1. Sign up now and join over 35,000 northwest gun owners. It's quick, easy, and 100% free!
  2. We're giving away over $850 in prizes this month -- enter now for your chance to win!
    Dismiss Notice

Computer virus shuts down Iran's nuclear program? Or was it Bond....James Bond.

Discussion in 'Off Topic' started by clearconscience, Dec 3, 2010.

  1. clearconscience

    clearconscience Vancouver, WA Well-Known Member

    Likes Received:
    This is amazing. But scary. Wait until the filthy men in the sandbox get ahold of something like this or just shut down the internet all together.

    Full Story at: FoxNews.com - Mystery Surrounds Cyber Missile That Crippled Iran's Nuclear Weapons Ambitions

    In the 20th century, this would have been a job for James Bond.

    The mission: Infiltrate the highly advanced, securely guarded enemy headquarters where scientists in the clutches of an evil master are secretly building a weapon that can destroy the world. Then render that weapon harmless and escape undetected.

    But in the 21st century, Bond doesn't get the call. Instead, the job is handled by a suave and very sophisticated secret computer worm, a jumble of code called Stuxnet, which in the last year has not only crippled Iran's nuclear program but has caused a major rethinking of computer security around the globe.

    Intelligence agencies, computer security companies and the nuclear industry have been trying to analyze the worm since it was discovered in June by a Belarus-based company that was doing business in Iran. And what they've all found, says Sean McGurk, the Homeland Security Department's acting director of national cyber security and communications integration, is a “game changer.”

    The construction of the worm was so advanced, it was “like the arrival of an F-35 into a World War I battlefield,” says Ralph Langner, the computer expert who was the first to sound the alarm about Stuxnet. Others have called it the first “weaponized” computer virus.

    Simply put, Stuxnet is an incredibly advanced, undetectable computer worm that took years to construct and was designed to jump from computer to computer until it found the specific, protected control system that it aimed to destroy: Iran’s nuclear enrichment program.

    The target was seemingly impenetrable; for security reasons, it lay several stories underground and was not connected to the World Wide Web. And that meant Stuxnet had to act as sort of a computer cruise missile: As it made its passage through a set of unconnected computers, it had to grow and adapt to security measures and other changes until it reached one that could bring it into the nuclear facility.

    When it ultimately found its target, it would have to secretly manipulate it until it was so compromised it ceased normal functions.

    And finally, after the job was done, the worm would have to destroy itself without leaving a trace.

    That is what we are learning happened at Iran's nuclear facilities -- both at Natanz, which houses the centrifuge arrays used for processing uranium into nuclear fuel, and, to a lesser extent, at Bushehr, Iran's nuclear power plant.

    At Natanz, for almost 17 months, Stuxnet quietly worked its way into the system and targeted a specific component -- the frequency converters made by the German equipment manufacturer Siemens that regulated the speed of the spinning centrifuges used to create nuclear fuel. The worm then took control of the speed at which the centrifuges spun, making them turn so fast in a quick burst that they would be damaged but not destroyed. And at the same time, the worm masked that change in speed from being discovered at the centrifuges' control panel.

    At Bushehr, meanwhile, a second secret set of codes, which Langner called “digital warheads,” targeted the Russian-built power plant's massive steam turbine.

    Estimates are that this went on for more than a year, leaving the Iranian program in chaos. And as it did, the worm grew and adapted throughout the system. As new worms entered the system, they would meet and adapt and become increasingly sophisticated.

    This went on until June of last year, when a Belarusan company working on the Iranian power plant in Beshehr discovered it in one of its machines. It quickly put out a notice on a Web network monitored by computer security experts around the world. Ordinarily these experts would immediately begin tracing the worm and dissecting it, looking for clues about its origin and other details.

    But that didn’t happen, because within minutes all the alert sites came under attack and were inoperative for 24 hours.

    “I had to use e-mail to send notices but I couldn’t reach everyone. Whoever made the worm had a full day to eliminate all traces of the worm that might lead us them,” Eric Byres, a computer security expert who has examined the Stuxnet. “No hacker could have done that.”

    Experts, including inspectors from the International Atomic Energy Agency, say that, despite Iran's claims to the contrary, the worm was successful in its goal: causing confusion among Iran’s nuclear engineers and disabling their nuclear program.

    Because of the secrecy surrounding the Iranian program, no one can be certain of the full extent of the damage. But sources inside Iran and elsewhere say that the Iranian centrifuge program has been operating far below its capacity and that the uranium enrichment program had “stagnated” during the time the worm penetrated the underground facility. Only 4,000 of the 9,000 centrifuges Iran was known to have were put into use. Some suspect that is because of the critical need to replace ones that were damaged.

    And the limited number of those in use dwindled to an estimated 3,700 as problems engulfed their operation. IAEA inspectors say the sabotage better explains the slowness of the program, which they had earlier attributed to poor equipment manufacturing and management problems. As Iranians struggled with the setbacks, they began searching for signs of sabotage. From inside Iran there have been unconfirmed reports that the head of the plant was fired shortly after the worm wended its way into the system and began creating technical problems, and that some scientists who were suspected of espionage disappeared or were executed. And counter intelligence agents began monitoring all communications between scientists at the site, creating a climate of fear and paranoia.

    Iran has adamantly stated that its nuclear program has not been hit by the bug. But in doing so it has backhandedly confirmed that its nuclear facilities were compromised. When Hamid Alipour, head of the nation’s Information Technology Company, announced in September that 30,000 Iranian computers had been hit by the worm but the nuclear facilities were safe, he added that among those hit were the personal computers of the scientists at the nuclear facilities. Experts say that Natanz and Bushehr could not have escaped the worm if it was in their engineers’ computers.

    “We brought it into our lab to study it and even with precautions it spread everywhere at incredible speed,” Byres said.

    “The worm was designed not to destroy the plants but to make them ineffective. By changing the rotation speeds, the bearings quickly wear out and the equipment has to be replaced and repaired. The speed changes also impact the quality of the uranium processed in the centrifuges creating technical problems that make the plant ineffective,” he explained.

    In other words the worm was designed to allow the Iranian program to continue but never succeed, and never to know why.

    One additional impact that can be attributed to the worm, according to David Albright of the Institute for Science and International Studies, is that “the lives of the scientists working in the facility have become a living **** because of counter-intelligence agents brought into the plant” to battle the breach. Ironically, even after its discovery, the worm has succeeded in slowing down Iran's reputed effort to build an atomic weapon. And Langer says that the efforts by the Iranians to cleanse Stuxnet from their system “will probably take another year to complete,” and during that time the plant will not be able to function anywhere normally.

    But as the extent of the worm’s capabilities is being understood, its genius and complexity has created another perplexing question: Who did it?

    Byers is more certain. “It is a military weapon,” he said.

    And much of what the worm “knew” could only have come from a consortium of Western intelligence agencies, experts who have examined the code now believe.

    Originally, all eyes turned toward Israel’s intelligence agencies. Engineers examining the worm found “clues” that hinted at Israel’s involvement. In one case they found the word “Myrtus” embedded in the code and argued that it was a reference to Esther, the biblical figure who saved the ancient Jewish state from the Persians. But computer experts say "Myrtus" is more likely a common reference to “My RTUS,” or remote terminal units.

    Langer argues that no single Western intelligence agency had the skills to pull this off alone. The most likely answer, he says, is that a consortium of intelligence agencies worked together to build the cyber bomb. And he says the most likely confederates are the United States, because it has the technical skills to make the virus, Germany, because reverse-engineering Siemen’s product would have taken years without it, and Russia, because of its familiarity with both the Iranian nuclear plant and Siemen’s systems.

    There is one clue that was left in the code that may tell us all we need to know.

    Embedded in different section of the code is another common computer language reference, but this one is misspelled. Instead of saying “DEADFOOT,” a term stolen from pilots meaning a failed engine, this one reads “DEADFOO7.”

    Yes, OO7 has returned -- as a computer worm.

    Stuxnet. Shaken, not stirred.
  2. MarkSBG

    MarkSBG Beaverton Oregon Well-Known Member

    Likes Received:

  3. Trlsmn

    Trlsmn In Utero (Portland) Well-Known Member

    Likes Received:
    Skynet became self aware at 2:14 am Eastern Time on.....
  4. KomradRazvan

    KomradRazvan Portland and Salem Oregon New Member

    Likes Received:
    we may disagree on a lot, but i was thinking of this exact same line while reading this article. Great minds think alike. So in spirit with this, i went ahead and put something together. lol.

  5. jordanvraptor

    jordanvraptor Oregon City, Oregon Well-Known Member

    Likes Received:
    WIll Jake Gyllenhaal play Mahmoud Ahmadinejad if there is a movie? Or is he just an Iranian dictator's illegitimate son?


  6. KomradRazvan

    KomradRazvan Portland and Salem Oregon New Member

    Likes Received:
    Well he played the Prince of Persia, now i guess he can play the Prick of Persia. LOL.