|
Malware hits industrial equipment
I'm posting this article about "malware" because experts are saying it was authored by a government, not some kid working in his basement.
BITS article September 24, 2010, 8:41 pm Malware Hits Computerized Industrial Equipment By RIVA RICHMOND Quote:
Quote:
Quote:
Quote:
|
Oh, now I feel bad. No wonder Iran's leader has to lie about everything. He's got a virus!
|
Their speculating it's a nation state. It's using several previously unknown holes in windows. It migrates to computers that don't connect to the web. It's not just Iran, India, Malaysia and eastern Europe too. It does no harm unless it finds specific industrial controls, like the unauthorized Siemens controls, Russia sold to Iran.
|
Quote:
So maybe it was made and released by Siemens? You hack us, we hack you back? Or are the machines about to take over for real? |
I'd bet on China.
|
Quote:
|
Very "Ghost in the Shell" . . . (btw, a 15 year-old film)
|
Quote:
|
Quote:
|
From the NY Times of 25 Sept 2010:
Quote:
|
Quote:
|
Israel was my first thought, but energy hungry China has a big stake in keeping the middle east from blowing up, and an increasing investment in Africa, Greece and around the Mediterranean. It's a crap shoot at this point.
The thing that got me was other countries found it easy to remove with commercially available anti-virus programs. Does the UN embargo on Iran include Norton? |
Quote:
Quote:
|
Quote:
We have two choices. First, negotiation now made so much more effective since America has restored relations with Russia, Turkey, some Caspian Sea nations, and other 'much more at risk' nations. That also means we have intelligence and covert options due to cooperation both inside and surrounding Iran. Second, or we could attack. Since the number of sites are hundreds, many in virtually bomb proof locations, and maybe half remain secret, well, what are you going to bomb? An attack means troops on the ground. There is no other military option. That means virtually all intelligence and covert options are lost. A failed attack means things are far worse AND that America has no more options. That means American integrity - one of our greatest assets in the region - is lost. There is no military option without ground troops. In poker, it is called "all in". You have listened to Turkey's Gul or Russian foreign diplomats discussing this problem? Now that Obama has restored relations with Russia, then Russia even canceled their air defense sale to Iran. And is rumored to have restored intelligence exchanges with America. More important is Iran's problem getting materials and machines necessary to make parts to tolerances required to enrich uranium. And other problems implied by the above malware rumors. How did we discover Qom? American intelligence was routinely reading e-mail from their scientists. These made possible because countries actually at risk (Jordan, Syria, Turkey, Russia, etc) are even more concerned. Why are they not complaining that America are not doing enough? Because we have little idea how successful the US government has been. Because countries at risk are in agreement with what the Obama administration has been doing. Israel is a wild card due to a government (Likud) that is so extremist. Israeli actions could only make things worse unless their actions are done with the cooperation of Iranian neighbors and without American cooperation. Even the Israelis know they must also put troops (special forces) on the ground if using the military option. Anyone promoting an American military option is their own fool. Not to be confused with something completely different - what in poker is called a "bluff". But again, that is why the only viable solution is found in negotiation (and covert operations made possible only if doing negotiation). |
Depends on if we have help with that strike ...
Aliens have deactivated British and US nuclear missiles |
Running off half cocked again.:rolleyes:
sexobon's "surgical strike was referring to using this dedicated worm/virus to ferret out how much Siemens' equipment they have, and how it's distributed. We already know what type of processes use which Siemens' gear and software. |
Exactly.
[T]w, xoB interpreted my post as I intended for it to be understood. When I said "A surgical strike of this nature", I was referring to the virtual attack using the narrow spectrum Stuxnet. I gather from the following quote that you'd agree we have the ability to benefit from their internal communications "fallout." Quote:
|
:gray: But, but but ... what about the Aliens? :gray:
|
Quote:
Disruptions must target the few parts that are difficult to obtain or manufacturer. Malware is unlikely to properly target such parts. Consider how easy it can be accomplished. Take your own computer. The NIC or 'USB to ethernet' adaptor can contain malware that anti-virus software would never detect. Malware could be triggered when needed. Nobody would know it exists before hand. And no anti-virus software would find it before being triggered. |
From the NY Times of 25 Sept 2010:
Quote:
Quote:
|
it's pretty clear that what's going on here is that Colossus is displeased.
I heard a news radio report today that indicated that most of the transmission was accomplished using infected USB devices. Virus transmission via what we used to call sneakernet. How cool is that? |
I read that was how it was moved from the Iranian Industrial plant computers that are connected to the net, to the ones that aren't. I didn't state however, who did the moving, or if they knew they were doing it.
|
From the Washington Post of 2 Oct 2010:
Quote:
|
It doesn't so much reprogram itself as check for updates from the programmers.
I wonder if it would be possible to send out an "update" with the biggest possible version number and a harmless payload, and let it spread its own antidote. |
How can it check for updates when it's on a machine isolated from the net?
|
The same way it got there in the first place. It doesn't check a home server (that would make it too easy to track back to that home server), it checks any machines it can contact for newer infections, and grabs them. An isolated machine would have to wait for an infected USB drive, or whatever else gave it its initial infection.
|
How does the newer, updated infection get to the "other machines"?
|
The same way the older, non-updated infection got there. Over the internet, if they're connected; USB drives or other infected media if they're not.
|
I thought they weren't connected to the internet. Wasn't that part of the issue? How are these USB's getting there.
Oh forget it - I'll just wait for the movie to come out. |
Quote:
|
Quote:
|
Gotcha. thanks.
|
Quote:
But again, see that ethernet card, a 'USB to ethernet', or even a keyboard. All could be 'carriers' of malware. According to analysis, this malware could be undetected until it suddenly infects a machine. And then morphs into something different so as to be undetectable again. One reason why analysts suggest this was done by more than just hackers. These Siemens controllers are routinely sold in third party markets. Iran would be purchasing many. More places where hackers could infect machines before hardware was delivered to Iran. We do not even know what hardware is infecting controllers. Most of what is published is only informed speculation. We do not even know if the malware purpose is reconnaissance or hardware destruction due to (according to independent analysts) malware complexity. Remember, other nations are at greater risk and more concerned about Iran's nuclear program - including Russia. |
Agreed, much of what we know, is from articles that are mostly speculation.
|
Iran may have executed nuclear staffers over Stuxnet
Quote:
Dunno how valid this is, but it does offer another aspect to this. |
Some interesting updates.
Apparently it was targetted at facilities with over a certain number of components manufactured by particular vendors, and set to particular configurations. Very targetted. |
Another update....
Very interesting. So now it is pretty obvious where it came from. http://www.nytimes.com/2011/01/16/wo...16stuxnet.html |
That's an interesting scenario, no proof, but a lot of circumstantial evidence.
|
A number of "un-named sources" most likely contributed to the article. I hope they stick it to the Iranians. And how about those targeted killings of the engineers, makes you wonder.
|
Mossad.
|
My guess as well, if not them, their agents. More power to them. I hope we are giving them lots of intel support.
|
SlashGear
Chris Davies May 28th 2012 Flame cyber-espionage discovered in vast infection net Quote:
|
NY Times
By NICOLE PERLROTH Published: May 30, 2012 Researchers Find Clues in Malware Quote:
|
As much a pain as it can be, it's stuff like this that makes me glad I routinely unplug my webcam, mic and headset when I'm not actively using them.
Not that my computer has anything of interest on it... and anyone spying on me would get mostly me singing and good shots of my more lived-in T-shirts... |
And the beat goes on....
NY Times NICOLE PERLROTH 8/19/12 Virus Seeking Bank Data Is Tied to Attack on Iran Quote:
|
These new profesional viruses are from Kaspersky. They're spreading them around so they can find them and build street creds. :haha:
|
Here is a fascinating l-o-n-g article about the reverse-engineering
of the malware known as Flame, which was designed to attack the Iranian nuclear site computers. I won't spoil it for laymen/geeks that want to read it for themselves. But this article is almost enough for someone to make a movie of the story --- even though the denouement is not quite finished. Wired Kim Zetter 0/17/12 Coders Behind the Flame Malware Left Digital Clues on Control Servers Quote:
|
The "what" of Stuxnet has been widely described and discussed.
But the "who" was not known, even though many suspected Israel. ... Now the U.S. (NSA) and Israel are being publicly identified. Washington Post Greg Miller and Sari Horwitz 6/27/13 Justice Dept. targets general in leak probe A retired four-star Marine Corps general who served as the nation’s second-ranking military officer is a target of a Justice Department investigation into a leak of information about a covert U.S.-Israeli cyberattack on Iran’s nuclear program, a senior Obama administration official said. Retired Gen. James E. “Hoss” Cartwright served as deputy chairman of the Joint Chiefs of Staff and was part of President Obama’s inner circle on a range of critical national security issues before he retired in 2011. <snip> Stuxnet was part of a broader cyber campaign called Olympic Games that was disclosed by the New York Times last year as one of the first major efforts by the United States to use computer code as a destructive weapon against a key adversary. The investigation into the Stuxnet leak was launched in June 2012 by Attorney General Eric H. Holder Jr. and gained momentum in recent months amid indications that prosecutors were putting pressure on a range of current and former senior officials suspected of involvement. The leaks surrounding Stuxnet exposed details about what had been one of the most closely held secrets in the U.S. intelligence community, an ambitious effort by the National Security Agency in collaboration with the Israeli government to devise computer code that could cripple Iran’s alleged effort to pursue a nuclear bomb. |
I have been fascinated by the concept of the Stuxnet attacks
... "the malware programs thought to have been jointly developed by the U.S. and Israel that targeted the Iranian nuclear program, but quickly made its way into the digital wild". I've often thought this could become a great movie genre, but so far there has not been a lot of public information. That is changing. This article in the Washington Post has links to all sorts of information, starting at the U.S. group called "Technical Access Operations" Washington Post Andrea Peterson 8/29/13 The NSA has its own team of elite hackers Quote:
|
Stuxnet is now being attributed to the NSA.
And NSA doesn't need the internet ISP's because it's not just hacking the software. This hardware works even when the computer is "turned off". NY Times DAVID E. SANGER and THOM SHANKER JAN. 14, 2014 N.S.A. Devises Radio Pathway Into Computers Quote:
The :tinfoil: :tinfoil: :tinfoil: people may have been right all along. |
So how did they get those circuit boards into those computers?
At the manufacturer? Or a cat burglar type black ops nerd rappelling down through a skylight and sneaking past all the laser beam alarm systems with his toolbox of torx wrenches and grounding wrist straps? |
1 Attachment(s)
Quote:
Attachment 46592 As I understand these things, once you set up receiving on your tv, you can turn off your (controlling) computer ... the tv-show continues. |
http://www.bbc.co.uk/news/technology-25780908
even domestic appliances are getting in on the act now. fridges sending spam, FFS, what next? |
This rush to be able to control everything you own/rent, car, thermostat, lights, appliances, baby monitor, security, from your phone, is 50% for convenience, 50% for look-what-I-got.
Stop, drop, roll, think. If you can do it, someone else can do it. Do you want to trade your safety/security for the gee-whiz-factor, or the I-forgot-but-I-can-do-it-from-here? |
| All times are GMT -5. The time now is 07:33 PM. |
Powered by: vBulletin Version 3.8.1
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.