Tag: stuxnet

Super-Malware Flame was Developed by US & Israel, Who Used It To Launch Stuxnet

By Veronique Greenwood | June 21, 2012 11:28 am

Ever since Flame, a gigantic piece of malware that lifts data from infected computers, was uncovered by security researchers three weeks ago, people have been wondering who could have built such a thing. Its powers, and the fact that it had apparently been operating in secret for years, shocked experts, who called it “one of the most complex threats ever discovered.”

More revelations followed: World-class mathematicians had worked on it, doing new science to develop its attacks. At first it was thought that Flame had nothing in common with Stuxnet, the US and Israeli-built virus that targeted Iran’s nuclear program and has become synonymous with the new age of cyberwarfare. Closer analysis, however, revealed that an early module of Flame had identified and exploited a then-unknown weakness in Microsoft Windows. The same capability showed up later in Stuxnet. The two pieces of malware had apparently communicated at least once, with Flame, which primarily gathers information, passing data to Stuxnet, which used that data to inflict damage.

Read More

CATEGORIZED UNDER: Technology

New “Flame” Malware is One of the Most Complex Cyber Weapons Yet

By Veronique Greenwood | May 29, 2012 1:16 pm

A massive piece of malware, nicknamed “Flame” by security researchers at Kaspersky Lab, has been discovered attacking computers in Iran and the rest of the Middle East. The scale and sophistication of the malware suggests that it was commissioned by a nation-state, perhaps by the same parties that built StuxNet, which destroyed Iranian uranium centrifuges several years ago, and Duqu, a related Trojan that culled information from infected computers.

Flame doesn’t share any code with StuxNet or Duqu. But it is much larger—Duqu, for instance, was just 500 kilobytes, while Flame is 20 megabytes—and it impressed the Kaspersky researchers with its array of functions, which make it a kind of giant Swiss Army knife of malware.

Read More

CATEGORIZED UNDER: Technology

Thousands of Infrastructure Computer Systems are Online, Unprotected

By Veronique Greenwood | January 26, 2012 4:04 pm

spacing is important

We’ve written before about hapless business owners practically handing hackers customers’ information by failing to observe basic computer security (Subway, we’re looking at you). But this is a security fail on a whole different level. A researcher has just revealed that about ten thousand systems controlling water plants, sewage plants, and other infrastructure are online, mostly unprotected and findable with a simple search.

Read More

CATEGORIZED UNDER: Technology

New, From the Makers of Stuxnet: The Duqu Virus

By Veronique Greenwood | October 19, 2011 11:55 am

virus

On October 14, security company Symantec got word from a research lab that they’d discovered a piece of malware that looked a lot like Stuxnet, the sophisticated computer virus that made headlines last year after its anonymous designers used it to attack Iran’s nuclear program. This new malware, called Duqu by the researchers who discovered it, shares much of Stuxnet’s code, suggesting that it came from the same people who built the first virus, or at least people who had access to the source code. Read More

CATEGORIZED UNDER: Technology

US Drone Fighters Have Been Infected by a Computer Virus of Unknown Origin

By Veronique Greenwood | October 10, 2011 12:58 pm

reaper
Unmanned drones like this Predator are now central to US warfare—but they are also vulnerable to cyberattacks.

What’s the News: A computer virus that records the keystrokes of US military operators has infected two classes of American military drones. “We keep wiping it off, and it keeps coming back,” a military source told Wired’s Danger Room, which broke the story. “We think it’s benign. But we just don’t know.”

Read More

CATEGORIZED UNDER: Technology, Top Posts

The Pentagon Now Considers Cyber Attacks Acts of War

By Veronique Greenwood | June 1, 2011 11:50 am

pentagon

What’s the News: Cyber attacks undertaken by another nation can be considered an act of war, according to a new Pentagon policy to be released in the next month. If you mess with the US online, the Pentagon has decided, it may retaliate offline, in the form of bombs, missiles, and other very real attacks. One military official sums it up thusly to the Wall Street Journal, which broke the story: “If you shut down our power grid, maybe we will put a missile down one of your smokestacks.” How exactly this stance will be put into practice, though, isn’t clear.

Read More

CATEGORIZED UNDER: Technology

How the Stuxnet Worm Formed Its Attacks—and Who Might Have It Now

By Andrew Moseman | February 15, 2011 1:57 pm

Stuxnet seems to become scarier every time you hear about it. The sophisticated piece of malware came to the world’s attention in September; shortly thereafter we heard that it was perfectly designed to attack nuclear centrifuges, and in fact had disrupted some nuclear research in Iran. Now comes more news about how it works, and who might be using it next.

The security group Symantec has been trying to analyze and understand the waves of Stuxnet attacks against Iran, and now its researchers have found the base of the attacks, according to Symantec’s Orla Cox.

The new research, which analysed 12,000 infections collected by various anti-virus firms, shows that the worm targeted five “industrial processing” organisations in Iran. “These were the seeds of all other infections,” said Ms Cox. The firm was able to identify the targets because Stuxnet collected information about each computer it infected, including its name, location and a time stamp of when it was compromised. [BBC News]

Though Symantec isn’t naming the five targets in Iran, another security expert studying Stuxnet’s code, Ralph Langner, told CNET the likely target of the whole attack was the Natanz nuclear enrichment plant.

Read More

CATEGORIZED UNDER: Technology

Iran's Nuclear Program: Scientists Attacked, Documents Wiki-Leaked

By Andrew Moseman | November 30, 2010 5:50 pm

Nuclear IranBetween murders and leaked documents, there’s disarray and intrigue all around Iran’s burgeoning nuclear program.

Yesterday, two prominent nuclear scientists in Iran were attacked in car bombings.

According to [Iranian new service] Fars, scientists Majid Shahriari and Fereydoun Abbasi were parking their cars in separate locations near the university campus about 7:45 a.m. local time when they were attacked.Witnesses said each car was approached by a group of men on motorcycles, who attached explosives to the vehicles and detonated them seconds later, the news agency reported. Shahriari was killed instantly. Abbasi was wounded. Both men were with their wives, who were also wounded. [Washington Post]

Unsurprisingly, Iranian President Mahmoud Ahmadinejad quickly pointed the finger of blame at the West and Israel. Both of the targeted scientists are reportedly connected to the Iranian nuclear program, which the government maintains is for the purpose of energy, but the United States and other nations oppose out of fear of an Iranian bomb.

Abbasi-Davani, whose handful of publications on neutron physics are mainly in Iranian journals, is a key figure in Iran’s nuclear programme. He is reported to be a scientist at the country’s defence ministry, and a member of Iran’s revolutionary guards since the 1979 Islamic Revolution. He was also named as being among “Persons involved in nuclear or ballistic missile activities” in the 2007 UN Security Council Resolution 1747, which imposed sanctions on Iran over its refusal to stop enrichment of uranium. [Nature]

Read More

CATEGORIZED UNDER: Physics & Math, Technology

Internet Intrigue: China Reroutes the Web, Stuxnet Is Even Scarier

By Andrew Moseman | November 19, 2010 10:50 am

computerhackIt was late September when the world got wind of Stuxnet, the complex piece of malware that appeared to specifically target Iranian nuclear sites. Now, analysis of Stuxnet suggests it was almost perfectly designed to corrupt nuclear centrifuges, according to David Albright of the Institute for Science and International Security.

On Wednesday, Mr. Albright and a colleague, Andrea Stricker, released a report saying that when the worm ramped up the frequency of the electrical current supplying the centrifuges, they would spin faster and faster. The worm eventually makes the current hit 1,410 Hertz, or cycles per second — just enough, they reported, to send the centrifuges flying apart. In a spooky flourish, Mr. Albright said in the interview, the worm ends the attack with a command to restore the current to the perfect operating frequency for the centrifuges — which, by that time, would presumably be destroyed. [The New York Times]

Computer experts don’t know Stuxnet’s origin for sure, though the Times’ story drops a few cryptic hints of Israeli involvement. And further study of the attack shows that although Stuxnet appears calibrated to disrupt centrifuges, it could be easily adapted to seize the reins of other systems.

The widespread interconnection of corporate networks and use of SCADA systems [supervisory control and data acquisition] means that industrial infrastructure is increasingly vulnerable to software attack. Such control systems are used in virtually every industry—food production, vehicle assembly, chemical manufacturing—and are commonly exposed to insecure networks. This leaves them vulnerable to tampering, such as with Stuxnet, as well as intellectual property theft. [Ars Technica]

Read More

CATEGORIZED UNDER: Technology

Super-Sophisticated Computer Virus Apparently Targeted Iran's Power Plants

By Jennifer Welsh | September 27, 2010 6:58 pm

hackerA virus has been popping up in industrial plants and personal computers worldwide, and is now posing a looming threat over Iran, where more than 60 percent of the computers infected with the virus are located.

Some experts believe that virus, first discovered in June, was developed by high-level government programmers (possibly from the US, Israel, or Germany), and is directed toward a specific target, most likely Iran’s Bushehr nuclear power plant. It is believed to have been around for over a year.

The virus was written to exploit five security vulnerabilities (four of which were previously unknown, and only two of which have been patched) in a piece of software used in many different industrial systems. The virus is inserted into the system using a thumbdrive, then spreads from computer to computer.

The malware was so skillfully designed that computer security specialists who have examined it were almost certain it had been created by a government and is a prime example of clandestine digital warfare. While there have been suspicions of other government uses of computer worms and viruses, Stuxnet is the first to go after industrial systems. [The New York Times]

Read More

CATEGORIZED UNDER: Technology
NEW ON DISCOVER
OPEN
CITIZEN SCIENCE
ADVERTISEMENT

Discover's Newsletter

Sign up to get the latest science news delivered weekly right to your inbox!

80beats

80beats is DISCOVER's news aggregator, weaving together the choicest tidbits from the best articles covering the day's most compelling topics.
ADVERTISEMENT

See More

ADVERTISEMENT
Collapse bottom bar
+

Login to your Account

X
E-mail address:
Password:
Remember me
Forgot your password?
No problem. Click here to have it e-mailed to you.

Not Registered Yet?

Register now for FREE. Registration only takes a few minutes to complete. Register now »