A Cyberworm that Knows No Boundaries Iran's announcement that a computer worm called Stuxnet had infected computers that controlled one of its nuclear processing facilities marked a signal event in cyber attacks. Although such attacks were known to be theoretically possible, the incident proved that a cyberworm could successfully infiltrate a system and produce physical damage. Furthermore, the sophisticated nature of the worm and the resources that would have been required to design, produce, and implant it strongly suggest a state-sponsored effort. It has become clear that Stuxnet-like worms pose a serious threat even to infrastructure and computer systems that are not connected to the Internet.
FBI intent on sniffing out those who leaked possible US Stuxnet role Federal investigators in the US are tightening the screws on former senior government officials who might have leaked info about the Stuxnet worm, according to The Washington Post. Last June, Attorney General Eric H. Holder Jr. started the inquiry into loose lips. As Naked Security recounts here, the Stuxnet virus was seemingly created by the US, under the regime of President George W. The US pulled Israel into the cyber-espionage effort, with stunning results. Those results included slowing down and speeding up a centrifuge's delicate parts, which resulted in damage so extreme that, according to The New York Times, debris from a damaged centrifuge was laid across the conference table at the White House's Situation Room to demonstrate the malware's potential power. But the obligingly destructive Stuxnet spun out of control and escaped into the wider world, damaging systems well beyond Iran. The code name for the Stuxnet operation was Olympic Games. The Guardian's Greenwald writes:
Stuxnet was dated 2005, Symantec discovered earlier version 0,5 - Security Affairs Rivers of words have been written on the popular Stuxnet virus, there have been many hypotheses, sometimes contradictory, about its paternity but the only certainty seemed to be the date of its creation, but suddenly the certainty as happen tin he best thriller movies has been called into question. The authors of Stuxnet, the malware that hit Iranian nuclear plant in 2010 interfering with nuclear program of the Government of Teheran, started the operations earlier than previously demonstrated according a new research proposed by Symantec firm. According the study conducted by Symantec there was a predecessor of the final version of the virus, a development version that was spread in 2005 and the was designed to manipulate the nuclear facility’s gas valves. Francis deSouza, Symantec’s president of products and services, commented to Bloomberg: Symantec highlighted the differences of version 0.5 with subsequent instances of Stuxnet: The study states: Pierluigi Paganini
US-Israeli Stuxnet Cyber-attacks against Iran: “Act of War” A group of 20 law and technology experts has unanimously agreed that the Stuxnet worm used against Iran in 2009-2010 was a cyberattack. The US and Israel have long been accused of collaborating on the virus in a bid to damage Iran’s nuclear program. While that accusations against Washington and Tel Aviv have never been confirmed by either government, a NATO Commission has now confirmed it as an “ act of force. ” Last year anonymous government officials came forward to tell The New York Times that researchers at the Idaho National Laboratory, which is overseen by the US Department of Energy, passed technical information to Israel regarding vulnerabilities in cascades and centrifuges at Iran’s Natanz uranium enrichment plant. That information, it is believed, was used to design the Stuxnet worm that set Iran’s nuclear program back an estimated two years. Schmitt told The Washington Times that “ according to the UN charter, the use of force is prohibited, except in self-defense .”
US Air Force designates six cyber tools as weapons "It's very, very hard to compete for resources ... You have to be able to make that case," Lieutenant General John Hyten, vice commander of Air Force Space Command, told a cyber conference in Colorado Springs ( Reuters ). The US is not, however, new to cyber weaponry. Stuxnet is generally considered to have been the first genuine cyber weapon , and is believed to have been a joint development between the US and Israel. Subsequent ‘weapons’ such as Duqu and Flame were discovered and believed to have come from the same stable – and then there’s the shadowy Wiper . Last summer the Air Force posted a Broad Agency Announcement inviting papers “focusing on Cyberspace Warfare Operations.” Now Hyten has introduced a new sense of urgency. Details of the six Air Force cyber tools that are now defined as cyber weapons have, unsurprisingly, not been disclosed.
Cyber warfare threatens efforts to secure cyberspace ABu Dhabi: Cyberwarfare and the rapid development and dissemination of cyber weapons threatens to far outstrip international efforts to secure cyberspace as a domain for all, a regional security conference heard yesterday. “These cyber weapons are all too often used without regard to international law and international norms. There is a real risk that unrestricted offensive cyber operations will poison and corrode wider international relations,” John Basset, Associate Fellow, Cyber Security, Royal United Services Institute, UK told the 18th annual conference of the Emirates Centre for Strategic Studies and Research themed “The Future of Warfare in the 21st Century”. The remarks came on the heels of massive cyber attacks against Israel, reportedly launched on Sunday by the famous hacktivist group Anonymous — the second such wave of attacks on Israeli servers,in response to what the group calls the “Israeli mistreatment of the Palestinians. Article continues below
Protocol Stuxnet Stuxnet is a computer worm[1] that was discovered in June 2010. It was designed to attack industrial programmable logic controllers (PLCs). PLCs allow the automation of electromechanical processes such as those used to control machinery on factory assembly lines, amusement rides, or centrifuges for separating nuclear material. Exploiting four zero-day flaws,[2] Stuxnet functions by targeting machines using the Microsoft Windows operating system and networks, then seeking out Siemens Step7 software. Stuxnet reportedly compromised Iranian PLCs, collecting information on industrial systems and causing the fast-spinning centrifuges to tear themselves apart.[3] Stuxnet’s design and architecture are not domain-specific and it could be tailored as a platform for attacking modern SCADA and PLC systems (e.g. in the automobile or power plants), the majority of which reside in Europe, Japan and the US.[4] Stuxnet reportedly ruined almost one-fifth of Iran's nuclear centrifuges.[5] Discovery[edit]