. Basically it went all around the World but would only attack when it found those numbers.

This, in the video above i posted it shows this going on, it only targeted specific PLC machines, ignored everything else, they show in the video what happens when it targets a generator.

e: Skip to 17:00 minutes and it explains that each centrifuge in the nuclear plant is controlled by a PLC, the virus targeted these machines only.

 

[Diddums]

This is a good read too.

http://motherboard.vice.com/read/the-history-of-stuxnet-the-worlds-first-true-cyberweapon

 

[dowie]

I imagine it's due to the knowledge required of Irans nuclear programme and the details of the systems and hardware they are using and how they would get the code onto the system due to the air gap etc etc.

that is fine and the target itself/result of the virus gives a good indication too

but my comment was re: what they said not making much sense in itself... having 5-10 people work on a complex project in itself doesn't imply that it had to be a state actor

 

[Freakbro]

that is fine and the target itself/result of the virus gives a good indication too

but my comment was re: what they said not making much sense in itself... having 5-10 people work on a complex project in itself doesn't imply that it had to be a state actor

It's probably just poor journalism, reducing the issue to a simple term for the masses.

Edit : or is that good journalism? it gets the overall message across to everyone and tbh, we are in the minority of the population who actually care about the details

 

[loftie]

I read this article on Stuxnet a few years ago. It's a good read, be warned - it's 5 pages long.

http://arstechnica.com/tech-policy/...stuxnet-the-most-menacing-malware-in-history/

 

[Doogles]

It's believed to have put back Iran's nuclear program by years and also resulted in the deaths in high ranking Iranian nuclear scientists who were believed to have been saboteurs. The virus appears to have been designed to specifically target the type of controllers on the centrifuges.

There was a good article somewhere on the net about it at the end of last year.

Well they helped finish the job then by killing some of the guys that actually built the thing

 

[dowie]

I thought the Iranian scientist killings were carried out by/on behalf of Israel/the West?

I mean they were shot by people on motorbikes, if the regime wanted them disappeared they had much easier ways of making it happen - they're not exactly averse to imprisoning or executing suspected spies after all.

 

[Destination]

Spoiler

They knew exactly what to aim at. There were numbers in the code that the Virus companies couldn't work out but one guy in Europe said they belonged to components in Iran linked to their nuclear industry. Basically it went all around the World but would only attack when it found those numbers.

What was also special was that the code was 5 times bigger than any other malware code but completely clean of bugs, every piece of code did something.

It is a change from the previous viral attacks, where agents accessed the systems directly and using usb added something to destroy the various pieces of equipment.
This is nothing new, they were doing this in Iran for years, it was previously reported on the BBC, years ago.

 

[SexyGreyFox]

t
but my comment was re: what they said not making much sense in itself... having 5-10 people work on a complex project in itself doesn't imply that it had to be a state actor

I suppose because of what the virus went to destroy. It moved all around the world but was only aimed at stuff in Iran's nuclear plants. Normal hackers wouldn't do this - apparently.
They also needed 'spies' to be able to get those codes since the components were made in Iran.

 

[dowie]

I know, I was commenting on what the article said though not what happened. There is plenty of evidence to support that it was state actors by my comments were in reference to what I quoted.