backtop


Print 76 comment(s) - last by ADoA.. on Oct 4 at 11:25 PM


Iran's first nuclear power plant has suffered a serious cyber-intrusion from a sophisticated worm that infected workers' computers, and potentially plant systems.  (Source: AP)

The worm has spread to over 10,000 computers in Indonesia. Computers in the U.S. have also been infected.  (Source: Digitrain)
Attack has since spread to plants and computers in the U.S. and elsewhere, posing serious threat

It's been only a month since the activation of Iran's first nuclear power plant and there's already a major crisis concerning proliferation.  But this crisis has nothing to do with nuclear arms proliferation.  Rather, the scare has to do with the proliferation of the Stuxnet worm, a malicious computer program that has invaded the plant's computers and since spread to computers worldwide.

The viral program is very sophisticated and appears designed specifically to attack the plant.  It first was released onto workers' computers, designed to try to reach plant's control systems.  Unlike other more sophisticated attacks which appeared to be primarily geared for monitoring, this attack was designed to do damage.  It contained logic to sabotage nuclear fuel enrichment centrifuges.  The centrifuges, made by German equipment electronics giant Siemens, would be made to fail in a virtually unnoticeable way.

The Bushehr plant is located near Natanz, central-Iranian city located almost 200 miles south of the capital city of Tehran.  The plant is a joint endeavor between Iran and Russia.  While the U.S. and others have chastised Russia for its involvement, the U.S. intelligence community has asserted that it doesn't believe Iran to be currently developing nuclear weapons at the facility.

Mahmoud Jafari, project manager at the Bushehr nuclear plant is quoted in 
The Telegraph, a UK newspaper, as stating that the viral worm never achieved its goal.  Comments Mr. Jafari, "[It] has not caused any damage to major systems of the plant."

But according to international whistle-blower site 
Wikileaks, a serious nuclear accident occurred at the plant sometime before mid-June.  The site's founder, Julian Assange, wrote:

Two weeks ago, a source associated with Iran's nuclear program confidentially told WikiLeaks of a serious, recent, nuclear accident at Natanz. Natanz is the primary location of Iran's nuclear enrichment program.
WikiLeaks had reason to believe the source was credible however contact with this source was lost.
WikiLeaks would not normally mention such an incident without additional confirmation, however according to Iranian media and the BBC, today the head of Iran's Atomic Energy Organization, Gholam Reza Aghazadeh, has resigned under mysterious circumstances. According to these reports, the resignation was tendered around 20 days ago.

Inspectors examined the claims, but found no distinguishable traces of an accident.

A time stamp on the virus reveals that it was made in January.  What is equally remarkable to its sophistication in terms of attack behavior is the lack of sophistication when it comes to the worm's proliferation.  

If it had constrained its infections to Bushehr, it would likely not have been noticed for some time.  Instead, the worm was extremely aggressive in its infection vectors, spreading to fifteen other Siemens plants, and tens of thousands of non-plant computers worldwide.  In Iran 60,000 computers are infected.  In Indonesia, 10,000 machines are infected.  And in the United States thousands of computers are believed to be infected as well.

That creates a dangerous situation, as numerous parties, including international governments and black-hat hackers, are racing to reverse-engineer the code and exploit the infected machines.  The infected machines may not only compromise personal details, but may compromise industrial infrastructure in Iran, Indonesia, India (another infection site), and the U.S.

Melissa Hathaway, a former United States national cybersecurity coordinator, comments, "Proliferation is a real problem, and no country is prepared to deal with it.  All of these guys are scared to death. We have about 90 days to fix this before some hacker begins using it."

So who is behind the attacks?  
The New York Times quotes a former U.S. intelligence office as saying that the attack was the work of Israel’s equivalent of America’s National Security Agency, known as Unit 8200.  According to IEEE Spectrum's December issue, Israel had previously used a cyber-attack to shut off radar systems in Syria, allowing it to evaluate what it believed to be an under-construction nuclear reactor.

Regardless of who perpetrated the attack, the primary issue now is stamping it out, before it can be used for even more nefarious purposes.  Early reports were unclear about the transmission vector, but suggested it may be spreading via USB sticks and other removable media.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Isn't anyone else thinking?
By goku on 9/27/2010 12:18:32 PM , Rating: 2
Curious enough, why would Chernobyl happen in Russia but not somewhere like pakistan or india?


RE: Isn't anyone else thinking?
By omnicronx on 9/27/2010 12:28:48 PM , Rating: 5
Not sure, as it didnt happen in Russia ;)

USSR yes, but Chernobyl is located in what is now Ukraine.

Simply put, reactors are not designed that way anymore. Multiple safety measures are in place, with redundancy being a key point to the safety of these plants.


RE: Isn't anyone else thinking?
By foolsgambit11 on 9/27/2010 5:08:54 PM , Rating: 4
I agree that nuclear plants today are by and large safe, and that an accident like Chernobyl is of very minimal risk. However, safety measures alone aren't enough. An corporate (or government) mentality of risk prevention is also key. The redundant systems can be built into the design, but ensuring that they remain online and fully functional requires vigilance. Part of the issue with Chernobyl (aside from faulty design) was ignoring what turned out to be necessary safety measures during a scheduled maintenance shutdown of one of the reactors. Or take a look at the Gulf oil spill earlier this year - safety measures that were required by law were ignored and/or poorly implemented, leading to a catastrophic failure. Or read Richard Feynman's article on how the corporate culture regarding risk management in NASA led to the Challenger disaster.

Engineers can get a design as close to perfect as humanly possible, but that is only the first factor in considering the overall safety of something like a nuclear power plant. It still has to be built and operated within the designed tolerances.


RE: Isn't anyone else thinking?
By Lerianis on 9/29/2010 3:30:06 AM , Rating: 2
Yep, that is the biggest issue when accidents like Chernobyl or the Gulf oil spill happen..... afterwards, we find out that the proper safety procedures and regulations were NOT being followed.

Yet no heads, save those of lower - middle management ever seem to roll for this stuff nor are the people who condone these things imprisoned like they should be.

Maybe it's time to make ignoring regulations (at least in the instance where very bad things can happen if they are ignored) a CRIMINAL offense, and one that a company can be shut down, seized and sold for!


RE: Isn't anyone else thinking?
By Iaiken on 9/27/2010 12:55:27 PM , Rating: 5
quote:
Curious enough, why would Chernobyl happen in Russia but not somewhere like pakistan or india?


That is because Indian reactors are all "Douglas Point" CANDU reactor derivatives. These are arguably the safest reactors in the world due to the lack of requirements for moving parts and the ability to "poison" the reactor with a coolant/neutron inhibitor and stop the reaction at any time.

Another reason is that these reactors use natural Uranium and run MUCH cooler and with fewer "hot spots" than light water reactors due to the heavy waters inability to absorb excited neutrons.

Finally, the actual fuel piles cannot go critical without the heavy water medium as it is required to continue the chain reaction. This opens up the ability to simply drain the reactor and stop all criticality using a combination of gravity and reactor pressure.

Lastly, they are HEAVILY bunkered against an interior explosion, which would limit contamination to the plant itself.

You can find out more here:

http://www.aecl.ca/Reactors.htm

A key factor in the cause of Chernobyl was the almost exclusive reliance on graphite control rods and enriched uranium. When the fuel pile got too hot, the rods and fuel expanded and prevented the control rods from being removed during the attempted SCRAM.

This spiked the power production which then caused the water to boil off faster than the steam could be evacuated (the turbines had been shut down) and caused the resultant explosion. This cemented the picture of that shattered number 4 reactor building in peoples minds and turned them against all nuclear power plants regardless of design.


RE: Isn't anyone else thinking?
By Iaiken on 9/27/2010 1:08:13 PM , Rating: 3
Clarification:

quote:
A key factor in the cause of Chernobyl was the almost exclusive reliance on graphite-tipped control rods, enriched uranium and a graphite moderator. When the fuel pile got too hot, the rods and fuel expanded and prevented the control rods from being inserted during the attempted SCRAM.


Basically, the lodged graphite tips caused an increase in criticality, which caused the spike.

Sorry for the goof-up.


RE: Isn't anyone else thinking?
By Iaiken on 9/27/10, Rating: 0
RE: Isn't anyone else thinking?
By psenechal on 9/27/2010 1:09:55 PM , Rating: 4
Wow...thanks for the awesome description of current nuclear reactor safety systems and design. It's nice to know they're actually NOT trying to blow up the planet =)


RE: Isn't anyone else thinking?
By Samus on 9/27/2010 11:21:18 PM , Rating: 3
Totally...it's ridiculous to keep referring to nuclear disasters that occured during the initial implementations of the technology just shortly after using nuclear fuel to generate electricity was discovered.

It's like saying the Ford Model T's crank start system killed thousands when it backfired, and starting a car is still dangerous. Or what were those other cars that exploded in rear-end collisions? Yea, cus that happens all the time, right?

It's like saying flying by aircraft is among the most dangerous ways to travel as it was duing the 1930's, and flying today is still equally as dangerous.

Technology improves, but people never give nuclear technology or advancement any credit for doing so.


RE: Isn't anyone else thinking?
By DEVGRU on 9/27/2010 1:59:18 PM , Rating: 3
quote:
Curious enough, why would Chernobyl happen in Russia but not somewhere like pakistan or india?


Easy. One word...

Vodka!


By monkeyman1140 on 9/29/2010 2:24:01 AM , Rating: 2
yeah yeah, everybody claims their reactor design is safe. That's why there have been hundreds of accidents over the years, plenty of spills, radioactive releases, and a few explosions.


"Google fired a shot heard 'round the world, and now a second American company has answered the call to defend the rights of the Chinese people." -- Rep. Christopher H. Smith (R-N.J.)














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki