backtop


Print 65 comment(s) - last by wordsworm.. on Mar 13 at 3:44 PM

Source code could be adapted to break factories, power grids, the sewage system, and other critical utilities

For as much as the U.S. is maligned for being oft victimized by internet aggressors -- some of whom are mere high school age children -- the nation is believed to have conducted one very audacious and surprising effective (to an extent) cyber black ops in history.

I. StuxNet -- The U.S.'s Most Danger Cyber "Black Op"

In June 2010, security experts found a new type of worm -- the phrase commonly used to refer to a self-spreading malicious computer program.  They dubbed it "Stuxnet".

But unlike most worms, which try to accumulate a stockpile of infected machines for spamming, Bitcoin mining, or distributed denial of service purposes, Stuxnet was disinterested in doing anything malicious to most of the machines it was infecting.  Rather, it just wanted to spread, inching towards its true target -- Iran.

In fact, it was aimed at a very specific target in Iran -- the nation's secretive nuclear refining facilities.  And after infecting over 60,000 personal computers in Iran, it reached the facilities.

Iran nuclear facilities
The U.S. and Israeli reportedly used a computer virus to sabotage Iran's growing nuclear program -- a halfway successful effort that did wreak some havoc at Iran's processing facilities. [Image Source: CBS]

In the summer of 2010 it spun hundreds of centrifuges -- produced by German electronics giant Siemens -- to their breaking points.  It was a major setback for Iran's nuclear program.  Unsurprisingly Iran -- which insists that its nuclear program was intended for peaceful and not weapons-making purposes -- was quick to lash out at "Western spies" for the sabotage effort.

But details that have emerged since have proved that their is likely truth in those claims, as evidence points to the U.S. and Israeli jointly developing the malware, possibly with other allies.

II. Mission Success?  Or a Darker Reality?

Stuxnet seemed a very effective attack -- even if the eventual implication of U.S. and Israeli involvement was a public relation setback for the alleged authors.  But ultimately, it did not succeed in permanently destroying Iran's nuclear program.  Today the U.S. believes that Iran not only has nuclear power -- it is thought to be close to possessing one or more nuclear weapons.

Computer worm
The attack failed to stop Iran's nuclear efforts.  Worse yet, researchers fear the worm's source could be turned against its authors. [Image Source: TechTear]

And Iran -- the greatest tech power in the Middle East outside of Israel -- showed itself to be growing increasingly sophisticated in digital efforts, downing a U.S. unmanned drone in a recent high-profile embarrassment.  (President Obama requested the drone be returned, Iran mocked him by sending toy replicas.)

And aside from not truly achieving its intended long-term effect, the decision to release Stuxnet may have much more dire consequences.  The source code for the worm has recently been decompiled and is floating around on hacker sites, according to a new 60 Minutes report by CBS Corp. (CBS).

III. War 2.0: U.S. May See Its Own Source Code Turned Against it

In its primetime special, CBS reporters argue that releasing the worm may have been akin to Pandora of Greek mythology opening a box that let loose chaos and destruction into her world.  The report states that various groups ranging from independent malicious hackers to white hat security researchers to foreign intelligence agencies are all racing to adapt the highly virulent, highly successful worm for use in new attacks.

Such attacks could destroy machinery at sewage plants, electrical grid locations, traffic signals, or other applications.  Such critical infrastructure often is air-gapped, but is sensitive to connections during routine maintenance.  As the air-gapping (not having a physical internet connection to the outside world) gives a traditional sense of security, these types of devices may have less robust security mechanisms, and hence be more vulnerable to mechanical or electrical overdriving.




Only time will tell whether a Stuxnet variant will come back to bite the U.S.  But given the success of AnonymousLulzSec, and other hacker collectives in openly defying and attacking the U.S. government digitally, it's not infeasible to imagine such groups looking to cripple vital U.S. infrastructure in the near future.  Or alternatively, hostile nations like Iran or North Korea could return fire, using the U.S. and Israel's own code against them.

Sources: CBS [1], [2]



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: The logic in the article is flawed!
By TSS on 3/6/2012 9:35:01 AM , Rating: 3
...yeah the atom bomb was a little bit different, specially since you have a crazy guy who would've dropped it very first chance he got, without a world full of missiles to stop him.

Here's a better movie about stuxnet, that's been around longer.

http://www.youtube.com/watch?v=7g0pi4J8auQ

Yknow the problem of stuxnet isn't as much that it wouldn't have been created eventually. It is because it was made, and used, with internet and digital thinking still in it's infancy.

By the time we got the atom bomb, we've already had thousands of years of war, and it still nearly destroyed us. Now we've got something that can shut down the entire infrastructure of an entire country. Drop a fusion bomb on new york, and new york dissapears. Drop a stuxnet on new york that takes out powerplants, and the entire USA dissapears. While most people can't even resist clicking on a flashing cat that tells them they've won. This INCLUDES people who decide the fate of entire nations.

Just as an example, a better analogy would be like the US used an atom bomb, along with the plans and materials so the enemy can build their own, while their own defence consists of slingshots. Only this atom bomb can be dropped by anybody, anywhere, at any time. Even an individual.

While of course there are defences now against stuxnet specifically, that doesn't mean the defence against that paticular technology has gotten any better.

What has gotten much worse though are the cyber wars. Since stuxnet was released the cyber wars in the background have escalated. "Anonymous" taking down government websites? Really? The highschool i had an internship with back in 2005 ran entirely on windows, and even they had both spam and ddos protection. You *couldn't* take down anything. The server would simply refuse to patch you through.

We're fast approaching a war we've never seen before. One where people are going to die and not a single shot will be fired. Let's just hope nobody decides to actually pick up a gun or it'll only get much, much worse.


RE: The logic in the article is flawed!
By bh192012 on 3/6/2012 12:56:52 PM , Rating: 2
I think people give too much credit to the dangers of hackers. Mainly things like
quote:
Drop a stuxnet on new york that takes out powerplants, and the entire USA dissapears.
Hacking is a very specific endeavour. Like real viruses, they will hit specific systems. Hackers can jack up specific users, specific systems etc. It would be incredibly difficult to somehow hit ALL elcectrical grids in the US. They're not all based on the same software etc. At best they could take out sections at a time.


By Rukkian on 3/6/2012 1:27:42 PM , Rating: 2
Until skynet comes online and takes over all systems!


By TSS on 3/7/2012 6:02:25 PM , Rating: 3
Do you even know what a PLC is? I do, i worked with the damn things on my IT education. I never could understand why.

Because they are mainly used in traffic lights. Our end assignment was programming traffic lights for a 4 way intersection.

So i already know stuxnet could theoretically disable just about every traffic light everywhere. As long as it's hooked up to a central monitoring system or something.

But, as the real use of stuxnet showed, those things are used everywhere. Even all the way to nuclear centrifuges.

Unlike a atom bomb though, once it's built it doesn't require more materials or knowledge to build another. When you fire it, it doesn't blow up - it can be used again and again. Your enemy can pick it apart much more easily then it took you to build it.

I'm giving hackers exactly the right amount of credit. Stuxnet wasn't made by hackers. It was made by a professional contractor. Hackers *can't* make something as sophisticated as that.

It's not dangerous because it'll take alot of effort to program in a new target. It's dangerous because somebody just pulled the trigger on a really, really big gun. And now others will take up arms.....


By ZorkZork on 3/6/2012 4:29:26 PM , Rating: 2
The video you link to is too superficial and doesn’t touch the real difficulties. So how do you think they were able to hit those specific centrifuges? Guesswork? There must have been an intelligence operation to understand the exact setup of the Iranian hardware and copies of the software. This involves people on the ground or additional viruses. How you do you find 20 zero day vulnerabilities? This is not something you just find on the internet. You must search the specific systems for these vulnerabilities. This must have been a very expensive operation and writing the software was just a small part of it. There has been a massive intelligence operation before the first line of code was thought of.

Unless all powerplants use the same hardware and same software, a total attack would be very difficult. And if they use the same hardware and software, then defending them properly is a lot cheaper (economy of scale).

Unless you have loads of money and sufficient intelligence resources, then your best chance for a large scale attack is denial of service. On the other hand, the Chinese, Russian, North Korean, Iranian, Pakistani, Indian, Brazilian, French, Canadian (fill in your own nemesis) governments have vast resources available. For them a small scale attack (like Stuxnet) would be feasible. A larger scale attack would be very difficult, as you most likely would need people on the ground trying to understand the setup of each power plant. And then such an attack becomes much easier to discover and stop.


"Mac OS X is like living in a farmhouse in the country with no locks, and Windows is living in a house with bars on the windows in the bad part of town." -- Charlie Miller














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki