First Weaponized Software

There's also a thread about this here that includes a number of other links.

Interesting and scary stuff.

p.s. to OP -- it's considered good practice to use the exact headline from an article as the title of a thread in the Breaking News Forums to help cut down on duplicate threads

reply to post by Jason88


lets just say this bug was able to infect every single system on the globe.... it would communicate with the others once in place... then check-mate.

that's just a worse case scenario... i don't even know if its even possible to go on without detection by security programs. I may be wrong though.

reply to post by americandingbat


Apologies for the duplicate posting, and noted to use the original headline. Thanks for the tip.

Siemens PLCs are computerized controllers used in almost all modern industrial plants.

If you have say a enrichment plant with 3000 centrifuges making enriched uranium you would have 3000 speed controllers, lube controllers, bearing vibration sensors ECT ECT ECT. since the uranium enrichment centrifuges spin at the speed of sound loss of lube would make a big mess as the centrifuges started coming apart with no warning if the main control-room computer did not get the reading that the lube feed had failed and the bearing were vibrating
A program could be written to find only plants with this type systems controlled by a plant control-room computer.

And since Siemens is unlikely to sell say a county like Iran the computer codes to program the main control room computer for Iran they will have to write there own program.
This means finding the codes Siemens uses and putting them on a small number of computers for the programmers to use.
If anyplace along the line any of the computers are connected to the Internet this virus can be transferred to the programing computers.
Then when the finished program is transferred to the plant computer this virus will be there piggybacked on the program.

If the party that created the virus knows what equipment is in the plant (spies or payed off worker)they can tailor the virus to attack just one plant and not really do any harm to any other plants.

A number of counties could be the source US or Israel.
Russia or China could do it if they wanted to sell more equipment to Iran to replace the equipment that would be destroyed. by this virus

This is super interesting.

It is also confirmed now that Stuxnet is designed to exploit a Windows Print Spooler service. Story Here.

It has also been confirmed that Stuxnet spreads via P2P channels and infected computers receive their Stuxnet updates through these channels as well. Story Here.

Has anyone else noticed that there has been no statement made by the Feds at all? I have not been able to find anything issued by a U.S. entity. I am very curious if Mr, Langnard and others have been visited by anyone from the U.S. government in regards to an investigation into this. If the answer to that question is no then I would say it is safe to say that we know who the perps are.

I am not sure how to take all this. Would them remaining silent suggest guilt? You would think the feds would be smarter than that. If they were the ones doing it wouldnt their silence make the possibility of them being the perps really obvious? So why no announcement?

Potential tactics would also be openly declaring your innocence because they dont want people to be suspicious of them being "silent" about it. They havent done that though. They have been silent. I dont know how to interpret that.


I must also say that I would never put it past a group of very determined hackers to pull off something like this.

While the evidence does certainly lead to the region around Iran to be the target, I have not seen evidence that truly does suggest that it is programmed to have only one target. It is searching computers looking for certain perimeters and then APPARENTLY moving on. Does anyone know what these perimeters are? I have read nothing that suggests we do. The one target theory seems to just be inductive reasoning at play with no really substantial evidence to give any finality to the claim.

What if Stuxnet has its perimeters set much wider? Since stuxnet spreads itself through a peer to peer doesnt that mean that all the infected computers still have it? What if Stuxnet has a clever disguise for the footprint it leaves when it finds its mark? Maybe MANY computers have already met the perimeters and it just keeps moving on to find more. Is there any evidence suggesting that it couldnt somehow be connected to power plant controllers or anything like that?

This also makes me think of CONFICKER.

Imagine if it was later found that Stuxnet and Conficker were somehow connected and working together.

This is crazy. We are seeing some of the first serious attempts at true cyber warfare.

This sounds like scary stuff,but i do think china who put out all
the dodgy routers etc have put these "speacial chips" inside to
mine data or cause a crash just a theory and i read it maybe
here some time ago.

not the same tech as such but who knows what and where
this softwhare has been and done so far? i doubt it is that
new,just were just hearing about it more now.

reply to post by Jason88


Is this a physical virus, programmed to read computer instructions, making it software?

I'm lost..

If it doesn't need internet, that means it must be physical, right?

Scary site to see when using a computer at a nuclear power plant. The error screen. It says "WinCC Runtime License. Please obtain a valid license."



The computers in the control room.



Heres a photo of a control panel with a Russian standing in front of it. Now why is all the writing in english?



Atleast the warning signs are translated for them. I guess the budget was tight and they could not afford to change the control panels?

Originally posted by ugie1028
Wireless systems could be vulnerable too. the virus can hop/skip/copy itself through wireless networks, or through mobile phone networks. dont need wires for viruses to spread, you just need a wireless connection.

just throwing a monkey wrench into the whole thing.

Now that is interesting, i've been thinking about something like that a virus which literally can go airborne and bypass physicial [internet] junctions, the sky is the limit right It can go anywhere.. I understand that its programmed to self destruct software of hardware?As in creating a short circuit..Imagine if its intelligent enough to overtake systems such as SAM-radars and tinker with the IFF [friend/foe] or an Airport control tower and alter ground level and such..mmm some crazy stuff,
I remember here at ATS there was a thread about the semiconductors for chips [planted in all kinds of military hardware] made in CHina, with the purpose to cripple all kinds of US hardware[like carriers] with some sort of a Trojan horse attack or special frequency emp attack..
i havent found the thread yet..
s&f and welcome on board!

reply to post by Foppezao


yes i'm sure i read about them dodgy Chinese chips with
a built in "special hardware" to make the tech vulnerable
you spoke of.

but what do you expect if you are buying from the lowest
bider.BUT i cant imagine the US would put anything but
US made chips in there TOP military tech would they?

Originally posted by stealthyaroura
reply to post by Foppezao

 

yes i'm sure i read about them dodgy Chinese chips with
a built in "special hardware" to make the tech vulnerable
you spoke of.

but what do you expect if you are buying from the lowest
bider.BUT i cant imagine the US would put anything but
US made chips in there TOP military tech would they?

Well define TOP military? Minuteman, B2's? Top military is also hardened i think...For the regular cruise missiles they just put the cheapest semiconductors/chips in it.They talked about carriers, and in such large complex systems not all components are US made, the chain is as strong as the weakest link...

On Fox news, Is a Cyber attack targeting Iran's nuclear power plants?

Originally posted by ANNED
Siemens PLCs are computerized controllers used in almost all modern industrial plants.

If you have say a enrichment plant with 3000 centrifuges making enriched uranium you would have 3000 speed controllers, lube controllers, bearing vibration sensors ECT ECT ECT. since the uranium enrichment centrifuges spin at the speed of sound loss of lube would make a big mess as the centrifuges started coming apart with no warning if the main control-room computer did not get the reading that the lube feed had failed and the bearing were vibrating
A program could be written to find only plants with this type systems controlled by a plant control-room computer.

And since Siemens is unlikely to sell say a county like Iran the computer codes to program the main control room computer for Iran they will have to write there own program.
This means finding the codes Siemens uses and putting them on a small number of computers for the programmers to use.
If anyplace along the line any of the computers are connected to the Internet this virus can be transferred to the programing computers.
Then when the finished program is transferred to the plant computer this virus will be there piggybacked on the program.

If the party that created the virus knows what equipment is in the plant (spies or payed off worker)they can tailor the virus to attack just one plant and not really do any harm to any other plants.

A number of counties could be the source US or Israel.
Russia or China could do it if they wanted to sell more equipment to Iran to replace the equipment that would be destroyed. by this virus

SO it is coincidence that the plant is also Siemens made?


Stuxnet attacking siemens systems


Stuxnet attacking siemens


So from what i understand this worm attacks Siemens systems specifically? In Germany they hadthe worm removed and it didn't made any damage...In Iran it wreaked havoc and it waited for those specific parameters?...

the last link is interesting it says it can give the target systems new instructions

projects.washingtonpost.com...

IBM
Top Secret work done by: IBM US Federal| Company Web site

International Business Machines Corp. (IBM), headquartered in Armonk, New York, has been known through most of its recent history as the world's largest computer company with almost 400,000 employees worldwide. IBM US Federal is the predominant Top Secret contractor with the U.S. government.

The majority of the company's enterprise business, which excludes the company's original equipment manufacturer (OEM) technology business, occurs in industries that are broadly grouped into six sectors:

* Financial Services: Banking, Financial Markets, Insurance

* Public: Education, Government, Health care, Life Sciences

* Industrial: Aerospace, Automotive, Defense, Chemical and Petroleum, Electronics

* Distribution: Consumer Products, Retail, Travel, Transportation

* Communications: Telecommunications, Media and Entertainment, Energy and Utilities

* Small and Medium Business: Mainly companies with less than 1,000 employees

Facts:

* Revenue for 2008 was a record $103.6 billion, up 5 percent. In 2008 pre-tax income from continuing operations rose 15 percent, to $16.7 billion, the highest ever.

* In 2008 free cash flow, excluding the year-to-year change in Global Financing receivables, was $14.3 billion, an increase of $1.9 billion from 2007. IBM ended 2008 with $12.9 billion of cash and marketable securities.

* In 2008 IBM's gross profit margin rose for the fifth consecutive year -- to 44.1 percent, up 7.6 points since 2003. Our pre-tax income margin rose to 16.1 percent. Both margins are at their highest in more than a decade. Diluted earnings per share from continuing operations in 2008 were $8.93, up 24 percent. This marked six straight years of double-digit EPS growth.

* IBM's 2008 cash investment was $6.3 billion for 15 acquisitions -- 10 of them in key areas of software. And after investing $6.3 billion in R&D and $4.5 billion in net capital expenditures, we were able to return more than $13 billion to shareholders -- $10.6 billion through share repurchase and $2.6 billion through dividends.

* Of the more than 4,000 U.S. patents IBM received in 2008 (our 16th straight year of patent leadership), more than 70 percent were for software and services.

* IBM has divested commoditizing business like personal computers and hard disk drives, and strengthened its position through strategic investment and acquisitions in higher-value segments like business intelligence and analytics, virtualization and green solutions.

* At the end of 2008 IBM had 398,455 employees worldwide, an increase of almost 12,000 from 2007.

* IBM operates in more than 170 countries and enjoys an increasing broad-based geographic reach. Our non-U.S. operations generated approximately 65 percent of IBM's revenue in 2008. IBM's Growth Markets unit, which was established in 2008, grew 10 percent and made up 18 percent of our revenue.

* All around the world, businesses, governments and institutions are investing to reduce costs, drive innovation and transform their infrastructure. The economic downturn has intensified this trend, as leaders seek not simply to repair what is broken, but to prepare for a 21st Century economy. Many of their key priorities are in areas where IBM has leading solutions -- such as smarter utility grids, traffic, health care, financial systems, telecommunications and cities. We are aggressively pursuing this transformational, global opportunity.

As a result of the IBM April 2008 acquisition of Telelogic (formerly Popkin software), all Telelogic products and services are now part of the IBM(TM) Rational software portfolio.

IBM also acquired Cognos Incorporated in January 2008. Cognos was a leading provider of performance management solutions for federal agencies worldwide. Cognos is the world leader in business intelligence and performance management solutions, provides world-class enterprise planning and BI software and services to help companies plan, understand and manage financial and operational performance. The Cognos performance system is an open and adaptive solution that leverages an organization's ERP, packaged applications, and database investments. It gives customers the ability to answer the questions -- How are we doing? Why are we on or off track? What should we do about it? -- And enables them to understand and monitor current performance while planning future business strategies. Cognos serves more than 23,000 customers in more than 135 countries, and its top 100 enterprise customers consistently outperform market indexes. Cognos performance management solutions and services are also available from more than 3,000 worldwide partners and resellers.

So IBM is one of the largest contractors for Top Secret America.

en.wikipedia.org...

Historically, IBM has had a good reputation of long-term staff retention with few large scale layoffs. Recently, there have been cuts to the workforce in less profitable markets as IBM attempts to adapt to changing global market conditions. After posting weaker than expected revenues in the first quarter of 2005, IBM eliminated 14,500 positions, predominantly in Europe. In May 2005, IBM Ireland announced that the MD (Micro-electronics Division) facility was closing down by the end of the year and offered a settlement to staff. However, all staff that wished to stay with the Company were redeployed within IBM Ireland. The production moved to a company called Amkor in Singapore who purchased IBM's Microelectronics business in Singapore and is widely agreed that IBM promised this Company a full load capacity in return for the purchase of the facility. On June 8, 2005, IBM Canada Ltd. eliminated approximately 700 positions. IBM projects the moves as part of a strategy to "rebalance" its portfolio of professional skills and businesses. IBM India and other IBM offices in China, the Philippines and Costa Rica have been witnessing a recruitment boom and steady growth in the number of IBM employees due to lower wages, local revenue growth and increasing percentages of educated and skilled technical and business workers in other countries.

So IBM one of the largest Top Secret America contractors gets there chips made in India, China, Philippines and Costa Rica. And they eliminated the jobs from Canada and Europe. So yes the USDOD get there chips from outside the US. Thats called outsourcing American jobs. But the USDOD say but we bought them from IBM in NY.

Originally posted by Jason88

First Weaponized Software

www.csmonitor.com

"What we're seeing with Stuxnet is the first view of something new that doesn't need outside guidance by a human – but can still take control of your infrastructure," says Michael Assante, former chief of industrial control systems cyber security research at the US Department of Energy's Idaho National Laboratory. "This is the first direct example of weaponized software, highly customized and designed to find a particular target."

(visit the link for the full news article)

Good. If we are able to shut down other countries nuclear capabilities before war or simply to prevent some sort of nuclear war then by all means I am happy with that. This is probably the smartest thing the US could do to prevent an all out nuclear war and I for one and pefectly fine with that. Cudos.

Funny, how then Microsoft have top stop the leaks, in doing so helping Iran with their program

One day this program or one like it will be set lose to find it target. But lets say it malfuctions in some way and starts attacking anything and everything. Shutting down and crshing any system it comes across. Or lets say the "other side" finds it and reprograms it and sends it back to the sender. This is a very dangerous game these people are palying here. Lets say it finds its way into the flight systems of planes. Then just waits there for a date and time to act. Then at the set time planes all over the world start falling out of the skys?
OK, my plane thing may be a little far fetched but not by much seeings as each day things like this come to light.

My question on this [and it has to be in upper case):

- WHEN DOES THE USE OF SUCH WEAPON CONSTITUTE AN ACT OF WAR?

US had spent years developing weapons such as the graphite bomb to disable power stations. To use a weapon [bomb] on a country is clearly an act of war. So when does this become an act of war.

It is a grey area that could be exploited

reply to post by templar knight


That is the problem. I feel it does constitute an act of war. I feel that any type of an attack on a country by another country can be seen as an act of war. This program is no different than a person going into the country and doing damage then selfs. This program is a solder and a saboteur and a spy for a foreign government. Use of such a program to disable or to destroy something in a country by another country if the same thing as flying a plane over that country and dropping bombs. So yes it does constitute an act of war.

I do think it can be considered an act of war, especially if the incident last year in Natanz is the result of this [if it really did inflict damage in the physical world].But it is vague, just like the drone raids in Pakistan are less of a direct assault.Maybe now Iran realizes how difficult it is to be attacked by an unkown party [like Israel is harassed by terrorist organisations].