Stuxnet
Hi Jocelyn, thanks for teaming up on the Stuxnet tree. Jul 15
Get flash to fully experience Pearltrees
When a computer attack hobbled Iran's unfinished nuclear power plant last year, it was assumed to be a military-grade strike, the handiwork of elite hacking professionals with nation-state backing. Yet for all its science-fiction sophistication, key elements have now been replicated in laboratory settings by security experts with little time, money or specialized skill. It is an alarming development that shows how technical advances are eroding the barrier that has long prevented computer assaults from leaping from the digital to the physical world. Exposed: Dillon Beresford said it took him just two months and $20,000 in equipment to find more than a dozen vulnerabilities in electronic controllers of the same type used in Iran The techniques demonstrated in recent months highlight the danger to operators of power plants, water systems and other critical infrastructure around the world.
U.S. fears science fiction-style sabotage in new wave of cyber attacks | Mail Online
Stuxnet seems to have been designed to target uranium enrichment systems Initial analysis of the worm found that parts of Duqu are nearly identical to Stuxnet and suggested that it was written by either the same authors or those with access to the Stuxnet source code. "Unlike Stuxnet, Duqu does not contain any code related to industrial control systems and does not self-replicate," Symantec said in its blog.
BBC News - Researchers warn of new Stuxnet worm
Stuxnet Malware Analysis Paper - CodeProject
Stuxnet is not only a new virus or worm but it's a new era of malware. This virus changed the meaning of malware and their goals. You hear about a virus annoying people or stealing banks or credit cards, but that's the first time you hear about virus damages buildings, destroys machines or kills people and that's Stuxnet. Stuxnet has gained a lot of attention from malware researchers and media in the last year. It's created to sabotage Iran's nuclear program.
Greenpeace is on a mission to expose major corporations and government agencies involved in shady activities--by posting thousands of Freedom of Information Act documents on highly publicized websites. If Greenpeace's tactics work, the organization could change the way companies do business, or at least force them to better hide incriminating documents. Think of it as a government-enabled WikiLeaks for polluting companies. The first target: BP and all the companies involved in the Deepwater Horizon disaster. This week, Greenpeace posted approximately 30,000 pages of previously unseen documents related to the oil disaster on its new PolluterWatch Research site.
Environmental WikiLeaks: Greenpeace Crowdsources Research Of Secret BP Documents | Fast Company
A heatmap showing the number of computers infected by the Stuxnet computer worm.
Stuxnet worm is the 'work of a national government agency' | Technology | guardian.co.uk
On July 7, 2010 , a power glitch in the solar panels of India’s INSAT-4B satellite resulted in 12 of its 24 transponders shutting down. As a result, an estimated 70% of India’s Direct-To-Home (DTH) companies’ customers were without service. India’s DTH operators include Sun TV and state-run Doordarshan and data services of Tata VSNL.
Did The Stuxnet Worm Kill India’s INSAT-4B Satellite? - The Firewall - the world of security - Forbes
Stuxnet VS Fukushima?
The Dimona complex in the Negev desert is famous as the heavily guarded heart of Israel’s never-acknowledged nuclear arms program, where neat rows of factories make atomic fuel for the arsenal. Over the past two years, according to intelligence and military experts familiar with its operations, Dimona has taken on a new, equally secret role — as a critical testing ground in a joint American and Israeli effort to undermine Iran’s efforts to make a bomb of its own. Behind Dimona’s barbed wire, the experts say, Israel has spun nuclear centrifuges virtually identical to Iran’s at Natanz, where Iranian scientists are struggling to enrich uranium. They say Dimona tested the effectiveness of the computer worm, a destructive program that appears to have wiped out roughly a fifth of Iran’s nuclear centrifuges and helped delay, though not destroy, Tehran’s ability to make its first nuclear arms.
Stuxnet Worm Used Against Iran Was Tested in Israel - NYTimes.com
The secret of Stuxnet’s existence may have been blown, but clearly someone—someone whose timing was either spectacularly lucky or remarkably well informed—was sparing no effort to fight back. Omens of Doomsday T he volcanoes of Kamchatka were calling to Eugene Kaspersky. In the first week of July, the 45-year-old C.E.O. and co-founder of Kaspersky Lab, the world’s fourth-largest computer-security company, had been in his Moscow office, counting the minutes until his Siberian vacation would start, when one of his engineers, who had just received a call about Stuxnet from Microsoft, came rushing in, barely coherent: “Eugene, you don’t believe, something very frightening, frightening, frightening bad.” After VirusBlokAda found Stuxnet, and Microsoft announced its existence, Kaspersky Lab began researching the virus.
A Declaration of Cyber-War | Culture | Vanity Fair
A member of Anonymous claims to have taken possession of code for the infamous Stuxnet virus. Topiary, an online activist affiliated with the 4-chan-spawned internet coalition, claimed on Twitter to have gained possession of the malware. He said : "Anonymous is now in possession of Stuxnet – problem, officer?" Anonymous claims to have lifted the source code during a high-profile hack against HBGary, a security consultancy that was trying to identify senior members of the group.
Anonymous hacktivists: We've got Stuxnet code • The Register
TEHRAN, June 13 (Xinhua) -- Deputy Secretary of the Supreme National Security Council of Iran Ali Bagheri called on the International Atomic Energy Agency (IAEA) on Monday to detect agents involved in Stuxnet computer worm plan, the semi-official ISNA news agency reported. Addressing the closing session of the second International Nuclear Disarmament Conference in Tehran on Monday, Bagheri urged IAEA to form a fact-finding committee to detect agents involved in nuclear terrorism and operation of Stuxnet computer worm, said the report. In September, the Islamic Republic said that the computer worm of Stuxnet infected 30,000 IP addresses in Iran but the Iranian Foreign Ministry denied the reports that a cyber worm had damaged computer systems at the country's nuclear power plant.
Iran urges IAEA to detect agents involved in Stuxnet attack
Understanding Stuxnet
Stuxnet VS BP & Transocean's Deepwater Horizon?
Warhead? National security experts the world over currently have one new and weighty question on their mind. Who built Stuxnet, the infamous computer worm? And what’s its target? Iran itself has acknowledged that its nuclear program is suffering from a sophisticated attack by a novel and adaptive computer worm called Stuxnet. But then controversy begins.
Stuxnet | Kings of War
VIENNA – In an underground chamber near the Iranian city of Natanz, a network of surveillance cameras offers the outside world a rare glimpse into Iran’s largest nuclear facility. The cameras were installed by U.N. inspectors to keep tabs on Iran’s nuclear progress, but last year they recorded something unexpected: workers hauling away crate after crate of broken equipment. In a six-month period between late 2009 and last spring, U.N. officials watched in amazement as Iran dismantled more than 10 percent of the Natanz plant’s 9,000 centrifuge machines used to enrich uranium. Then, just as remarkably, hundreds of new machines arrived at the plant to replace the ones that were lost.
Iran’s Natanz nuclear facility recovered quickly from Stuxnet cyberattack «
'Computer virus in Iran actually targeted larger nuclear facility' - Haaretz Daily Newspaper | Israel News
Experts on Iran and computer security specialists yesterday voiced a growing conviction that the worm that has infected Iranian nuclear computers was meant to sabotage the uranium enrichment facility at Natanz - where the centrifuge operational capacity has dropped over the past year by 30 percent. The new analysis, based on the characteristic behavior of the Stuxnet worm, contradicts earlier assessments that the target was the nuclear reactor at Bushehr. Iranian spokesmen, led by the director of the Bushehr facility, had confirmed that Bushehr's computers were infected by the virus.The latest evidence revealed by two independent groups of researchers studying the code in the Stuxnet malware — the world’s first identified cyber weapon — indicates the Iran’s uranium enrichment facility at Natanz was almost certainly the target for attack. Not only was it aimed at programmable logic controllers that regulate motor speeds in a limited number of applications, mainly in uranium enrichment. Stuxnet would also alter operating speeds in such a way that centrifuges would unpredictably malfunction — the intent clearly being that the sabotage would be both effective yet also go unrecognized as sabotage. Once Stuxnet has locked its sights on the target, it alternately brings the centrifuge process to either a grinding slowdown or an explosive surge – by sabotaging the centrifuge refining process.
Clear evidence that Stuxnet targeted Natanz nuclear centrifuges — War in Context
Was Stuxnet Aimed Specifically at Natanz? | Arms Control and Proliferation
I am grateful to Alexander Glaser, a young German physicist associated with Princeton University’s engineering and public policy schools, for alerting me to an exceptionally authoritative analysis of the stuxnet computer worm that reputedly infiltrated and crippled industrial control systems in Iran . The article, by Frank Rieger, appeared in Germany’s Frankfurter Allgemeine Zeitung, on Sept. 22. Rieger is chief technology officer at the cryptography firm GSMK , and his work on stuxnet has got a boost on the net from Bruce Schneier , the renowned internet security expert. Bear in mind, in this connection, that stuxnet is generally described as having been designed to infiltrate control systems made by Siemens, which is more or less Germany’s most important company.SCADA / Siemens
Stuxnet-like