• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

stuxnet is the beginning of what?

Status
Not open for further replies.
B

bwanaaa

Senior member
what will be the next manifestation of cyberwar? will the people who made stuxnet now make something that can infest every nuke to render it non-operational? will they make the world safer by disabling weapons of mass destruction?

or will a terrorist mod the stuxnet code so that it is less discriminating-unleashing a SCADA system killer onto the net? How many vital utilities do you think would fail if their computerized control systems crashed?

why do we make such weapons that allow so few to have such a destructive force over so many?
 
We're all gonna die! NOT!

Get a grip. It's a worm spread by a thumb drive and obviously designed for high level espionage. The US has so many cyber vulnerabilities its not funny and this one is probably the last one on their to-do list since it was first discovered in Iran.
 
wuliheron said:
We're all gonna die! NOT!

Get a grip. It's a worm spread by a thumb drive and obviously designed for high level espionage. The US has so many cyber vulnerabilities its not funny and this one is probably the last one on their to-do list since it was first discovered in Iran.
Click to expand...

from what i've read, it was designed by the US, tested in Israel and deployed in Iran with servers in Norway that it could connect to through IRC. Since the code is 'battle tested' it is known to work. Specifics within the code limited it to the iranian installation-for example it only executed if it found a specific kind of control system, a specific number of them, etc. This kind of 'fingerprint' allowed stuxnet to be precise and avoid collateral damage.The code itself has probably infested thousands of pcs in iran and just lay dormant. An coder could simply delete some of those safeguards (disassemble the binary, insert NOP commands, etc). Taking that bastardized code to the world might be as simple as taking a usb drive on a trip around the world....
 
You're not talking about some kid in his basement hacking online. Even James Bond couldn't carry that thing around the world plugging it into every secure network by himself. Just getting near all those computers without getting caught would take an effort only an organization like the NSA could pull off.
 
The point is stuxnet was designed to attack the weakness of seamans known software in controllers of centrifuges and water pumps.

So without knowing the precise hard ware and software used in the say an ICBM, its impossible to design a stuxnet type of defense for another type of device.
 
34 new vulns for SCADA systems were just published online by a security researcher.

http://www.wired.com/threatlevel/2011/03/scada-vulnerabilities/

Although you' think that the monitoring systems affected cant really cause much damage, misinforming the operators as to vital parameters can be just as dangerous as affecting the backend systems themselves.

You remember seeing that "Die Hard" movie where the terrorist tweaks the gps landing system at an airport. The planes just crashed into the runway before they had a chance to lower their landing gear. Same idea, this Auriemma fellow could just change the dials so that the operators think the output voltage of a generator is low, or the operating pressure of a pump is low. Next thing you know, the operator 'fixes' the problem and boom.

I wouldn't be surprised if somebody "disappeared" him...
 
Status
Not open for further replies.

TRENDING THREADS

Back
Top