While the boors and bores of the mainstream media continue to focus on the “crucial matters” of our time such as Stephen Colbert’s tedious appearance before Congress and whether a Delaware senatorial candidate spent two days as a witch in high school, news of real importance is breaking all around us.
I am not just referring to the cataclysmic testimony by Chris Coates in front of the Civil Rights Commission on Friday, but to a yet bigger story with a potentially huge implications for geo-politics — the recent (and possibly ongoing) cyber attack on Iranian computers that may have temporarily crippled the nuclear capability (and who knows what else) of the totalitarian Islamic state.
Yesterday, I wrote some preliminary words about this highly sophisticated attack by the so-called “Stuxnet” worm; today we learn the startling news the Iranians themselves have admitted that something serious has happened. Such admissions are certainly not common from the secretive state. From Asia Bizz:
The Iranian Ministry has stated that some 30000 industrial computers have been infected by Stuxnet. One of the main operations done by Stuxnet is that it extracts vital information from these systems and then sends it somewhere abroad. Iran has termed this virus as a spy virus, as it is deploying vital data to other countries. On the other hand it is said, a similar attack has been reported from Iran’s latest nuclear power plant facility, but these reports have not yet been confirmed.
Three-thousand industrial computers … what industries and how extensive the damage is Iran isn’t saying. But we can hazard the guess that most of it is militarily related. Besides the ability to send information abroad, “Stuxnet” is reportedly able to commandeer computers and direct them to destroy what they are managing. If true, this changes the face of warfare.
How did it all start? The conjecture is that someone stuck a thumb drive in a USB port and off went the malware to infect the network. This, of course, suggests an inside job of some sort (more of that in a moment). As for whodunit, among many others, Richard Falkenrath of the Chertoff Group says the attack was too extensive for hackers and was most likely the work of “state actors.” Falkenrath suggests Israel, because he theorizes the U.S. would not take such a bold step.
That makes sense. But did the Israelis tell the US administration what they were up to — or did they just surprise us, as they did with the raid on Saddam’s Osirak reactor? As you will recall, when Reagan’s national security adviser, in high dudgeon, reported on that Israeli action to the president, Reagan famously shrugged it off with a “boys will be boys.” It’s hard to imagine Obama being so blase about anything where Israel is concerned, but some CIA or other U.S. intelligence involvement in what has occurred remains a possibility.
In all likelihood Israel did not act entirely alone — there were too many moving parts to this attack — and I am going now to suggest another ally — the German electronics giant Siemens AG.
Iranian computers are PCs operating on Windows 7. The minds behind Stuxnet apparently discovered four new vulnerabilities in the latest Windows operating system previously unknown to Microsoft, two of which have reportedly already been plugged. (Nuclear weapons controlled by Windows? Let’s not even go there.) The actual industrial equipment, however, is controlled by software specially designed for the Iranian by another company — the aforementioned Siemens.
India and Indonesia as well.
Iran has 30,000 infected industrial computers. But, the India/Indonesia connection leads me to believe that the trail is not only military…but, perhaps a state sponsored terrorism trail.
Since the worm follows its own path, its the path that is most interesting.
The who is passing what to whom trail.
And no, I don’t believe we were given advance notice. On the other hand, it does not appear we were infected. Things that make you go hmmmm.
Looking at how thorough this attack has even been admitted to be shows how vulnerable large systems can be to a single freak discovery on operating systems that entail tens of millions of lines of code. Windows 7 ain’t no Unix, which has been fairly stable in size for a while. This is a warning that we are going to have our own problems pretty quick and we’ll see how good our industrial and government systems have been hardened to withstand these attacks. Just imagine the body searches we’ll need to find the little thumb drives that will drive our economy to it’s knees. Best start storing up some food, guys.
… should be to “its” knees, not “it’s”
Unix/Linux or any other operating system is not bullet proof. I assure you that you can crack any system particularly when you have an insider. Any first class intelligence organization can do it.
The computer industry is always swinging back and forth between an ideal of centralization and decentralization. The solution to a catastrophic stuxnet type attack is well known. Don’t use single-sourced monolithic solutions. Companies who follow that ideal will do fine in the coming age of cyberwarfare. Those who do not better have big cash reserves so the firm can continue operations after the crackers teach you a practical lesson how dangerous computer monocultures are.
to follow the latest path of the next phase of the war against the Iranian Hitlers, go to – http://debka.com/articles/9048
see the latest…..
the correct link to read the latest re Stuxnet and the Iranian Hitler’s latest threats AND admissions, go to -http://debka.com/article/9048
Siemens may have been infiltrated, rather than voluntarily providing key intelligence or support. Or for that matter they may have been blackmailed into cooperating, any European venture of that size has activities whose revelation would be very damaging. It is doubtful that we will ever know the complete story.
You’re probably right, DanD, about never knowing the complete story -but it sure would be interesting.
Well, if you want interesting, Roger…then let me give you interesting.
Siemens has been for quite some time a major player in PET imaging. (positron emission tomography). They make cyclotrons and have for some time. The nuclear medicine field utilizes these to make radioisotopes for molecular imaging.
http://en.wikibooks.org/wiki/Basic_Physics_of_Nuclear_Medicine/Print_version
In the US, the two major players for some time now had been GE and a division of …Siemens. (cyclotrons cost has been seven figures, so they are generally located on the coasts, not exclusively, but generally)
One thing you need and has been a logistical issue…is heavy water, in order to provide the moderation of neutrons.
Heavy water is used in certain types of nuclear reactors where it acts as a neutron moderator to slow down neutrons so that they are more likely to react with the fissile uranium-235 than with uranium-238 which captures neutrons without fissioning. The CANDU reactor uses this design. Light water also acts as a moderator but because light water absorbs more neutrons than heavy water, reactors using light water must use low enriched uranium rather than natural uranium, otherwise criticality is impossible.
Because they do not require uranium enrichment, heavy water reactors are of concern in regards to nuclear proliferation. The breeding and extraction of plutonium can be a relatively rapid and cheap route to building a nuclear weapon, as chemical separation of plutonium from fuel is easier than isotopic separation of U-235 from natural uranium. Among current and past nuclear weapons states, Israel, India, and North Korea first used plutonium from heavy water moderated reactors burning natural uranium, while China, South Africa and Pakistan first built weapons using highly enriched uranium.
India is the world’s second largest producer of heavy water through its Heavy Water Board
Russia has guaranteed that it will supply all the nuclear fuel needed by Bushehr, and that its nuclear waste will be reprocessed in Russia.
Israeli military and politicians usually equate Iranian access to nuclear fuel for electrical generation with Iran’s acquisition of a nuclear weapon. A light water reactor, Bushehr won’t be capable of producing weapons-grade plutonium (unlike Israel’s heavy water reactor at Dimona).
However, Bushehr’s becoming operational would affirm Iran’s right to develop and utilize nuclear technology, and give Iran the status and prestige of a nuclear power. Israelis claim this would pose an “existential threat” to the Jewish state.
Once Bushehr’s nuclear fuel arrives from Russia, whatever military options against Iran that may be “on the table” that include Bushehr will have to come off. Israel and the US have only a few weeks to launch an attack on Iran before Bushehr has the means to begin generating electricity.
Israeli sources have often hinted that a strike against Iran might be conducted with precision-guided drones, in order to minimize casualties among Israeli soldiers. It’s a possibility for which Iranians feel they need to prepare, which may explain the report of drones over Bushehr as the nuclear facility prepares to come online.
Both the IRNA and Interfax have quoted Rosatom’s Kiriyenko as saying, “Everything is going according to plan.” But nothing about Bushehr has ever gone according to plan since Siemens began its construction in1974.
After Iran’s 1979 Islamic revolution, Ayatollah Ruhollah Khomeini denounced the project as “un-Islamic”. Siemens’ work stopped during the 1980-88 Iran-Iraq war, when Bushehr was targeted by Iraqi aerial attacks. Siemens declined to resume work on Bushehr after the war, partly in response to US pressure.
Joseph E. Zuback, VP for Siemens Water Technologies who raved about new Israeli technology to a room of potential investors and buyers. German-based Siemens is one of the world’s largest electrical engineering and electronics companies and over the last few years, the multi-national conglomerate has been investing millions in new water technologies. One of its important acquisitions was US company, USFilter and a couple of months ago Siemens started working with Israel’s government-owned water company Mekorot. Siemens already employs about 500 people in Israel and sees itself as a strategic partner to developing further the Israeli water industry. “We tip our hat to Israel as a world leader for setting an example to the rest of the world [on how to treat water shortage issues],” said Zuback, an American who previously worked for USFilter before the buyout.
Some of the connections made between Siemens/USFilter and Israel are already established. In 2002, USFilter made a distribution agreement with Israeli company Aqwise, a hybrid low and high-tech water treatment system. Aqwise builds homes for bacteria. If given optimal space and conditions, the bacteria that devour organic matter in sewage treatment plants can work better. About the size of a peanut, small honey-combed plastic knobs in quantities of hundred of thousands are sent churning with pumps and turbines inside vats of water being treated and cleaned. Coupled with fancy aeration systems, Aqwise says it can significantly increase the amount of water salvaged at treatment plants. Aqwise clients run the gamut from municipal plants to lagoons, from fish-farms to food industries, from pulp and paper plants to chemical plants.
Just a little food (and water) for thought.
http://www.mfa.gov.il/MFA/Israel+beyond+politics/International+conference+spotlights+Israels+water+technologies+14-May-2006.htm
Oh and by the way, Israel got their heavy water from Norway, in a deal that sends the hard left into apoplectic fits.
Roger, it couldn’t be any clearer.Unless one believes that Israeli reporters are all knowing and all seeing, here’s the scoop(I posted it previously at your initial report)
GO to http://www.ynetnews.com/articles/0,7340,L-3742960,00html
Consider the evidence:this report was written in July 2009.Again, unless our reporters can predict the future, everything we are witnessing is coming to pass, just as Ynet sources reported.
While nowhere is there a DIRECT admission, the trail of mouse droppings is very clear.
IF anyone believes that our cyber jocks/spooks aren’t capable of this they are dreaming.MAMRAM rules the cyber world, most who need to know this do, even MIT has enormous respect for Israel’s techno prowess.
Too bad it had to go this far, but thank heavens for their capabilities!!
Oops, the link needs a tweak – http://www.ynetnews.com/articles/0,7340,L-3742960,00.html
See this now!
Roger, as a side note-or not-Microsoft Israel is well known for its GROUNDBREAKING innovations. In fact, it would not be an understatement to suggest that without Israeli R&D Gates would not be as flush with as many billions.
In any case, the site – http://www.microsoft.com/israel/rnd/index.html
should give a clue as to its importance to all projects-especially the updated Windows.The very same Windows used by Iran….
The rules of the business game change when it comes to stopping the next Holocaust.I’m just saying…..
…. any Europeon venture of that size has activities whose revelation would be very damaging….
Now right there is absolutely the understatement of the year!
Matter of fact, every Europeon venture of ANY size — or lack of it — beginning with the Europeons’ Neo-Soviet itself and right on down to the smallest and scungiest of any one of the Neo-Soviet’s offshore satellite states’ sausage in a bun shops — has activities whose revelation would be very damaging.
First two words one must add to one’s vocabulary when doing business with Europe? (And with Canadians or New Zealanders!)
1) Duplicitous;
2) Duplicity.
Huge story. Huge.
“…somewhere between Auschwitz and Teheran,” you write. Somewhere, indeed.
That’s no long, winding road. That’s the shortest distance between two points, as Professor Jeffrey Herf demonstrates in his book, Nazi Propaganda For the Arab World (http://www.amazon.com/Nazi-Propaganda-Arab-World-Jeffrey/dp/0300145799/ref=sr_1_1?s=gateway&ie=UTF8&qid=1285459927&sr=8-1).
Kudos, Mr. Simon, on a major post, (two, actually, counting the one that preceded this, on 9/23/2010): it takes your geopolitical and historical knowledge, your moral compass and your screenwriter’s imagination to grasp the full significance of this cyber-attack and to tell it as clearly and as grippingly as you do. May it gain the widest possible circulation on the computers of the world.
And no, “they will not stop.” Nor should they.
“Falkenrath suggests Israel, because he theorizes the US would not take such a bold step.”
Read: “Obama doesn’t have the balls to do it.”
Bohemond: Isn’t that the subtext of the entirety of American foreign policy under this president?
To destroy the American health care system, with the greatest medical treatments available in the world, he’s got the balls.
To destroy domestic policies and initiatives through his agenda from hell, he’s got the balls.
To take down the single greatest threat to global security and Middle East stability, nah.
He’d rather “dialogue” with the Holocaust-denying dictator and kow tow to the others, while never ceasing to apologize for American power, which he only wishes to destroy.
Thank God the Israelis know better than to depend on either the balls or the “brains” of this menace to the free word—and I mean Obama.
Which leads to the next question: “Did B. Hussein, et al, know in advance that it was going to happen, or has the world washed its hands of him and left him to dangle slowly and stupidly in the geopolitical breezes?”
Since he’s washed his hands of Israel, I hope he was not consulted in advance. On the other hand, it *would* be nice to be loopified so as to protect American systems pre-attack.
Which leads to a third question: Was the Pentagon (or Bill Gates) notified in advance, but not the White House?
It’s not entirely clear that a (wonderful & highly sophisticated) attack like this could be planned for a “specific date.” What I mean to say is that, sure, within the code itself there may be programmed dates at which point the code should do “a,” “b,” or “c” — but that’s not what I’m referring to. I’m talking about the date at which the infected USB Thumb Drive (or “stick”) was inserted initially into the first Windows box within the Iranian Network.
That date may have been far more difficult to predict — as it could depend on physically giving / planting an infected USB drive (or infecting a valid USB Drive in possession of its owner). And that is dependent on all the variables of normal human logistical uncertainties. For example did person ‘A’ leave hotel room long enough for Mossad team to go in and infect his drive at some conference; or, more likely, did Mossad agent hand-carry the infected USB drive through their own spy network into Iran and wait for a particular scientist to come home and make the switch clandestinely, or overtly under pressure or bribe even? (Remember that after the Dubai assassination, 2 members took a boat to Iran. So assuming it was the Mossad, they have fearlessly set up some type of safe-house / network in Iran).
A cyber attack via a physical device + human being is inherently a sort of attack that is less able to predict and control is all I’m saying. Plus, frankly, why inform our President at all? As long as the virus is untraceable, then why admit to anything?
I’ve done some work before with software control of machinery (container ports and their cranes mainly). And what I find interesting is that, once the virus is “inside” the possibilities for different sorts of damage are quite wide-ranging.
The virus could be programed to do “some” initial damage that would be easily noticeable, forcing the Iranians to stop and hunt for it. It might even purposely leave a “dumber copy” of itself in a place that wouldn’t be too hard to find. Then “Green Light: the virus has been found an eliminated!” decalres the software guru and all is put back into place.
But unless they physically replace, in effect, every computer and the machines as well (as they have computers effectively “built in” them too!) then the primary virus could play “dead” for a while and only later, do its real damage. And even then, the “phase 2″ damage could be not something “immediately obvious” but rather a small change to an offset in some of the highly vulnerble portions of a centrifuge — so that, simply over time, the centrifuge begins to get off balance, or generate too much friction, or have two critical parts begin to scrape at each other.
In a way, slow-acting “impurities” introduced into the system can cause far more frustration, angst, and finger-pointing, than one well-defined “attack.” Nobody would be completely sure if the centrifuge(s) were just slowly dying, or what? Certainly, the anti-virus guru would proclaim “but I have PROOF that I found the virus, here, look!” And nobody would be quite sure of what to do since some centrifuges would be left along and work fine…
Obama is also a vicious antiSemite who seeks the destruction of Israel. No doubt about it: he has been undermining Israel since before he was swon into office.
Awesome. Just awesome!
This is the kind of thing that reminds me that no matter how hard evil tries (and sometimes succeeds, unfortunately) good, will eventually prevail some way, somehow.
Cyber-warfare just may save the day.
Roger writes:
(Nuclear weapons controlled by Windows? Let’s not even go there.)
Yikes! I can’t even count how many times I’ve had to reformat a hard-drive with a windows OS on it because of a worm/virus/trojan etc.
My! Oh! My!
…with such a delightfully anacronistic and Dickensian handle here, Mrs Doubtfire, Dear, ……reformatting a hard drive!
As Adina Kutnicki wrote on your other thread, Simon, there are a lot of Israelis in hi-tech. As you imply, some German or Finns might have guilty consciences. If you are suggesting that the Mossad has video of a Siemens exec in a compromising position with Uzbek prostitutes, well, that might be stretching it a bit far.
Let us also consider the possibility that there are some good Iranians willing to participate in sabotage of this projects. Maybe they don’t want their countrymen to sizzle, a real possibility if their rulers turn Iran nuclear?
Wouldn’t members of Iran’s Green Movement have plenty of reasons to be saboteurs? They don’t want the crazy Imadinnerjacket having any kind of nuclear button to push. Add to that some desire to avenge the torture and killing of their members, a boost from the CIA or some other spy group, and poof! No nukes for Iran.
If what I’m hearing is correct (and I work with SCADA systems of the type attacked by stuxnet, daily) the worm targets, among other things, programmable logic controllers (PLCs) manufactured by Siemens
Roger, as a control systems engineer who has worked extensively with Siemens PLCs, I can tell you that there was no inside help from Siemens needed. They publish all of the information that was necessary to make this malware. The real trick here wasn’t getting into the PLC, the real trick was making a PC worm that could find its way to another PC that was connected to the PLC and able to download the payload into the PLC. The PLC isn’t “infected” in the same sense that a PC is infected, it was simply ‘adjusted’ by an infected PC. the malware payload in the PLC isn’t, as I understood the report, able to replicate itself.
The other part of this though, is that diddling a timer in the PLC won’t do anything to damage a plant unless you know exactly what physical hardware is connected to that timer (and it was a timer that was diddled). IOW, this is specific to the plant, and requires detailed knowledge of the plant, the wiring diagrams, and the PLC program itself. If this is what it appears to be, there was some amazing espionage involved.
Could the Mossad pull this all off? Absolutely. It’s got their chutzpah written all over it. If they got any ‘help’, it was from some Russian contractor. Sadly, I seriously doubt that the CIA would be able to pull something like this off, though the DoD just might.
Interesting, Larry. But what about the Siemens’ “certificate.” As suggested by a commenter below, they come on a Siemens USB drive. Could these have been by Siemens?
I see Siemens has a fix they say- sounds like they are supplying it to IRAN!Once a NAZI always a NAZI
Do we know that network traffic can get through Iran’s firewall? Do we really know that information from infected computers was transmitted out of Iran?
Referencing a point made by Jerry on your other piece, the leaking of this info may be designed to stop further efforts. If, as Jerry wrote, it’s leaked by US sources, then the purpose is probably to stop the hacking, with all the implications. If the leak comes from those who caused the damage, then we’re looking at different motivations. If Jerry is right, somebodies in the Admin are helping, not hurting, Iran.
One other thing needs some clarification:
That’s correct, except that Siemens doesn’t write the application software for these things, the system integrator does. My understanding is that it was a Russian system integrator working for the Russian contractor who put this together. Siemens sells these things as appliances, much like Compaq or Dell does with computers. They don’t get into application software.
One other thing. 30,000 PLCs sounds a little fishy. I don’t trust anything coming out of Iran, particularly if it involves numbers. However, if it’s true that large numbers of PLCs were attacked, that suggests to me that each centrifuge has one PLC, and what happened here is that the malware caused them all to overspeed and self-destruct. This suggests that the target was the separation plant(s), and not the breeder.
If they really did this, my hat is off to them. And I don’t even wear a hat.
Typo, fifth paragraph down, three should be thirty. The quote says 30,000 computers. There’s no reason to post this comment, please just delete it.
If iran hadn’t announced that it had a problem, you guys would be calling this an attack on western infrastructure and blaming terrorists, possibly even iran. See how much difference a single piece of gossip makes?
Why not rope in realtek and jmicron as well? After all – their certificates were used to sign some of the code. And microsoft left some nice big holes in their operating system for the malware to use – was microsoft in on it to?
The problem with all of this theorizing is that the thing was caught. It was always GOING to get caught, because it messes with stuff that does stuff. So … if any of these big, expensive companies were involved, they must have known that their brands would get a mention in the same article as “malware”. Everyone making a purchasing decision right now will be wary of siemens gear. I doubt that they’re happy about that.
I’m inclined to wait and see what the researchers reckon about this thing. It’s still early days. Somebody certainly cared a lot about targeting a particular type of system, and it does seem that iran has got itself in a mess, but the “who” and “why” is still purely speculation. It’s a lot easier to wait for the experts to produce some evidence and ignore the breathless editorializing.
In the meantime, I think this guy has hit the nail on the head:
http://www.schneier.com/blog/archives/2010/09/the_stuxnet_wor.html#c463458
Here’s the actual Langner report, straight from the horse’s mouth. These are the guys who actually identified the bug.
http://www.langner.com/en/
I think they’re pretty much dead on. It’s not clear that there’s much more to come out until we get actual damage reports from Iran, or somebody sings. This may be all we’ll ever know.
Ralph’s analysis: “To me, it seems that the resources needed to stage this attack point to a nation state”.
That’s just hillarious, IMHO. Because it used three unpublished hacks it MUST have been a government, right? Life really is just like Swordfish.
I think there is still plenty to be found out. Whether we’ll hear about it is another question. Three guys looking at the code can tell us a lot – but investigators talking to the owners of the infected sites in europe, asia and the US might be able to work out where it actually started its journey. Was case 0 in iran, or elsewhere? If so, how did it travel out, if not then why on earth was iran so badly burned? If it turns out that the bug really was planted deliberately somewhere in iran, then the story gets really interesting. Those langner guys can’t tell us that.
It’s in everyone’s best interests to work out what happened. If that leads back to Israel, do you reckon everyone’s just going to keep schtumm about it? Hmm. Just like everyone did about that passport business ….
I reckon there’s still too much speculation.
If Siemens was involved, perhaps it was to prevent a national embargo by Israel? After all, is there any other nation in the Middle East that uses as many computing products? I’m just sayin’, since we’re conjecturing. Mr. Netanyahu has got the brass to put it across convincingly.
One other thing. I’ve kind of lost touch with the details of Siemens PLCs in the past decade, but about 20 years ago, Siemens bought the entire line of PLCs from Texas Instruments, and phased out the German ones that they had before. So they were basically an American product, made in Johnson City, TN. I think they may have outsourced some of their products to Asia, but the entire line had little other than corporate ownership to do with Germany.
They may be banned from export to Iran, but they’re such a mundane component, acquiring them in these numbers through a third party was probably not difficult. And in all likelihood, nobody at Siemens (either in Germany or the US) knew. Siemens sells millions of these, as do their competitors.
And if they hadn’t acquired these, they certainly would have had little difficulty acquiring a different brand that can do the same thing.
Money would be as good a motivator as a bad conscience, and probably more reliable. And there are probably dozens of other ways to get the needed information, perhaps even from a manual or service technician. And as to Windows 7, those security holes weren’t bugs, they were undocumented features
Microsoft does get things right on occasion…
One thing I don’t know, and maybe the PC people can answer this.
How much did Microsoft Israel contribute to Windows 7? I think it’s obvious where I’m going with this.
They shoulda used Apples.
repost for this second thread, and it follows Larry Riesinger’s point about Russian system integrator writing the application:
“The Enemy Within: When the Conficker computer “worm” was unleashed on the world in November 2008, cyber-security experts didn’t know what to make of it. It infiltrated millions of computers around the globe. It constantly checks in with its unknown creators. It uses an encryption code so sophisticated that only a very few people could have deployed it. For the first time ever, the cyber-security elites of the world have joined forces in a high-tech game of cops and robbers, trying to find Conficker’s creators and defeat them. The cops are failing. And now the worm lies there, waiting …”
By Mark Bowden
http://www.theatlantic.com/magazine/archive/2010/06/the-enemy-within/8098/
(the tentative conclusion was Conficker is coming from Ukraine or Russia)
My tentative conclusion is that Russia has no desire for a nuclear messianic Shi’a Iran on it’s border, and Russia sure wants some of the Russian Israelis in hi-tech to invest back in Medvedev’s Skolkovo. Could be the U.S. is not trusted?
really, would you not want a Russian-Israeli effort when it comes to cyber-warfare?
Sanger in NYT says Stuznet also hit Indonesia, Pakistan, and India, but Iran is the focus. Somehow, the U.S. is getting most of the credit. Which means it is not, since the NYT is so much of a propaganda organ of late…
I am just glad to read how much difficulty Ack-my-nuts-are-in–jar is having with his I will destroy Israel nuke program.
While I am BBQing tomorrow, I will toast whoever sent this computer missile to the 12th Imam section. I love it!
Chuck opines: “Microsoft does get things right on occasion.”
When would such an occasion have occurred? Has it been documented in nonfiction or only in fiction?
Fie on Bill Gates and his lax “security” and his so-called “security patches.” A Microsoft OS is to a computer what a sieve is to kitchen utensils.
Since switching to Apple in 2008 I’ve had the best, safest and most anxiety-free experience since my first PC decades ago. Microsoft makes nothing but shoddy, schlocky products for clueless lemmings, who stand ever ready to follow the selfish, arrogant, cult leader Gates over the nearest cliff.
I am delighted to know that Iranian computers are PCs. Long live the Israeli people and believers everywhere in the right of Israel to exist.
Spot on Bro’. If Microsoft DID do something right it was accidental and no-one has yet picked up on it. Like you I replaced my sad old Windows box after being wiped out with a virus one too many times (slow learner).
Will be keeping my ear to the ground on this case as I wish to salute the party responsible (most likely Israel, but possibly Russia). Hey, why not? Get paid for the job by raving nut-jobs then lob a poison pill into the well on the way out. Full payment, plus full access, plus safety afterwards. Would be an ideal job. Do the Mullahs have insurance for this kind of thing… is is it the will of Allah?
Please – no more PC vs Mac debates. It’s so tiring.
PC’s are targeted solely because they are so prevalent. If you are going to put a virus out, you need to have a large enough ecosystem of potential hosts to be able to spread effectively. Until recently, that meant Windows.
There have already been viruses detected for the Mac and Linux machines. People running these systems are blissfully unaware of their vulnerability precisely because they haven’t been targeted (yet).
On topic, I do some work with the Siemens WinCC product, and I would bet that this virus came “preinstalled” on the USB memory stick that is used to install Siemens licenses. All WinCC products come with an evaluation license preinstalled that allows you to set up the system and get it operational. I think it expires 1 year after installation. After that, you need to install a Siemens license from a USB stick.
Who here wants to speculate on DEADF007 ? Reminds me of the old James Bond films where he prevents some catastrophie from occuring right when the clock reads “007″. (Goldfinger, I think ?)
I have both an iMac and a Windows machine here sitting next two each other (two Windows machines actually) and I use both OS’s very constantly. Once upon a time I had trouble using the wrong keys or commands but now I can switch automatically and almost never make that kind of mistake. I also work extensively in several flavors of Unix. Thing is, I LIKE my Mac, and I really don’t like Windows. It’s not because Windows is so terrible, it’s just inelegant and sloppy–and Microsoft is one of the biggest companies in existence and can afford to do it right, if they would. They CHOOSE to put out mediocre software. Apple is a vile and disgusting company as well, in lots of ways–I once had a much closer view as I owned a small Apple dealership a number of years ago, and found out what having a dagger stuck in the back feels like. But despite the plain evil of many of their corporate policies, they really do put out a polished and remarkably stable product. Still, if somebody came out with a better OS I’d move to it as soon as ever I could. And please don’t anybody say ‘Linux.’ If I had to move to Unix-only I’d go Solaris and use CDE, anything to escape the horrific Gnome. And don’t get me started on ‘unalias ls.’ I have to add it to my profile every time I work on a Linux box and I can’t imagine why on Earth anybody would make illegible colors a default. Linux will always be a character actor, never the star, not just because of little things like that but a myriad of little things that are inevitable in a patchwork.
There’s nothing preventing anyone from doing what Apple has done–put an elegant and functional GUI on top of Unix. Since I can’t hold my breath very long I’ll keep giving Apple my money and hope.
I have several flavors of Windows, various MAC OS’s and a plethora of Linux based VM’s running under ESXi on commodity hardware – to me, that’s the best of all worlds. I’m very blase’ about virus’s these days, and trying things to map how a virus behaves. Infect a system, watch it spread through the network, revert to the clean snap-shot.
Ten years ago, I would have been hard-pressed to do that in a specially set up network and it would take weeks to reset, these days I can do it at home in an hour. The OS doesn’t matter – it’s all about what you can do, and which one is best suited for a specific job – when I want to investigate infections, Windows is the OS of choice. Mostly because you get the most bang-for-you-buck when you infect them.
Of course the Mac-OS’s were the hardest to get running on VM’s with Intel and AMD processors, but it’s not that difficult if you know what they are doing under the hood. It is interesting that this attack is reminiscent of the Morris internet WORM from long ago, exploiting several weaknesses to accomplish it’s task. Have to tilt my hat to the people responsible… Couldn’t have happened to a better regime…
Professional hacking. How do you like that? One of these days, someone will get a PhD explaining how this thing really worked, but that will take a while, because you can’t write a good thesis without properly crediting the sources.
About Siemens, they did not need to cooperate beyond their commercial duty to give the PLC users a complete documentation of what to expect out of the PLC from the instructions fed into them, so the issue is not whether the PLC were penetrated, they did not need to be, as they only execute the instructions from the PCs, which evidently can operate in remote control if you really know what you are doing. So all the smarts (and lots of it) were, analyze the instructions sent to the PLCs to infer their function. That’s pretty good detective work already. But the genius was in penetrating a great number of computers without raising suspicion for a very long period of time. The security holes in Windows are only a consequence to Microsoft’s virtual monopoly, as a marketing triumph provides cover for technical neglect.
This is a good illustration of how motivated underdogs can outmaneuver well-financed giants. By the way, if such a thing was not possible, the small business could not enjoy the contracts they sign with the large corporations. It goes all the way back to the old fable of the lion and the rat.
The real genius lies in the courage of the Mossad,and its attendant security techies, to dare go where others would never travel.
While the political elitists are spineless appeasers, the ‘special’ IDF security forces are fearless, simply fearless.
They will save many lives.Simple as that.
I agree. Moral strength comes first. Then technical prowess.
Symantec’s analysis shines some light on how it influenced the PLC.
http://www.symantec.com/connect/blogs/stuxnet-introduces-first-known-rootkit-scada-devices
As I suspected, all it did was infect the PLC programming software on the PC, and then download modified the PLC code. It didn’t “infect” the PLC. The smart part was that they covered their tracks by hacking the programming software on the PC so that it would falsely show the original program. All the hacking was on the PC, but it was able to modify the PLC program, and then conceal the hacking without actually “hacking” (in the viral sense) the PLC.
No, this wasn’t script kiddies.
If it makes economic and political sense for Siemens to get in bed with Israel, it will do so. The minute it no longer suits their needs, they will leave money on the dresser and exit. That is the way it has been since the late 1800′s with industrial companies and any nation or people they deal with. It is a Dangerous game Israel plays when straddling these corporate giants.
IG Farben and Siemens AG cut deals with the Nazi’s, Ford, GM, Dupont, NY fed and European Banking families, whoever could further their cause before, during and after WW2. Millions of Jews and Europeans died as a result of their products and technologies, yet after the war business went on as usual between all groups and governments and peoples. This is no different, if Siemens was part of this, or Russian software engineers, or Israeli spies…..
Its just business.
I see no reference here to what I consider the motivation for Siemens’ involvement in the “worm” – it is not conscience.
Siemens is the epitome of the giant, world-wide industrial megacompany: profit-driven, tightly managed, hard-nosed, pragmaatic, heartless: compassion and philanthropy rank down at the bottom of its objectives. Any apology for mssteps in political correctness are purely to ward off negative buying decisions. Siemens is a major manufacturer of cyclotrons, and in selling them it does not weigh the purpose for which its products will be used. “If we don’t sell to them they’ll buy from somebody else” is the capitalist mantra.
So, now that Iran is close to attaining its nuclear weapons objective, it is no longer an important customer. Neither is Israel, which undoubtedly purchased from them in the past. But there is one BIG difference: Israel is no threat to Germany: Iran is.
Sieemens is a deeply German organization – an icon of German research manufacturing superiority and world domination in its many fields. Siemens management, along with most Germans, is greatly disturbed by the country’s rapidly growing Islamic population. Ahmadinejad may rant against America, but the Germans see the threat right in their faces every day. Siemens may be willing sell its products to jihadists, but is never going to let the end products of its cyclotrons be directeted at it’s people.
This is no sudden spasm or conscience. There can be no doubt that, from the beginning of the sales contracts, the company has gathered every bit of information on the Iranian operations possible against this inevitable day. Just as inevitable would be its cooperation with Israel, the only sovereign state with the guts to take action, the intelligent resources for progamming, and the integrity to keep silent.
Do you think for one minute that Siemens or Israel would have revealed this project to US intelligence agencies, aware that it would be certainly leaked to the NYT? The German people may wildly cheer Obama, but any ifrm as experienced in foreign relations as Siemens, and any nation that has been betrayed or dismissed as Israel, wants nothing to do with this Administration or any other, for that matter.
Who would ever have dreamed it: Germany and Israel colaborating to protect a nation that has lost its will to act in its own defense!
I used to work for STN-Atlas Elektronik GmbH. The makers of the integrated subsurface combat system ISUS-90 installed on the IDF’s “Dolphin” class submarines. The team I led was mixed German and Israeli.
My last military work was some maintenance consultation on ISUS-90 at Haifa Naval Base in 2006.
Naturally I can neither confirm nor deny the capability of these boats to carry Popeye missiles with physics packages. Yes, I know the Federation of American Scientists has published yield, range, number in service etc etc – everything but the individual missiles’ serial numbers – but nonetheless.
“The fact that foreign reports refer to the submarines as a deterring factor says something. In matters having to do with existential threats we must remain vague,” – Chief commander of the IDF’s submarine fleet, Colonel Yoni.
Anyway… it wouldn’t be the first time that there has been German-Israeli co-operation in sensitive areas. Assuming there’s been some here.
Yes, Siemens is a pillar of German industry, BUT, let me point out again that their PLC business was largely purchased from Texas Instruments in the ’90s. The PLC business is mostly American.
“…Stephen Colbert’s tedious appearance before Congress…”
Absent cranked up, politically sympathetic audiences and laugh signs, neither Stewart nor Colbert are really funny.
The conjecture about Siemen’s acts of contrition are fanciful and a bit silly.
#21 Morris Goldstein is on the money. MS sucks.
The conjecture about Siemen’s acts of contrition are fanciful and a bit silly.
Silly and naive. And the headline is misleading. The article is somewhat saved by someone who knows what he talking about, Larry Reisinger.
Iranian computers are PCs operating on Windows 7.
For the first time in my life I can say that Bill Gates crappy product was good for something.
No, it was BAD for something
I reckon microsoft is probably just chuffed to discover 30,000 unlicensed copies of windows in iran.
Roger – as I stated in a comment to your first post about this
“let’s hope you are on to something. And most important – let’s hope A-jad and his henchmen don’t use Apple Macs. To enjoy this worm requires Microsoft.”
Amazing, that if the Iranians had chosen Apples Macs with OSX they would not have this problem. Amazing, but true.
Now – another thought. Does not this “good news” of the problems the Iranians now face, represent a “double-edged sword”? The moronic allegiance of American companies, and defense operations, to Microsoft Windows in a million different applications and permutations, creates a very dangerous vulnerability to American defenses and also our entire industry. What stops Stuxnet from being used by Iranians to create vast harm to the Western world, just like has been done to them? If we are stupid enough to rely on Windows 7, which after all these years still allows viruses to enter a computer undetected and then to take over that very computer without the computer owner authorizing the external activity?
So, 90% of American computer owners, individual, businesses, government agencies – all are potential victims of Stuxnet. Because they use Microsoft Windows 7 with all its known security defects. The only ones who are safe are the users of Apple OSX. Hopefully this includes our national security apparatus.
It is worth noting, that Steve Jobs biological dad (he was adopted), I believe if my recollection is right, was of Syrian descent. For what its worth. His son has led the effort to make the best computers in the world.
Actually, no. The Siemens programming software won’t run on Apple. They had to use windows of one sort or another.
From what I’m gathering though, if they had somehow acquired XP, this wouldn’t have worked.
Dear Dhimmis:
Everyone knows that computer science (which was invented by Muslims in the eighth century) is well beyond the intellectual capacity of the Zionist Pig-Dogs.
This is why The Illegal Zionist Entity has no high tech sector like Syria or Egypt does, so the idea that the Jews did this is ridiculous.
Sincerely,
Mahmood A.
(Not The President of Iran)
PS: We will bury you, etc…etc…
A friend of a friend of a friend hinted…..
I have no idea about this case. But I’m of the opinion that certain bits of military and other kit sold to the Middle East may have certain surprises built in. Not by governments, and not with the knowledge or permission of the manufacturers. But manufacturers employ employees, and employees smart enough to work on this software are also smart enough to know that it would be really useful to have the capability to permanently put it into a safe mode if it got into the wrong hands. Some may act as individuals, telling no-one.
No documentation, no trace, no record. And others get told about it only if the individuals concerned think it’s the time to toggle the safety. The difficulty is getting it past QA, but some firms have been known to be less than 100% vigilant about their object config management. Even the source, sometimes. And DLLs make it all far too easy.
So I’m told a friend of a friend said.
And that is why, Ladies and Gentleman, savvy customer all insist on access to the source code, and compile and maintain it themselves. There are few savvy customers in the Middle East, Israel being the prime exception.
[Did they want to be recorded in history as the company that created the software controlling Iranian nuclear weapons] to have a switch-connection in the 2nd mass slaughter of Jews? It is an interesting take Roger.
Zoe Brain, in a way, your friend of a friend may be on to something, without realizing what the implications are.
Israel’s security services are not always ‘tied’ to the Mother Ship, some are scattered at this company, that company, no one the wiser-they are THAT good at their ‘work’.
Therefore, what may appear as a rogue employee operation is very likely not.But then again, the point is that their efforts remain ghost-like.
Posters would do well to recall the Mossad case about Eli Cohen, the spy who reached the highest echelons of an Arab regime, so close to the ruling elite he could smell their cologne. Eventually he was caught, but NOT before he smuggled out mega life saving intel.This is most likely the path of Stuxnet-very direct access via various critical entry points.
Wishing them God speed is the best outcome.
MOSSAD had a large economy-sized cow when they found out an Australian (ie me) was heading the German/Israeli development team on a major part of the IDF submarines’ combat system. Memories of the Mordecai Vanunu affair were still fresh.
I can neither confirm nor deny that they are “That Good”. In fact, I don’t think I can confirm or deny that an entity called MOSSAD exists.
But assuming they do.. this Shiksa wishes them God Speed too.
You lost me there, Zoe, though I thank you for your work. Was Vanunu a secret Australian?
It could be the iranian’s did this to themselves.
I’ve seen them load mortars and RCL’s and blow themselves up on the vids it’s not too far off base to suggest the iranian’s were experimenting with the STUXNET worm and infected themselves by accident (inshallah) and now look to blaming the Jews and the USA for their PC Catptain Trips expisode.
Mohammad weeps.
The Revolutionary Guard in Iran has and uses plenty of software from US and European companies to spy on her citizens and delivery “revolutionary justice.”
Those who might assume saints and freedom loving partisans occupy cubicles in Silicon Valley and the wannabe industrial parks sprinkled throughout the west are simply wrong. The major players and even the minor ones involved in mobile infrastructure, network management, deep packet inspection and cyber security all participate through surrogates and resellers Sanctions are a joke.
Which is why only newly developed and “yet set on the world” technology that exploits weaknesses in all of these tools are the only ways through. And when they get through the success is short lived. One only hopes something of value came out of this instance.
IMO it is a bit silly to divine motives out of a single (and in this case, unrelated) player in an industry that regularly defies sanctions regimes because their products can be delivered electronically and there is always someone willing to make the commission.
Totalitarian states will continue to gain power over their people because a great many of “The Smart People” are simply whores.
I love all the people saying that Apple is the solution to Microsoft’s security problems.
My suggestion, Linux.
Specifically Ubuntu.
Free, open source, secure.
http://www.ubuntu.com/
If it runs on 1s and 0s it is vulnerable.
It all comes down to effort vs yield.
Wrong. Breaking into a house simply requires effort to. The idiot who leaves the doors open and the valuables in plain view (Microsoft) makes things a lot easier. It maynbe possible to create a worm that enters an Apple computer with no indication to the owner, and then spreads in like fashion to other Macs with no indication to their owners,and then actually launches an application loaded on the Mac with no authorization by the owner. It is possible. It has just never happened, mostly because Apples are built with security in mind and are no tubist to allow auto executing Programs to be loaded and launched without the permission of the owner.
Apple smartly put a lock on the door and uses it. Microsoft left the backdoor and the side door open and permits intruders to do what they want once inside.
“just never happened”
http://news.techworld.com/security/5392/worlds-first-os-x-virus-hits-apple/
There are more out there. That was just the first.
At 4.5% penetration, it isn’t like writing a virus to attack an Apple earns a lot of cred.
And the claim that Linux, Unix, posix compliant O/S’ are somehow less vulnerable are a joke.
http://pocketnow.com/android/first-android-virus
Plenty of smart people at Google.
This thread reminds me of why so these comments sections are so entertaining and why arguing with people who rely on “proof by repeated assertion” is pointless.
Couldnt have said it better myself Ziggy.If it was created by a human it can be cracked by a human.MS OS are targetted because they are so common.Thats the only reason.If it gives you piece of mind not to use a MS OS then by all means go ahead.But dont fool yourself into thinking that your system is the most secure.
As far as Iran goes there are other ways to skin the cat so to speak and weve just seen one way.And there isnt a whole hell of alot Iran can do about it.
j-pickens,
“I love all the people saying . . . ” I believe there is only one person commenting on this, and that is me. Now, my comment is true, and you may have some odd opinion on the people who observe this fact (Microsoft is the source of the problem, Apple is not affected), but the truth is the truth. Linux also offers a more secure solution. It is good for technical geeks with plastic pocket protectors, but still it works. People who simply want highly reliable excellent computers and do not expect quality for free, are fine with paying Apple. Linux comes in a lot of variants with nobody to my knowledge keeping the various flavors compatible.
Still, Linux is fine. Just please no snarky comments about Apple, which actually makes high quality computers and software that don’t leave themseleves open to easy malicious assault.
On a side note is it possible for malware to also report where a computer is actually located–a GPS footprint so to speak, such that an entire grid would be produced? I only ask it because there has been constant speculation that we don’t know where Iran’s extensive network is actually located preventing successful military strikes if need be.
Well, the OLD gossip about Microsoft used to say that they had an unofficial motto: “DOS isn’t done until Lotus 1-2-3 is broken.”
Maybe that motto has been updated, particularly at MS Israel.
FYI – http://online.wsj.com/article/SB124562668777335653.html
The theological issue Iran must now address: Nothing happens without the hand of Allah. If Stuxnet does, indeed, disable the Iranian nuclear program, it was done under His watchful guidance. Allah has sanctioned a means for not only disabling Iran’s nuclear program, but, potentially, and much more easily, the destruction of Iran’s entire military and civillian infrastructure. He must be very angry with the Mullahs. Add that bump to your forehead, believers.
Phil
Phil
This whole cloak-and-dagger story, if true or not, makes me sleep better at night. The best thing I could think of is that if they power up the reactor that it blows up in their face. Obviously not like Chernobyl, but something catastrophic that will deter them from ever trying again. With any luck, Amadinjad(ass-face) is standing right there when it goes boom.
Why not like Chernobyl? These are isolated sites.
A reasonable test of the hypothesis that Siemens gave voluntary assistance to the developers would be to see how far this attack spreads. If it is not limited to black hat targets, then I think one could assume that such assistance was at least coerced, if not absent. Whatever the etiology, I too applaud the attackers – even if non-threatening industrial systems are sabotaged as a side-effect, it will be worth it.
Yes, of course people, Apple and Linux do not contain security flaws. And we know this because every week they issue security patches to fix the security flaws that were not patched by the security patches issued the previous week.
Any chess players out there in defense-of-the-West-including-Israel-land?
If there are, Stuxnet may be the foot in the door. Yes, it has threatening capabilities that are not fully understood as to effect or purpose. It spreads widely, sends some unknown data back to an unknown processing facility. Word gets around, it is studied and attacked, but it needs enhanced antivirus programming to find and kill its infection.
And the final functionality, the purpose of the entire enterprise, cannot be delivered until the unknown data analysis facility completes its review of the intelligence returned during the initial Stuxnet attack. Stuxnet’s developers, or a related programming team, finishes coding the portion of the application that will fulfill the project’s objectives.
The chess masters deliver the killer application in a an anxiously-awaited worm-killer, the only known antivirus program that can detect and disable the dreaded Stuxnet.
Roger L Simon might have written such a scenario in his next novel, perhaps?
God did it. Not the false God “allah”, but the True God of Israel. The One who gave us Yeshua ha Moschiach. He used people, indeed, but this thing is from Him. When the world DOES end, and one day it will, it will be by HIS hand and not by the hand of men.
No one is dead, Iran doesn’t get nukes and war is averted. God wins again.
(Yes, some of you Hebrew folk will have a fit over my ‘combining’ the two religions in my comment, but that’s OK. I’m grateful to God for giving the world His Moschiach through the people of Israel.)
Not a fit at all, though your team always await eagerly – hoping for such a response – so you can call us lost, etc. Good luck becoming a Noahide…
You’re right of course, in a cosmic sense (I doubt God personally made the virus
).
If I’m reading the bible correctly though, a time is coming when God will allow Israel to be driven to the wall in order to recognise Jesus, and it won’t be pretty.
For the time being though, God bless Stuxnet.
This story only means there will only be a delay – several months to a year at best before Iran proceeds with it’s plans.
Maybe. Maybe not. The IRanians, who rely on outside technology for what they do, now are in a much more complicated position, especially troublesome in an already paranoid society. If Siemens is not involved, someone is and they don’t know who. If, as Simon theorizes, Siemens is involved – or their friends in German intelligence – then Iran is in deep trouble. This could be very big.
Let’s wait for damage reports before concluding that. I doubt that they would have gone to all this trouble without thoroughly investigating the most destructive way for these things to fail. I have my suspicions regarding what they actually physically did, and if true, this might have set them back years.
I know I would love to hear your “suspicions” — if it isn’t too much trouble
Long explanation why, but I think that this was targeted at Natanz (centrifuges). I don’t think it was targeted at Bushehr (reactor), though it may have gotten there, but probably can’t do any real damage there.
Just a suspicion. I can imagine how a PLC on a centrifuge can cause mechanical hari kari.
Just read Dan Silva’s The Rembrandt Affair.
Someone is finally thinking outside of the box.
Good job and more of the same.
#46 Chester
“This story only means there will only be a delay – several months to a year at best before Iran proceeds with it’s plans.”
Maybe, but only if the damage stops here. I suspect there are more surprises awaiting the Iranians. Even if this particular weapon somewhat fizzles, I imagine the same team is already at work on v2.0. Also, there’s a strong chance that a different foreign policy will begin to emerge in the U.S. over the next few years. Enough time bought! By then, A-Jad may be reduced to sending handwritten notes, composed at the palace out-house, to Europe via camel-express.
This is beginning to look like a winner.
When Zero placed his feet on the table, with Stuxnet already in the pipeline, Bibi must have felt like he was the Yankees playing the local High School team.
Phil
The things Zionists will do to stay alive are amazing.
Rest assured, BHO knew nothing about this, and is probably having a hissy fit over its implications.
The saying, Never Again, means that ALL options are on the table.
These actions by our cyber forces is only an initial response to Never Again.
Those who believe that our people will allow another Holocaust are out of their minds.
Few in Israel don’t understand what our Samson Option entails.Fewer have a problem with it, and THAT should tell the world how far we will go to exact revenge on our tormentors.
You’re absolutely right Adina! Whatever it takes…
I kind of agree. I wrote a post to your post on Simon’s other thread regarding the TV station project.
Shalom Larry, thanks for you response re the satellite channel.
Am being updated by Tsafrir’s wife after the holiday, it appears that the last part of financing(everything else is in escrow) is being raised.I am keeping my fingers crossed and will post you on the developments.
Thanks, Adina. It would be fun to contribute something. Also, you are inspirational – better than three shlichim in a rowboat, or something. Tsafrir must have been something else.
Larry, if you want to see what I REALLY think about Tsafrir Ronen, go to – http://www.israelnationalnews.com/Articles/Author.aspx/451
Even I could produce this movie — pitch it Rodger your chops still good
Amazing !
I hope that one day we will come to know who pulled this and we will be able to congratulate the Freedom Fighters.
Imagine the fear of the mad mullahs now: by now they have understood that every time that they have to flip a switch they could cause a catastrophe.
Amazing !
and
HALLELUJAH !
Sherab, about that disaster you mentioned, take a look at this from a highly credible technical site – news.cnet.com/8301-27080_3-20017201-245.html
Pay particular attention to the last paragraph at right hand top of page where it refers to things blowing up…….
This is just the beginning…..
Why wouldn’t Obama approve or at least support such a cyber attack on Iran? After all, an pro-peace anti-war Liberal that he is, a cyber attack is sure to prevent, or at least delay a REAL, military attack on Iran’s nuclear program…..
Reason #1: Because Obama is stupid and a prick.
Reason #2: Because Obama has been bought and paid for by some other country or person, and that entity is anti-Israel and probably pro-Iran nuke.
Reason #3: Because Obama says America can withstand another terrorist attack, so he’s fully prepared for Iran (or North Korea or China or Russia [or Saudi Arabia or Mexico or Somalia ]) to lob a nuke at us to prove that he’s right.
Obama is in bed with his mentor, Bill Ayers along with his political soul-mates, Bernardine Dohrn and Jodie Evans of Code Pink. They are firmly behind the so-called free Gaza movement which is actually a subplot to their goals of destroying Israel and the USA. The main reason they embrace hamas and Ahmadinejad is “my enemies enemy is my friend.”
By some painful, convoluted reasoning, the destruction of Israel has become an important milestone in the hard progressive’s goal of taking down the stalwarts of free enterprise. Obama has too many ties with this wing of the “progressive” party so he keeps his mouth closed. And when he is forced to make remarks against the insanity of Iran he speaks weakly and in measured tones. (Remember – not a sincere word of support from Obama for the martyrs of the Green movement in Iran.)
Chester, a VERY apt analysis.This is exactly why BHO cannot bring himself to give ANYTHING but a tepid response to ‘terror’, whatever the hell that means!! Israelis trust him less than the plague, and that is even a stretch.
Simplified, birds of a (terror-leaning) feather….
One has to laugh!
This is a classical example of the so called “West” being penny wise and pound foollish.
We finance our own enemies, all that terror and all that barbarism and then spend those gigantic sums to defend ourselves against the monsters we create.
We are NEVER going to live and develop in peace until we stop transferring those trillions to our enemies.
We have to stop finanse the ISLAMIC PETRO-TERROR and RUSSO-PETRO-TERROR by developing our own energy resources in all feasible and profitable areas.
We have to stop finance the NARCO-TERROR by decriminalising drug use and shifting the resopnsibility from the third party onto the real perpetrator – the drug user. Thus the very diminished drug use and its production will be funded inside our societies. Thus all the money will stay inside and the final damage will be much smaller than now.
We have to stop the SINO-TERROR by slashing the ridiculous and unsustainable trade deficit with China.
Then all those totalitarian, degenerate and hostile regimes will begin falling appart like houses of cards.
It is just fanny that our so highly professional friends are sallivating themselves over the genius of TUXNET while omitint the thousant times more important factors.
And as for our friends in Israel, I have always been suggesting on FANTASTIC Caroline Glick’s blog that Israel should arm their nukes with the mantle of thritium or deuterioum and tell the world: “If we go down, the entire world will go down with us.” Only then the so caled “world” will listen.
There is the hope though. Her name is SARAH PALIN. If the Yanks are clever enough and elect her as their next POTUS, she shall end up all that above mentioned crap. She is pretty adamant about it and the most courageous in expressing her intentions.
Ditto Bogdan from Australia
Those are all good points, Bogdan. Still, for many the sight of Israel under increasingly threatening siege while the world goes on pleasuring itself is very frustrating. Besides, the signs that the West will actually move to energy independence are weak: people insist on driving their big vehicles far, on consuming lots of electricity and much more. Anybody who waits for this event to occur is similar to the patient souls who follow the lead of people like Michael Ledeen who basically ‘hope’ – and then request – that Israel wait until the big revolution takes place in Iran.
I do like your suggestion regarding Israel’s WMD.
Aah yes, the old thritium/deuterioum bomb. The stuff of legend.
Why is it that the right’s fantasies always involved some sort of samson-like suicide of israel? Here’s crazy idea – how about if nobody TRIES to attack israel? Try it on. Think about it for a bit. It’s an interesting thing to consider. It’s probably a lot cheaper in the long run.
As for “slashing the ridiculous and unsustainable trade deficit with China” … how do you propose to do that? Just whack up trade barriers? And what happens then? Do you think china might notice, and stop buying all those minerals that make australia’s economy the talk of the town? Or you could go with bob katter’s approach and slash interest rates to try to drop the $AUD – that’d be a laugh, when bob katter can no longer afford to put diesel in his tractor because it’s priced on the singapore exchange.
I love these simplistic solutions – they’re a great laugh. I suspect sarah palin loves them too, which is why the US (and the GOP) will desperately regret ever electing her to a position of real influence, should she ever bother coming out from behind her rock to campaign for something.
I am likely the big dissenter here. I think it had nothing to do with Israel, or Iran. But rather China, and Siemens. Follow me on this.
Iran, India, and Indonesia have reported infections. From, by all accounts, USB drives. Most of which are made in China, and have reported virii and worms before, from that source.
My own guess, is that this is some free-lancing, by Chinese rivals aimed at Siemens. “See what happens when you run their hardware?” Chinese companies sold poisoned milk to their own people, let alone poison dog food, and toxic kids jewelry abroad. This is entirely consistent with the Chinese company-state nexus.
Consider also what happened. Widespread knowledge, code that was **FOUND**. I would expect Israel if it targeted Iran’s nuke facilities through cyber attacks, would have been **VERY** discreet, with code very subtle, making itself a terrible nuisance without ever being **FOUND**, making itself look like random hardware glitches.
Sure, Israel **COULD** do this, but if the objective was to sabotage Iran’s nukes thoroughly, it was poorly done. At best a minor setback. In the meantime, Siemens looks like mud, without elementary security checks as to authorization of commands from connected PCs. I personally cannot fathom nuke or other facilities (including American ones) running PCs with Windows, but apparently that is the case, including the US.
Security should include “dumb” terminals with no ports at all, systems not connected to the internet (reportedly US “smart grid” systems are directly connected to the internet), running highly specialized, proprietary hardware and software. This is not fool-proof. But it makes attack a lot harder than what seems the case:
RANDOM SHIPPING OF INFECTED USB DRIVES, starting with the letter “I” countries.
This ought to be a wakeup call for every US utility. Re-do systems to make security #1. Heck common criminals looking for payoffs could extort a lot of US utilities, from Eastern Europe or China or the Gulf or what have you. Putting internet access on complex industrial systems is like having a USB port on them. Stupid.
Agree w/ Whiskey that the source of attack was China. It’s not like China doesn’t have a history of attacks on other country’s systems.
But I disagree it was for economic reasons. China has strategic reasons in seeing India weakened,Pakistan kept from wandering away from China and towards Radical Islam and a definite need for Gulf Oil. Having a non-Nuke Iran,surrounded by Gulf countries in midst of arms race, w/relations w/the West in the trash and Russian unreliability amply demonstrated would well suit China in forcing Iran to come begging.
Dark horse is Russians. Just as Russia used Spain for testing equipment and doctrines,they may be field-testing their cyber-war techniques.
It turns out that this worm has been over hyped and is,in fact, the work of a disgruntled Siemens AG fired employee.
If any nation had released such an attack they would be pariahs—such a worm could — and has spread– to at least 10 allied nations of the US.
We understand the Israeli PR ploy– but they need to upgrade.
Lol; if you do a little research into Siemens you will discover that not only did they do the things you state for the Nazi party they did far more. Siemens was almost singularly responsible or at least involved in the development for almost anything and everything the Nazi party used and or developed for communications period as well as anything which used electricity as well including weapons, phones, telegraphs, cybercoding (of that time frame such as telegraph Morse code etc), all radio technology, sound technology (IE sound wave bombs), radar tracking devices and much more. I thought these things were common knowledge as they can be discovered without even bending a page on anything concerning the Nazi party, Germany during those times, and telecommunication or electronics of any type. I would go as far to say Siemens was one of the first true monopoly companies in the world in these fields.
So someone else is factoring in the likelihood that Germany would want to pro-actively save and defend a country full of final solution survivors? Well, I guess America wants to pro-actively save and defend Japan, so maybe so.
Mister Mann:
I’m sorry, but … huh?
Every single industrial company in germany at that time did business with the nazi party in some way. Just like they did business with the kaiser before that (and got very rich nailing him to the wall). Krupps, the people who make your coffee machine, used to make artillery. Pretty much all of modern germany’s big chemical companies manufactured something to contribute to the war effort – be it explosives, or poison gas, or zyklon b, or synthetic fuel (prior to that, they did a lot of business nicking patents from overseas inventors, but that’s another story)
So what? Do you have nazi coffee machine? Are farmers spraying nazi herbicides on their crops? Are you taking nazi pharmaceuticals? No, on all counts. Just like mitsubishis aren’t japanese imperialist war machines any more, or subarus or BMWs or mercedes benz of volkswagens, for that matter.
And siemens was involved in developing morse code? REALLY? Well, that’s one for the books. I’m sure the american sam morse would have been surprised to hear that.
I guess the shorter version of this is: get real. Go outside and get some sunlight.
Dude: lower caffeine intake immediately. Thanks for doing that.
Regarding the likelihood of the hypothesis that Siemens assisted Israel in infecting Iranian industrial facilities with Stuxnet, I would observe the following information from a Reuters January 2010 article:
“Siemens, which is Europe’s biggest engineering conglomerate, was aware of the sensitivities attached to doing business in Iran, Chief Executive Peter Loescher said.
‘Some time ago, we reduced our business activities with customers in Iran,’ Loescher said, responding to questions at a shareholders meeting.
The Siemens board decided at the start of October not to agree to any further orders with customers in Iran, he added, noting, however, that existing orders would be fulfilled.
Loescher said there were still bids submitted by Siemens before October 2009. If they were not accepted, it would mean new business in Iran would end by mid-2010.”
http://www.reuters.com/article/idUSLDE60P1LJ20100126?loomia_ow=t0:s0:a49:g43:r1:c1.000000:b30083910:z0
Or stated more simply, Siemens claims it is terminating its business with Iran, however, it also says that it will continue to fulfill existing orders, and, if its tenders submitted to Iran before October 2009 are accepted, these apparently will also be honored.
Thanks, Siemens, for your kind and very thoughtfully worded assurances.
Mr Simon,
In your entry you note that two digital certificates have reportedly been utilized by Stuxy. I have read as much material on this topic as I can and cannot find any reference to these certificates. Can I trouble you for a source on the certificates?
Thanks,
Mandalore
I wonder if the ‘official’ copy of the Koran is available to the manipulations of this worm. That could be a blast.
Whomever gave birth to Stuxnet – it is a new thing and it’s too soon to pronounce on its impact. Maybe we should wait and see if it grows from its present infancy to the stage where it starts having tantrums. I’m applying the principle of maximum fun by suscribing to the theory that Stuxnet is a Jewish love-tap to Iran. Hang in there Israel.
The principle of maximum fun states “where two or more hypotheses exist, choose the one that produces the biggest grin.”
Larry Reisinger; thank you for your comments and your links. Job well done.
I’ve been worried about Iran for so long this whole story is a great relief. I can only hope this worm functioned as expected and it wouldn’t pain me to discover that the nuclear capabilities of India and Pakistan were toasted as well. Thanks for the superlative reporting, Roger!
I am not going to comment on the political claptap in this article, but, as a world-class computer virus expert (google me) I can assure you that, technically, this story is complete and utter bullshit.
1) The speculation that the Stuxnet worm was directed against Iran originates from the fact that when McAfee first implemented detection of it, they found a lot of infected computers in Iran. That’s the only factual information. Please note that, according to the compile date of the executable, the virus had been created as early as in January and that since then lots of infected computers have been discovered all over the world (mostly Europe, China and the USA).
2) Siemens, if anything, is a victim here. The virus is designed to modify the commands sent to a SCADA system which happens to be produced by Siemens. We have no idea which particular system this is, where it is, what it does, or even what the modified commands would make it do. We don’t know if the virus has found it or not.
3) The digital certificates involved (there were two of them, used to sign the executable files) were stolen from two different companies (Realtek was one of them; the name of the other escapes me right now), both of which have HQs in the same building in Taiwan. If anything, this suggests that the virus is of Taiwanese origin – although I wouldn’t consider this reliable evidence. Again, Siemens has absolutely nothing to do with this.
4) While the virus shows some sophistication on the part of the attacker (4 zero-day exploits), it is huge (1.5 Mb) and messily written in a high-level language (C++, I think). Plus, if your goal is to target a particular system, like the Iranian reactor, it is the top of stupidity to do this with a self-replicating code that will pop up all over the world and will catch the attention of the anti-virus companies. The proper way to do this is with a targeted attack – for instance, a PDF file with an exploit sent by e-mail to the executives of the targeted installation. While gross incompetence might suggest US (or other) government involvement, I do not consider it reliable evidence. There are plenty of stupid people among the average virus writers, too.
5) If I have to speculate, I’d say that the virus is of Chinese origin and has been created by a group of authors (you can see different programming styles in the various parts of its code) for the purposes of industrial espionage. The large numbers of infected Iranian computers is easily explained if you remember that lots of Chinese companies do business with Iran.