Stuxnet: Target Bushehr?

[Tukhachevskii]

Sounds a lot like a Russian or Chinese programme. IMO it fits their respective doctrines.

[bourbon]

Iranian nuclear programme targeted by computer virus, by Maryam Sinaiee and Michael Theodoulou. The National (UAE), September 26. 2010.

TEHRAN // Iran revealed yesterday that a so-called computer worm – which experts say shows unprecedented ingenuity and is unique in its ability to seize control of industrial plants – has infected the personal computers of staff at its first nuclear power plant.

But Tehran said the so-called Stuxnet malicious computer program, which has been described as the world’s first cyber-guided missile, has not damaged operations at the flagship facility in Bushehr, which is due to go online within weeks.

A likelier Stuxnet target, they speculate, would be Iran’s far more controversial nuclear facility at Natanz, where spinning centrifuges are producing low-enriched uranium for power plants.

[davidbfpo]

An interesting comment:http://kingsofwar.org.uk/2010/09/kua...ar-facilities/

Which concludes:

To conclude then, well, what can we conclude? Not much, at present; we need to keep watching and not assume that the story is over because there are so many loose threads, so many questions to be answered, so much fog where clarity is needed for good judgement to be rendered. Still, I can’t help but think that some watershed has been passed, that Stuxnet of September 2010 will be remembered rather in the way we do the aerial bombings of civilian centres by Zeppelin airships–not as particularly strategically significant at the time but as a harbinger of what is still to come.

[AdamG]

If this gets any curiouser, only my smile is going to be left....

While security experts know what Stuxnet is designed to do, Conficker is still the reigning mystery of the cyberworld because no one knows why it’s there or what it’s going to do. “Whoever developed it must be thinking that this was an incredible learning exercise,” says Joffe. “They were able to modify their code four times as we reacted defensively each time. They were able to step around us.” Version E of Conficker came out at the beginning of April 2009 and—alarmingly—it remains unbroken a year and a half later. “They raised the bar so high I have no idea what it’s doing,” he says. “It looks like it’s dormant.” But if he were to put himself in the Conficker controller’s shoes, he muses, “I'd be tactically selling off individual machines,” so that customers could choose their targets from a directory of hacked computers. “He could give me your computer, and we would never know it, as a security industry.”

Read more: http://www.businessinsider.com/cyber...#ixzz10sidE8AX

[Global Scout]

Adam,

Thanks for the link to the article. I was not aware that malware caused a plane crash.

Already, malware has caused the loss of life. This August, the Spanish government released its report on Spanair Flight JK5022, which crashed on takeoff from Madrid two years ago. The pilot of the McDonnell Douglas MD 82 took off thinking that the flaps controlling lift were extended when they were, in fact, retracted. The plane ascended briefly before plunging into the ground, killing 154 of its 172 passengers. Trojan viruses spread by infected USB sticks—the dirty needles of the tech world—had stalled the execution of a key safety protocol before the jet took off, which would have shown that the aircraft’s systems were malfunctioning.

Read more: http://www.businessinsider.com/cyber...#ixzz10suFktT1

[AdamG]

Deep inside the computer worm that some specialists suspect is aimed at slowing Iran’s race for a nuclear weapon lies what could be a fleeting reference to the Book of Esther, the Old Testament tale in which the Jews pre-empt a Persian plot to destroy them.
That use of the word “Myrtus” — which can be read as an allusion to Esther — to name a file inside the code is one of several murky clues that have emerged as computer experts try to trace the origin and purpose of the rogue Stuxnet program, which seeks out a specific kind of command module for industrial equipment.

http://www.nytimes.com/2010/09/30/wo...st/30worm.html

[davidbfpo]

A very short article alleging it is the IDF's Cyber Unit 8200:http://www.telegraph.co.uk/news/worl...r-warfare.html

Elsewhere, possibly from another article in the paper, the 'clue':

Computer experts have discovered a biblical reference embedded in the code of the computer worm that has pointed to Israel as the origin of the cyber attack.

The code contains the word "myrtus", which is the Latin biological term for the myrtle tree. The Hebrew word for myrtle, Hadassah, was the birth name of Esther, the Jewish queen of Persia.

Link:http://www.telegraph.co.uk/news/worl...orm-claim.html

[SJPONeill]

http://www.nytimes.com/2010/09/30/wo...st/30worm.html

Then again, if you wanted to deflect investigation from the true source, just drop a name deep inside the file...you'd like to think that any adversary smart enough to infiltrate a virus like this, wouldn't be advertising its origins...