Computer Virus so specialized "could only be a weapon"

[Wiseone]

One of the most sophisticated pieces of malware ever detected was probably targeting "high value" infrastructure in Iran, experts have told the BBC.

Stuxnet's complexity suggests it could only have been written by a "nation state", some researchers have claimed.

BBC News - Stuxnet worm 'targeted high-value Iranian assets'

Its only speculation but it seems to have been developed by a country considering its size, complexity and its specificness. How awesome is that story, they should make a movie about it.

 

[Deuce]

Gonna take a wild guess and say Israel might have an interest in such an action.

 

[ScottD]

Gonna take a wild guess and say Israel might have an interest in such an action.

Could be an entire list of nations ranging from Israel to the US to some members of the EU. So far it's just speculation that this was even a nation making this malware. I bet you there are coders out there who could make the most sophisticated viruses ever in under a day in their basement. Remember, it took some kid in Europe 14 hours to crack the state-of-the-art protection on DVDs.

 

[spud_meister]

Gonna take a wild guess and say Israel might have an interest in such an action.

You gotta admit, if it is, they do a pretty good job, much more subtle than an F-15I.

 

[ric27]

Gonna take a wild guess and say Israel might have an interest in such an action.

 

[Councilman]

I think they did make a movie about a kid computer junkie who hacks into the DOD computer in side Cheyenne Mountain. It was Titled War Games with Mathew Broderick.

It was a good movie.

This being real life it does sound at first thought like a Government sponsored attack but there are some true geniuses at computers who are pretty young and have contests to see who can get into most secure systems and screw it up or just look around.

I happen to know a kid who was 15 years old when he built his own computer that out preformed the one I spent a bundle on. He claimed it was no big deal.

Quote Originally Posted by Deuce
Gonna take a wild guess and say Israel might have an interest in such an action.

This quote is almost a double DUH! candidate.

 

[zip98053]

Could be an entire list of nations ranging from Israel to the US to some members of the EU. So far it's just speculation that this was even a nation making this malware. I bet you there are coders out there who could make the most sophisticated viruses ever in under a day in their basement. Remember, it took some kid in Europe 14 hours to crack the state-of-the-art protection on DVDs.

First, the DVD "encryption" wasn't close to being state-of-the-art. It is what they could afford to put into DVDs and it relied on obfuscation which is not an effective form of protection.

Next, the nature of the attack, is that is on control systems. It isn't that most hackers don't have access to the codes in these control systems (and they mostly don't) but that there is little to be gained for a hacker to go after an industrial control system.

Hacking a control system is not that hard, once you get in. They rely on physical security more than anything else. If some hacker had done this and developed the method of penetrating the physical security, they probably would not have been so selective in what kind of system they attacked after they got in.

It is a reasonable conclusion that this was state sponsored. The list of possibilities is long.

 

[Simon W. Moon]

These people either stole or cracked Verisign certificateS to use with Stuxnet. They exploited four different Windows vulnerabilities, two of which were previously undiscovered. It travels from USB stick to computers w/o the user having to do anything but insert the USB stick. This is not a run of the mill script-kiddie nor something a grad student cooked up in his basement apartment.

 

[TurtleDude]

I was at a seminar about Computer hacking-especially out of Russia and China and some of the reverse stings that the FBI engineered. But the most interesting and illuminating story involved some American teenager who supposedly started some nasty virus that cost a bunch of businesses a bunch of money. Well before the kid could be brought to trial, he disappeared. No conclusive evidence, no indictments, no arrests but the best explanation was one of the companies called in a cleaner and made "the problem disappear".

The guy doing the lecture noted that some of the hackers who start this sort of crap haven't figured out that if you cost somebody alot of money they might call in a contract on you.

 

[Guy Incognito]

No conclusive evidence, no indictments, no arrests but the best explanation was one of the companies called in a cleaner and made "the problem disappear".

Not that that isn't a great story, but how is a conspiracy theory ever the "best explanation" for anything? A teenage kid about to be put on trial who disappeared? I'd say the "best explanation" is that he took a dive off Lover's Leap and they haven't found the body yet. Tell me, TD, do you also believe in another "best explanation" that involved a grassy knoll?

 

[TurtleDude]

Not that that isn't a great story, but how is a conspiracy theory ever the "best explanation" for anything? A teenage kid about to be put on trial who disappeared? I'd say the "best explanation" is that he took a dive off Lover's Leap and they haven't found the body yet. Tell me, TD, do you also believe in another "best explanation" that involved a grassy knoll?

I don't understand the point your your response

it makes no sense and apparently has no relevance to what I said and since you weren't there you have no ability to even come up with an alternative explanation.

 

[Councilman]

A couple of things trouble me about this story and ones like it telling us that some kid genius somewhere hacked into a Pentagon or other sensitive Government computer.

I can sort of understand the Iranians being naive but only sort of because when this nation was known as Persia they made great contributions to the world in areas like Philosophy, Medicine, Science, even Poetry.

It seems that the Islamic revolution has reverted them back to before recorded History when it comes to intellect.

We on the other hand have no such excuse since our Nation leads the world in almost every human endeavor.

So I have to ask how brilliant is it to have sensitive computers on the same internet as Yahoo, Google, and Facebook and crazy old Aunt Fanny and her vibrating monkey?

This makes no sense what so ever. It's like the enemy being able to download images in real time from Predator Drones in a combat zone.

It's crazy times 100.

The same goes for our infrastructure there is no reason to have to read the dials our make adjustments from outside the plant or what ever's location.

Next there is this: The project manager at the Bushehr nuclear plant, Mahmoud Jafari, said a team is trying to remove the malware from several affected computers, though it "has not caused any damage to major systems of the plant,"

Based on my political knowledge I equate this statement of Saddam Husein's spokesman Tariq Aziz as American Troops were coming down the street.: "American Troops? What American Troops? iI see no evidence of this."

It like being knocked down in a fight, losing a tooth and saying it didn't hurt.

Yeah right.

And finally is it possible that because of the repressive society in Iran than one of the Boys at the power plant was surfing the web for Muslim porn pictures of Islamic women dressed in scantily made Burkas. And inadvertently pick up a Trojan Horse virus.

Or maybe he was just looking for "Trojans" online and mistakenly found the horse instead. Could happen to anyone. :rofl

 

[danarhea]

These people either stole or cracked Verisign certificateS to use with Stuxnet. They exploited four different Windows vulnerabilities, two of which were previously undiscovered. It travels from USB stick to computers w/o the user having to do anything but insert the USB stick. This is not a run of the mill script-kiddie nor something a grad student cooked up in his basement apartment.

I don't worry about that at all. Whenever I buy a USB stick, I always repartition it, then reformat it before using it. Some sticks have crap on them, such as what is on the Cruzer USB drive. The installation program for mounting a partition filled with games kicks in whenever the stick is inserted. That also uses the same interrupt that InCD uses, so that anybody running InCD on their computer has their machine freeze up so badly that a hard reboot is needed, whenever the stick is inserted.

 

[Simon W. Moon]

So I have to ask how brilliant is it to have sensitive computers on the same internet as Yahoo, Google, and Facebook and crazy old Aunt Fanny and her vibrating monkey?
This makes no sense what so ever. It's like the enemy being able to download images in real time from Predator Drones in a combat zone.
It's crazy times 100.

It's not all that clear that the infection came through the internet. What I read said that it travels via USB sticks that contractors and engineers used to carry documents etc.

 

[Simon W. Moon]

Whenever I buy a USB stick, I always repartition it, then reformat it before using it.

What do you use to partition?

 

[danarhea]

What do you use to partition?

You can repartition it in Windows XP easily enough.

1) Insert stick in USB slot.

2) Right click my computer, and select manage.

3) Click device manager.

4) Under disk drives, locate your USB stick and double click it.

5) On the policies tab, click optimize for performance.

6) Save.

7) Click on disk management.

8) Right click on your USB stick, and choose delete partition. If you have more than one partition on your USB stick, you will need to go to the bottom window, and delete all extended partitions before deleting the primary partition.

9) Right click your USB stick again, and choose create partition, and select the type of file system you want on it (on a USB stick, that will usually be a FAT32).

10) After partition is created, format the USB drive.

11) Finally, locate your USB stick under disks in the device manager, and set policy to "Optimize for quick removal".

12) You are finished. Before putting anything on it, take it out and then reinsert it.

 

[MCS117]

What do you use to partition?

Paranoid much? I'm sorry, but that's just pushing the envelope. You do not need to reformat a partition just because it might be infected. Most of the time, we reformat just to remove bloatware, but half the time those bloatware are in a form of CDFS that boots up like a CD rom but is part of the memory, which is sadly enough, undeletable. The U3 is able to be deleted because some people developed a program that will take that partition and delete it, ultimately doing a low-bit reformat of the blocks or another way.

Another reason is to change the type from FAT or FAT32 to NTFS format so you can use it more effectively. But ultimately, you do not need to reformat each new usb drive you get... sometimes you will delete those backup software or something you probably paid for when you bought the usb.

This makes no sense what so ever. It's like the enemy being able to download images in real time from Predator Drones in a combat zone.

Just a side note, that was caused by bad programming, they did not encrypt the video feeds like they should have, which made the broadcast open for anyone that has a radio wave scanner and a portable TV.

And finally is it possible that because of the repressive society in Iran than one of the Boys at the power plant was surfing the web for Muslim porn pictures of Islamic women dressed in scantily made Burkas. And inadvertently pick up a Trojan Horse virus.

Or maybe he was just looking for "Trojans" online and mistakenly found the horse instead. Could happen to anyone.

I think rootkits are much better just because rootkits are designed to hide in the kernel and are nearly undetectable once installed. Nasty little buggers... It's like herpes/cold sores. Once you get it, you got it for life.

 

[Apocalypse]

BBC News - Stuxnet worm 'targeted high-value Iranian assets'

Its only speculation but it seems to have been developed by a country considering its size, complexity and its specificness. How awesome is that story, they should make a movie about it.

What would the movie be like?
A Persian government worker is sitting in front of a computer during night shift playing bubbles, when he decides to check up his email.
He enters his mailbox and checks for new mail, when he sees a message titled "free penis enlargement - results guaranteed!".
He opens the message in hopes of a free penis enlargement - results guaranteed, and suddenly the computer shuts itself down.
Credits roll, movie ends, crowd cheers, oscar awarded.

 

[Aunt Spiker]

BBC News - Stuxnet worm 'targeted high-value Iranian assets'

Its only speculation but it seems to have been developed by a country considering its size, complexity and its specificness. How awesome is that story, they should make a movie about it.

The government itself is completely brainless - so, no, I don't believe the government *made* it.
Pure geniusus and those of deep intellect often don't run amuck in large numbers wearing suits - but often they are sought out by the government for what htey can bring into the fold.

 

[Kandahar]

Apparently the Stuxnet worm is STILL wreaking havoc on Iran's nuclear and military facilities, nearly a week later. They are describing it as "devastating." Apparently the Iranian government is quietly reaching out to European IT consultants to help them secure their systems.

:lol:

 

[The Mark]

I think rootkits are much better just because rootkits are designed to hide in the kernel and are nearly undetectable once installed. Nasty little buggers... It's like herpes/cold sores. Once you get it, you got it for life.

Have to kill and reanimate the PC to fix it sometimes. :mrgreen:

 

[Simon W. Moon]

You can repartition it in

So you're justtalking aout deleting and recreating a partition.
I thought perhaps you were making new, additional partitions