Earlier this summer, cyber security experts uncovered the Stuxnet Malware virus, an internet worm that can search for and wreak havoc upon specific, electronic, industrial systems (which it has done in Iran). Kevin Pereira talks to Wired.com's Ryan Singel to learn more about Stuxnet, its complexities and its effects on international politics. It's all a very delicate situation.
Read more: http://g4tv.com/attackoftheshow/theloop/72...l#ixzz10qCQ5AVk
G4 Story on Industrial hacking in Iran.
Full Version: Anybody else see this IRL Hacker news? Stuxnet.
Well derp.
You guys are good.
You guys are good.
So to answer, yes we have. 
Yep very dangerous. So much computer control, a friend of mine works for a giant ceramics plant that uses computer control to run huges ovens that you could drive a bus into and run over 1k degrees. So a virus like that could do some serious damage. and I don't want to think about the nuclear power plants.
QUOTE (jakephillips @ Sep 28 2010, 06:37 PM) 
Yep very dangerous. So much computer control, a friend of mine works for a giant ceramics plant that uses computer control to run huges ovens that you could drive a bus into and run over 1k degrees. So a virus like that could do some serious damage. and I don't want to think about the nuclear power plants.
That would require that key systems to nuclear reactors be computerized.
For that very reason, most are not.
The nest security software in the world is still Airgap™.
Air gap style security doesn't help if your construction and engineering contractors keep sticking strange USB keys into your network.
-k
-k
Some more interesting speculation:
QUOTE
It is hard to ignore the fact that the highest number of infections seems to be in Iran. Can we think of any reasonable target that would match the scenario? Yes, we can. Look at the Iranian nuclear program. Strange -- they are presently having some technical difficulties down there in Bushehr. There also seem to be indications that the people in Bushehr don't seem to be overly concerned about cyber security. When I saw this screenshot last year (http://www.upi.com/News_Photos/Features/The-Nuclear-Issue-in-Iran/1581/2/) I thought, these guys seem to be begging to be attacked. If the picture is authentic, which I have no means of verifying, it suggests that approximately one and a half year before scheduled going operational of a nuke plant they're playing around with software that is not properly licensed and configured. I have never seen anything like that even in the smallest cookie plant. The pure fact that the relevant authorities did not seem to make efforts to get this off the web suggests to me that they don't understand (and therefore don't worry about) the deeper message that this tells.
Now you may ask, what about the many other infections in India, Indonesia, Pakistan etc. Strange for such a directed attack. Than, on the other hand, probably not. Check who comissions the Bushehr plant. It's a Russian integrator that also has business in some of the countries where we see high infection rates. What we also see is that this company too doesn't seem to be overly concerned about IT security. As I am writing this, they're having a compromised web site (http://www.atomstroyexport.com/index-e.htm) that tries to download stuff from a malware site that had been shut down more than two years ago (www.bubamubaches.info). So we're talking about a company in nukes that seems to be running a compromised web presence for over two years? Strange.
Now you may ask, what about the many other infections in India, Indonesia, Pakistan etc. Strange for such a directed attack. Than, on the other hand, probably not. Check who comissions the Bushehr plant. It's a Russian integrator that also has business in some of the countries where we see high infection rates. What we also see is that this company too doesn't seem to be overly concerned about IT security. As I am writing this, they're having a compromised web site (http://www.atomstroyexport.com/index-e.htm) that tries to download stuff from a malware site that had been shut down more than two years ago (www.bubamubaches.info). So we're talking about a company in nukes that seems to be running a compromised web presence for over two years? Strange.
QUOTE (KarmaInferno @ Sep 29 2010, 06:24 AM)
Air gap style security doesn't help if your construction and engineering contractors keep sticking strange USB keys into your network.
-k
-k
So what you're saying is "Don't be a fool, virus scan your tool?"
QUOTE (KarmaInferno @ Sep 29 2010, 01:24 AM)
Air gap style security doesn't help if your construction and engineering contractors keep sticking strange USB keys into your network.
-k
-k
If your allowing them to do that, or hell made them able to do it then you really havn't implemented Airgap right. It is finding that acceptable line between decreased convenience and functionality vs security that is what Infosec is all about.
QUOTE (LurkerOutThere @ Sep 29 2010, 05:03 PM)
If your allowing them to do that, or hell made them able to do it then you really havn't implemented Airgap right. It is finding that acceptable line between decreased convenience and functionality vs security that is what Infosec is all about.
Looking at Krojar's post, it appears the folks at Iran's nuke plant barely seems to know what infosec even is.
I mean, I made my comment because the USCYBCOM seems to think the virus was spread by one unwitting contractor was plugging an infected USB key into many different systems, and many of the areas that contractor was doing work show a significant infection rate.
-k
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.