IPB

Welcome Guest ( Log In | Register )

2 Pages V   1 2 >  
Reply to this topicStart new topic
> Shadowrun IRL: Stuxnet, Calling Echo Mirage...
Demonic357
post Sep 22 2010, 02:07 PM
Post #1


Target
*

Group: Members
Posts: 10
Joined: 14-June 10
Member No.: 18,702



And we're one step closer to February 8th 2029. I don't know if anyone else has read about this yet, but it damn near gave me the shivers when I saw it.

Stuxnet malware is a weapon

Given the vagueness and secrecy surrounding the US Cyber Command I'm surprised they announced anything at all.
Go to the top of the page
 
+Quote Post
Chance359
post Sep 22 2010, 03:07 PM
Post #2


Moving Target
**

Group: Members
Posts: 993
Joined: 26-February 02
Member No.: 313



It could be Skynet...
Go to the top of the page
 
+Quote Post
tete
post Sep 22 2010, 06:18 PM
Post #3


Running Target
***

Group: Members
Posts: 1,095
Joined: 26-February 02
From: Seattle Wa, USA
Member No.: 1,139



Nothing to see here, move along citizen!
Go to the top of the page
 
+Quote Post
Christian Lafay
post Sep 22 2010, 06:32 PM
Post #4


Moving Target
**

Group: Members
Posts: 673
Joined: 9-May 08
Member No.: 15,965



I like the "available on the black market" part. How much for this Black Hammer, I wonder.
Go to the top of the page
 
+Quote Post
vladthebad
post Sep 22 2010, 07:21 PM
Post #5


Target
*

Group: Members
Posts: 28
Joined: 27-August 10
Member No.: 18,977



QUOTE (Demonic357 @ Sep 22 2010, 09:07 AM) *
And we're one step closer to February 8th 2029. I don't know if anyone else has read about this yet, but it damn near gave me the shivers when I saw it.

Stuxnet malware is a weapon

Given the vagueness and secrecy surrounding the US Cyber Command I'm surprised they announced anything at all.


It sounds more like it was designed to destroy skynet's robot factories in space.
Go to the top of the page
 
+Quote Post
KarmaInferno
post Sep 22 2010, 08:08 PM
Post #6


Old Man Jones
********

Group: Dumpshocked
Posts: 4,415
Joined: 26-February 02
From: New York
Member No.: 1,699



The cynical bastard in me wonders if this isn't a bit of social engineering by the hackers at US Cybercommand.

If you wanted to delay someone from turning a device on, convince them it might blow up it they do.

I have to imagine there are codemonkeys in Iran right now feverishly poring over millions of lines of code trying to determine if their nuclear plant is infected.



-karma
Go to the top of the page
 
+Quote Post
Doc Chase
post Sep 22 2010, 08:13 PM
Post #7


Runner
******

Group: Members
Posts: 3,179
Joined: 10-June 10
From: St. Louis, UCAS/CAS Border
Member No.: 18,688



I'm sort of thinking this kind of thing wouldn't be USCYBCOM's purview.

Mossad, on the other hand...
Go to the top of the page
 
+Quote Post
tete
post Sep 22 2010, 08:47 PM
Post #8


Running Target
***

Group: Members
Posts: 1,095
Joined: 26-February 02
From: Seattle Wa, USA
Member No.: 1,139



QUOTE (KarmaInferno @ Sep 22 2010, 09:08 PM) *
The cynical bastard in me wonders if this isn't a bit of social engineering by the hackers at US Cybercommand.

If you wanted to delay someone from turning a device on, convince them it might blow up it they do.

I have to imagine there are codemonkeys in Iran right now feverishly poring over millions of lines of code trying to determine if their nuclear plant is infected.



-karma



I'd have to recheck the security announcement but I'm pretty sure the only thing odd on this one was it was using 6 zero day exploits to infect (most use 1). It also only directly attacks a micro-controler made my Siemens. The zero days were just used as transport across windows systems.
Go to the top of the page
 
+Quote Post
KarmaInferno
post Sep 22 2010, 08:52 PM
Post #9


Old Man Jones
********

Group: Dumpshocked
Posts: 4,415
Joined: 26-February 02
From: New York
Member No.: 1,699



Sorry, I'll clarify.

By , "social engineering", I mean, "a lie".

Even if you suspect it's a lie, you are operating a nuclear power plant. Would you want to take that risk?


-karma
Go to the top of the page
 
+Quote Post
Doc Chase
post Sep 22 2010, 08:53 PM
Post #10


Runner
******

Group: Members
Posts: 3,179
Joined: 10-June 10
From: St. Louis, UCAS/CAS Border
Member No.: 18,688



QUOTE (KarmaInferno @ Sep 22 2010, 09:52 PM) *
Sorry, I'll clarify.

By , "social engineering", I mean, "a lie".




-karma


No no, I know what you 're sayin'. Maybe it's me just being naive, but I don't see CYBCOM being capable of that kind of flim-flam.
Go to the top of the page
 
+Quote Post
tete
post Sep 22 2010, 08:58 PM
Post #11


Running Target
***

Group: Members
Posts: 1,095
Joined: 26-February 02
From: Seattle Wa, USA
Member No.: 1,139



I'm still not sure where your going with that, Langner Communications I believe has credit for decrypting the intent of the malware I believe. They are a German company.
Go to the top of the page
 
+Quote Post
Doc Chase
post Sep 22 2010, 09:04 PM
Post #12


Runner
******

Group: Members
Posts: 3,179
Joined: 10-June 10
From: St. Louis, UCAS/CAS Border
Member No.: 18,688



QUOTE (tete @ Sep 22 2010, 09:58 PM) *
I'm still not sure where your going with that, Langner Communications I believe has credit for decrypting the intent of the malware I believe. They are a German company.


So we have a worm that attacks German controllers, discovered by a German company...

...Who hates ze Germans so much? (IMG:style_emoticons/default/nyahnyah.gif)
Go to the top of the page
 
+Quote Post
tete
post Sep 22 2010, 09:08 PM
Post #13


Running Target
***

Group: Members
Posts: 1,095
Joined: 26-February 02
From: Seattle Wa, USA
Member No.: 1,139



My guess would be Germans based on this http://www.itnews.com.au/News/232831,us-hu...ogle-fibre.aspx
Go to the top of the page
 
+Quote Post
Doc Byte
post Sep 23 2010, 12:22 AM
Post #14


Moving Target
**

Group: Members
Posts: 633
Joined: 16-March 05
From: 51 16' North 7 11' East
Member No.: 7,168



Toying around with nuclear facilities is genially a poor idea. Fallout doesn't stop at your border. We Europeans do remember Chernobyl very vividly. - Damn, I couldn't play in the sandbox back then! (IMG:style_emoticons/default/sarcastic.gif)
Go to the top of the page
 
+Quote Post
hobgoblin
post Sep 23 2010, 02:03 AM
Post #15


panda!
**********

Group: Members
Posts: 10,331
Joined: 8-March 02
From: north of central europe
Member No.: 2,242



Whats next, fake radar signals to trigger crashes in the firmware of a SAM site?
Go to the top of the page
 
+Quote Post
Nifft
post Sep 23 2010, 05:21 AM
Post #16


Moving Target
**

Group: Members
Posts: 372
Joined: 2-March 10
Member No.: 18,227



QUOTE (Doc Chase @ Sep 22 2010, 05:04 PM) *
So we have a worm that attacks German controllers, discovered by a German company...

...Who hates ze Germans so much? (IMG:style_emoticons/default/nyahnyah.gif)

The French.

This is clearly a marketing move: don't buy German nukes, buy French!
Go to the top of the page
 
+Quote Post
Sengir
post Sep 23 2010, 12:22 PM
Post #17


Great Dragon
*********

Group: Dumpshocked
Posts: 5,071
Joined: 3-October 09
From: Kohle, Stahl und Bier
Member No.: 17,709



QUOTE (Doc Chase @ Sep 22 2010, 10:04 PM) *
...Who hates ze Germans so much? (IMG:style_emoticons/default/nyahnyah.gif)

Damn, I knew those Bavarians were up to something...


@Nifft: We dont sell nukes. Just labratories, delivery and guidance systems and whatever else your average tin-pot dictator needs to build his on WMDs...and then protective equipment to the other side.
Go to the top of the page
 
+Quote Post
Daddy's Litt...
post Sep 23 2010, 12:36 PM
Post #18


Moving Target
**

Group: Members
Posts: 976
Joined: 16-September 04
From: Near my daughters, Lansdale PA
Member No.: 6,668



I just read about it. Here http://www.bbc.co.uk/news/technology-11388018 the BBc is speculating it was aimed at the Iranians and among the things it does is turn systems on an off. I do not like the Iranians but that seems like a pretty good way to maybe have a severe melt down. They also say it targets systems not usually attached to the net which also implies it goes after those secret facilities rather than just swarming the whole net.
Go to the top of the page
 
+Quote Post
Doc Chase
post Sep 23 2010, 02:51 PM
Post #19


Runner
******

Group: Members
Posts: 3,179
Joined: 10-June 10
From: St. Louis, UCAS/CAS Border
Member No.: 18,688



Judging by how it's spread around other secure systems in other countries, it makes an excellent tracking device for contractors doing what they shouldn't be.
Go to the top of the page
 
+Quote Post
tete
post Sep 24 2010, 01:03 AM
Post #20


Running Target
***

Group: Members
Posts: 1,095
Joined: 26-February 02
From: Seattle Wa, USA
Member No.: 1,139



QUOTE (Doc Chase @ Sep 23 2010, 02:51 PM) *
Judging by how it's spread around other secure systems in other countries, it makes an excellent tracking device for contractors doing what they shouldn't be.



Well some secure systems are certainly secure from use. The main reason governments hire contractors is to circumnavigate their own regulations...
Go to the top of the page
 
+Quote Post
Doc Chase
post Sep 24 2010, 01:48 AM
Post #21


Runner
******

Group: Members
Posts: 3,179
Joined: 10-June 10
From: St. Louis, UCAS/CAS Border
Member No.: 18,688



QUOTE (tete @ Sep 24 2010, 02:03 AM) *
Well some secure systems are certainly secure from use. The main reason governments hire contractors is to circumnavigate their own regulations...


Sure, but they've been tracking this thing from a USB key a contractor's been using while going from place to place. Give each iteration of the virus a specific signature, and you can track where he's been and what he's been working on.

One quick waterboard debriefing later, and ta-da! Intel.
Go to the top of the page
 
+Quote Post
Neurosis
post Sep 24 2010, 02:13 AM
Post #22


Moving Target
**

Group: Members
Posts: 935
Joined: 2-September 10
Member No.: 19,000



Welp this is fucking terrifying.
Go to the top of the page
 
+Quote Post
nezumi
post Sep 24 2010, 01:09 PM
Post #23


Incertum est quo loco te mors expectet;
*********

Group: Dumpshocked
Posts: 6,546
Joined: 24-October 03
From: DeeCee, U.S.
Member No.: 5,760



The original article seems to be missing some details which perhaps downplayed the pants-wetting fear for me. A lot of the 'new technologies' seem not so new to me. Certainly the idea of using viruses to attack SCADA systems is not a new idea (and oftentimes SCADA systems have unusual requirements which prevent them from being properly secured - for instance a piece of software which runs only on Windows 98). The directed attack is new, but not novel. Spear-phishing already does this. The impressive part is that a government actually got the resources together to take advantage of an emerging technology like this (which makes me suspect this isn't the US government).

We will see in this in the future. Fortunately, it has been predicted, and at least SOME people have been paying attention, so the process of defense is already started.

(The part that would make me really impressed in this case would be if the virus exploited a vulnerability that the owners of the software were not aware of. At that point we're getting a bit more pants-wetting.)
Go to the top of the page
 
+Quote Post
Sengir
post Sep 24 2010, 06:14 PM
Post #24


Great Dragon
*********

Group: Dumpshocked
Posts: 5,071
Joined: 3-October 09
From: Kohle, Stahl und Bier
Member No.: 17,709



QUOTE (nezumi @ Sep 24 2010, 01:09 PM) *
The impressive part is that a government actually got the resources together to take advantage of an emerging technology like this (which makes me suspect this isn't the US government).

Bear in mind that both the origin and the target of this malware are highly speculative. Off the top of my head, blackmail would be another explaination - pay us, or the next version won't have an expiry date. The targeted company of course did not make it public (because shareholders and authorities would panic), and at some point a company representative inadvertedly took it with him on a business trip.

QUOTE
(The part that would make me really impressed in this case would be if the virus exploited a vulnerability that the owners of the software were not aware of. At that point we're getting a bit more pants-wetting.)

Uhm, that's more or less the definition of a zero-day exploit: A vulnerability the software's manufacturer only becomes aware of when analyzing an already existing attack (IMG:style_emoticons/default/wink.gif)


And on a semi-related note: The unexiting truth behind many claims about "cyberwar". As a German commentator wrote, it's like a twelve year old claiming he was mauled by a gang of Mafia hitmen, because he doesn't want to admit the little girl next door gave him that black eye.
Go to the top of the page
 
+Quote Post
nezumi
post Sep 24 2010, 07:24 PM
Post #25


Incertum est quo loco te mors expectet;
*********

Group: Dumpshocked
Posts: 6,546
Joined: 24-October 03
From: DeeCee, U.S.
Member No.: 5,760



I know what a zero-day exploit is, and that isn't so unusual. The fact that it's still a concern so long AFTER day 0 which would make it surprising.
Go to the top of the page
 
+Quote Post

2 Pages V   1 2 >
Reply to this topicStart new topic

 



RSS Lo-Fi Version Time is now: 5th June 2023 - 01:26 PM

Topps, Inc has sole ownership of the names, logo, artwork, marks, photographs, sounds, audio, video and/or any proprietary material used in connection with the game Shadowrun. Topps, Inc has granted permission to the Dumpshock Forums to use such names, logos, artwork, marks and/or any proprietary materials for promotional and informational purposes on its website but does not endorse, and is not affiliated with the Dumpshock Forums in any official capacity whatsoever.