News:

And we're back!

Main Menu

Stuxnet 2.0, Iran under cyber attack!

Started by jimmy olsen, May 28, 2012, 11:09:50 PM

Previous topic - Next topic

Darth Wagtaros

Quote from: DGuller on May 29, 2012, 01:32:11 PM
Quote from: Iormlund on May 29, 2012, 09:58:32 AM
Quote from: Josephus on May 29, 2012, 09:25:35 AM
Iran should really update its anti-virus software.

Would you volunteer, after seeing what happened with the guy in charge of rooting the worm out?
What did happen?
Curt Shilling fucked his shit up good and proper.
PDH!

Admiral Yi

Quote from: Brazen on May 29, 2012, 09:55:48 AM
"If the relatively short history of viruses, worms and Trojans has taught us anything, it is that the more dangerous the cyber beast, the more control the ringmaster must exert to make it do his bidding and not bite the hand that feeds it."

Too much? :unsure:

The rich burgundy hue aside, is that true?

DontSayBanana

Quote from: Admiral Yi on May 29, 2012, 08:40:46 PM
The rich burgundy hue aside, is that true?

Depends on a lot of variables.  If a government's designed a cyberweapon to attack an infrastructure system also used by said government, then yes- extra levels of target verification need to be coded into the weapon to make sure it doesn't accidentally bring down a "friendly" system.
Experience bij!

CountDeMoney

Quote from: DontSayBanana on May 29, 2012, 09:21:42 PM
Depends on a lot of variables.  If a government's designed a cyberweapon to attack an infrastructure system also used by said government, then yes- extra levels of target verification need to be coded into the weapon to make sure it doesn't accidentally bring down a "friendly" system.

In Stuxnet's case, though, it was designed to go after specific Siemens controllers that were connected to specific centifuge hardware systems;  so yeah, if the launching country doesn't have that particular ICS configuration, they don't have to worry about it as much, particularly in a closed system such as Iran's.

What I could see as hampering or redirecting a Flame- or Stuxnet-style attack is if it's launched against a country that, because embargoes, trade blockades, etc., that many of their systems have been jury-rigged, home-grown and customized to the point that a specifically programmed attack would not be nearly as effective as it could be.  Can you imagine going after North Korea's Vic-20 based systems?

QuoteKamran Napelian, an Iranian cyber defence official told The New York Times that the virus "has a special pattern which you only see coming from Israel".

"The virus copies what you enter on your keyboard, it monitors what you see on your computer screen," he told the newspaper.

He said he was not authorised to disclose how much damage Flame had caused, but estimated it had been active for at least six months and had caused a "massive" data loss. He added that Iran had developed software to combat Flame, something the international community has yet to do.

Yeah, OK, Mohammed Zuckerberg.

DontSayBanana

Quote from: CountDeMoney on May 30, 2012, 05:50:02 AM
In Stuxnet's case, though, it was designed to go after specific Siemens controllers that were connected to specific centifuge hardware systems;  so yeah, if the launching country doesn't have that particular ICS configuration, they don't have to worry about it as much, particularly in a closed system such as Iran's.

Agreed; I was actually trying to say that the quote as a blanket given was scaremongering.

Quote
What I could see as hampering or redirecting a Flame- or Stuxnet-style attack is if it's launched against a country that, because embargoes, trade blockades, etc., that many of their systems have been jury-rigged, home-grown and customized to the point that a specifically programmed attack would not be nearly as effective as it could be.  Can you imagine going after North Korea's Vic-20 based systems?

:lol: The best way would probably be to go after the thousands of smuggled Arduinos embedded in the systems. ;)

Quote
QuoteKamran Napelian, an Iranian cyber defence official told The New York Times that the virus "has a special pattern which you only see coming from Israel".

"The virus copies what you enter on your keyboard, it monitors what you see on your computer screen," he told the newspaper.

He said he was not authorised to disclose how much damage Flame had caused, but estimated it had been active for at least six months and had caused a "massive" data loss. He added that Iran had developed software to combat Flame, something the international community has yet to do.

Yeah, OK, Mohammed Zuckerberg.

Did this guy seriously just claim that only Israelis use keyloggers? :wacko:
Experience bij!

Ed Anger

QuoteHe added that Iran had developed software to combat Flame, something the international community has yet to do.

They trained a camel to spit at the infected computer.
Stay Alive...Let the Man Drive

CountDeMoney

Quote from: DontSayBanana on May 30, 2012, 06:32:08 AM
Did this guy seriously just claim that only Israelis use keyloggers? :wacko:

Maybe the clue was how it logged right to left.

DontSayBanana

Quote from: CountDeMoney on May 30, 2012, 06:45:24 AM
Quote from: DontSayBanana on May 30, 2012, 06:32:08 AM
Did this guy seriously just claim that only Israelis use keyloggers? :wacko:

Maybe the clue was how it logged right to left.

More likely they've been "examining the code" with freeware hex editors and keep seeing "LULZ THIS IS TOTALLY ISRAEL" in plain text. ;)
Experience bij!

DGuller

Quote from: CountDeMoney on May 30, 2012, 06:45:24 AM
Quote from: DontSayBanana on May 30, 2012, 06:32:08 AM
Did this guy seriously just claim that only Israelis use keyloggers? :wacko:

Maybe the clue was how it logged right to left.
:lol:

Darth Wagtaros

Quote from: DontSayBanana on May 30, 2012, 06:47:47 AM
Quote from: CountDeMoney on May 30, 2012, 06:45:24 AM
Quote from: DontSayBanana on May 30, 2012, 06:32:08 AM
Did this guy seriously just claim that only Israelis use keyloggers? :wacko:

Maybe the clue was how it logged right to left.

More likely they've been "examining the code" with freeware hex editors and keep seeing "LULZ THIS IS TOTALLY ISRAEL" in plain text. ;)
If you copy and paste the code into Word and then change the font into Wingdings it spellz out the Star of David and 'Israel was Here'.
PDH!

Martinus

Quote from: Ed Anger on May 30, 2012, 06:34:29 AM
QuoteHe added that Iran had developed software to combat Flame, something the international community has yet to do.

They trained a camel to spit at the infected computer.
:lol:

Iormlund

#26
Quote from: CountDeMoney on May 30, 2012, 05:50:02 AM
What I could see as hampering or redirecting a Flame- or Stuxnet-style attack is if it's launched against a country that, because embargoes, trade blockades, etc., that many of their systems have been jury-rigged, home-grown and customized to the point that a specifically programmed attack would not be nearly as effective as it could be.  Can you imagine going after North Korea's Vic-20 based systems?

Pretty much all PLC programs are custom made. And, speaking as someone who has worked with these specific systems for years, we tend to make extensive use of pointers and shift bits around manually (it's similar to writing assembler code).
This means following someone else's code can be tricky. I cannot even fathom how complex an AI you'd need to identify patterns matching this target without a human involved.

Iormlund

Quote from: DGuller on May 29, 2012, 01:32:11 PM
Quote from: Iormlund on May 29, 2012, 09:58:32 AM
Quote from: Josephus on May 29, 2012, 09:25:35 AM
Iran should really update its anti-virus software.

Would you volunteer, after seeing what happened with the guy in charge of rooting the worm out?
What did happen?

Someone attached a bomb to his car window and detonated it.

CountDeMoney

Quote from: Iormlund on May 30, 2012, 08:12:26 AM
Someone attached a bomb to his car window and detonated it.

Looks like the patch failed on that one, lulz :mossad:

Solmyr

Quote from: CountDeMoney on May 30, 2012, 08:16:58 AM
Quote from: Iormlund on May 30, 2012, 08:12:26 AM
Someone attached a bomb to his car window and detonated it.

Looks like the patch failed on that one, lulz :mossad:

WAD