Stuxnet, just another Malware or Targeted Cyberweapon?

For those who follow Cyber Arms regularly, you have noticed that there was not a Cyber Arms Intelligence report this week. With Stuxnet being the major news story by far and with so many different main stream news channels covering it, it just seemed to be redundant.

I still personally believe that Israel is behind Stuxnet. Not that I am against Israel in any way. But, they do have the technology, know how, and the intent. I remember near the end of last year, that Israel announced that they would strike Iran before January 2010 if negotiations and sanctions against Iran failed. Last I checked, negotiations have not worked and Iran has been laughing at the sanctions.

Israel is known for taking the best and brightest of their college youth and placing them into government security type positions. Israel’s signal intelligence and code decryption Unit 8200 is formed this way. This is the same unit that also gave Israel’s hackers a choice in the 1990’s, sign up or face prison time.

A nuclear armed Iran is a very serious threat to Israel. For us here in the US, it is a big concern if Iran gets nuclear weapons, but to Israel it is a life or death issue. Israel is such a small nation, about the size of New Jersey, and is surrounded on every side by nations that hate her or want her destroyed. If Iran did not attack Israel directly with nuclear weapons, Iran most likely would sell nuclear material to any number of terrorists groups.

Israel attacked nuclear reactors that were being built in Syria and Iraq. No way would they sit idly by and allow Iran to complete the Bushehr plant. Also, with Russia helping Iran build the plant and up until recently, possibly providing them with state of the art anti-aircraft missiles, the possibility of an air strike was dwindling. So, how do you take out a nuclear plant, without bombing it from the air?

Stuxnet seems to be the perfect weapon for the job, a USB drive malware that attacks SCADA systems, uploads its configuration data and can even reprogram the equipment. Then it can hide itself with a root kit to prevent detection. 

Did I mention that one of the world’s largest USB drive manufacturers was founded and is run by an Israeli engineer? No correlation I am sure.

The command and control server for Stuxnet has been taken down, as far as we know. But even experts do not know if removing the malware will completely eradicate the effects. Control equipment company Siemens was afraid that even with the virus removed, it may have already altered parts of the Siemens programming language and recommended that infected users restore from a known good backup.

So Iran may have a nuclear plant, but will it ever be safe to turn it on?

~ by D. Dieterle on October 1, 2010.

4 Responses to “Stuxnet, just another Malware or Targeted Cyberweapon?”

  1. Interesting indeed, and now I see today a statement from the CHICOMS that MILLIONS of their PC’s have been infected with StuxNet…

    I’m thinking ISrael as well, although it almost seems to obvious.But, remember this summer when the Russians said they were starting the Iranian plant early? And for a whole week everyone was waiting for and Israeli strike because they kept saying, “IF Israel doesn’t stop them by date “X” the plant goes online and you can’t blow it up because of spreading radiation…”

    I can’t remember the exact date off the top of my head, but I know it was towards the end of August, right around the same time StuxNet was being discovered in Iran…

    Assuming that this was the Israeli strike, it’s kind of fun to watch the virus backtrack into the Chinese systems as well. Wonder how a USB virus that infects a top secret highly secured Iranian nuke plant ends up infected PC’s in China……

  2. Excellent points Philo. Maybe Israel had them made in China! Goodness knows that China makes everything now. Israeli agents find out what shipment is going to Iran, and poison the lot at the source.

    Some of the lot ends up in other places, but Iran gets the majority of the shipment. It makes Israel look less like the source, and makes other people think it was from a nation state.

    Viola! 🙂

    If anyone wants to know more about Unit 8200 and the technology startups that came from it, (ever hear of CheckPoint Software?) you may want to take a look at Stacy Perman’s excellent book, “Spies, Inc.: Business Innovation from Israel’s Masters of Espionage”.

  3. Oh, this is getting to be fun isn’t it? Check this one out:

    http://antivirus.about.com/b/2010/10/02/debunking-the-bunk-of-stuxnet.htm

    You could make a cyber version of “Clue” with all this. “Who killed the Iranian nuke program with the infected USB drive?”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: