Friendly forums for passionate Dems!
More than 91 million posts since 2001
Home Latest Greatest Videos Forums Hide ads Join up!
Home Latest Greatest
Videos Forums Help
Hide ads Join up!
Latest Discussions»Latest Breaking News»Stuxnet, gone rogue, hit ...
Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

Latest Breaking News

Related: General Discussion, Editorials & Other Articles

bananas

(27,509 posts) Tue Nov 12, 2013, 12:57 AM Nov 2013

Stuxnet, gone rogue, hit Russian nuke plant, space station

Last edited Tue Nov 12, 2013, 02:06 AM - Edit history (1)

Source: Times of Israel

A Russian nuclear power plant was reportedly “badly infected” by the rogue Stuxnet virus, the same malware that reportedly disrupted Iran’s nuclear program several years ago. The virus then spread to the International Space Station via a Stuxnet-infected USB stick transported by Russian cosmonauts.

Speaking to journalists in Canberra, Australia, last week, Eugene Kaspersky, head of the anti-virus and cyber protection firm that bears his name, said he had been tipped off about the damage by a friend who works at the Russian plant.

Kaspersky did not say when the attacks took place, but implied that they occurred around the same time the Iranian infection was reported. He also did not comment on the impact of the infections on either the nuclear plant or the space station, but did say that the latter facility had been attacked several times.

The revelation came during a question-and-answer period after a presentation on cyber-security. The point, Kaspersky told reporters at Australia’s National Press Club last week, was that not being connected to the Internet — the public web cannot be accessed at either the nuclear plant or on the ISS — is a guarantee that systems will remain safe. The identity of the entity that released Stuxnet into the “wild” is still unknown (although media speculation insists it was developed by Israel and the United States), but those who think they can control a released virus are mistaken, Kaspersky warned. “What goes around comes around,” Kaspersky said. “Everything you do will boomerang.”

<snip>

Read more: http://www.timesofisrael.com/stuxnet-gone-rogue-hit-russian-nuke-plant-space-station/


Via https://twitter.com/NASAWatch/statuses/400063497783898112
and http://io9.com/stuxnet-has-infected-a-russian-nuclear-plant-and-the-sp-1462375259

InfoView thread info, including edit history TrashPut this thread in your Trash Can (My DU » Trash Can) BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks) 22 replies, 3795 views
ShareGet links to this post and/or share on social media AlertAlert this post for a rule violation PowersThere are no powers you can use on this post EditCannot edit other people's posts ReplyReply to this post EditCannot edit other people's posts Rec (21) ReplyReply to this post
22 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
Stuxnet, gone rogue, hit Russian nuke plant, space station (Original Post) bananas Nov 2013 OP
wonder why the Niceguy1 Nov 2013 #1
Security experts have warned the notorious Stuxnet malware has likely infected numerous power plants bananas Nov 2013 #2
NSA Destroys ISS, yeah theres a PR problem... Katashi_itto Nov 2013 #3
Stuxnet was designed to be rogue. delrem Nov 2013 #4
Message auto-removed Name removed Nov 2013 #5
K&R n/t NealK Nov 2013 #6
Zombie Worms Eat Nuclear Brains Berlum Nov 2013 #7
“Everything you do will boomerang.” MindPilot Nov 2013 #8
This is why you don't engage in this type of warfare Kelvin Mace Nov 2013 #9
Is it ok to hope that the NSA data centers also get this virus? L0oniX Nov 2013 #10
They probably developed it! hollowdweller Nov 2013 #14
I think some skepticism is in order. cheapdate Nov 2013 #11
+100 What you said. Especially if Russia weren't using the Siemens system. nt okaawhatever Nov 2013 #13
Stuxnet only requires Windows to spread. nt cprise Nov 2013 #16
There was widspread discussion about Stuxnet cheapdate Nov 2013 #17
The ISS runs Linux. NT NickB79 Nov 2013 #18
Indeed. cprise Nov 2013 #20
Kaspersky has a big reputation to uphold cprise Nov 2013 #15
Message auto-removed Name removed Nov 2013 #12
No, Stuxnet Did Not Infect the International Space Station NickB79 Nov 2013 #19
Astronauts endorse Linux! bananas Nov 2013 #22
Well, that's embarrassing. /nt Ash_F Nov 2013 #21

bananas

(27,509 posts)
2. Security experts have warned the notorious Stuxnet malware has likely infected numerous power plants
Reply to bananas (Original post)
Tue Nov 12, 2013, 01:07 AM
Nov 2013
http://www.v3.co.uk/v3-uk/news/2306181/stuxnet-uk-and-us-nuclear-plants-at-risk-as-malware-spreads-outside-russia?utm_source=twitterfeed&utm_medium=twitter

Stuxnet: UK and US nuclear plants at risk as malware spreads outside Russia

by Alastair Stevenson
11 Nov 2013

Security experts have warned the notorious Stuxnet malware has likely infected numerous power plants outside of Russia and Iran.

Experts from FireEye and F-Secure told V3 the nature of Stuxnet means it is likely many power plants have fallen victim to the malware, when asked about comments made by security expert Eugene Kaspersky claiming at least one Russian nuclear plant has already been infected.

<snip>

F-Secure security analyst Sean Sullivan told V3 Stuxnet's unpredictable nature means it has likely spread to other facilities outside of the plant mentioned by Kaspersky.

<snip>

Director of security strategy at FireEye, Jason Steer, mirrored Sullivan's sentiment, adding the insecure nature of most critical infrastructure systems would make them an ideal breeding ground for Stuxnet.

<snip>

"Many of these control systems are not connected to the internet, because they are so old and delicate that they cannot withstand any serious probing and examination, and frankly are not designed to connect to the internet as they are so insecure. Getting a vulnerability to a network not connected is not so difficult anymore if it's important enough."

<snip>

"It's highly likely that other plants globally are infected and will continue to be infected as it's in the wild and we will see on a weekly basis businesses trying to figure out how to secure the risk of infected USB flash drives," he said.

<snip>

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

Response to bananas (Original post)

Name removed Message auto-removed

 

MindPilot

(12,693 posts)
8. “Everything you do will boomerang.”
Reply to bananas (Original post)
Tue Nov 12, 2013, 09:49 AM
Nov 2013

That's my new sig.

At my next staff meeting where co-workers are talking about air-gapping for security, I can use this--the widest air-gapping ever!--to point out that it doesn't really work.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post
 

Kelvin Mace

(17,469 posts)
9. This is why you don't engage in this type of warfare
Reply to bananas (Original post)
Tue Nov 12, 2013, 10:49 AM
Nov 2013

Like bioweapons, it WILL come back and infect things you didn't mean for it to infect.

It will be interesting to see if the corporate media covers this in the states.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

cheapdate

(3,811 posts)
11. I think some skepticism is in order.
Reply to bananas (Original post)
Tue Nov 12, 2013, 01:43 PM
Nov 2013

The source of some of these claims seems to be commercial cyber-security companies who stand to gain from publicizing risks -- even overstating or exaggerating the risk.

My understanding of the Stuxnet attack on Iran's centrifuges was that the Stuxnet code was highly specific to the Siemens control system in use at the Iranian centrifuge facility. Programming the virus to cause the process displays and monitors to falsely display normal operating parameters would have required finely detailed knowledge of the specific configuration of the centrifuge facility's control system. The Stuxnet virus was introduced with a USB flash drive and probably required a person on the inside.

The claims in this article contradict my understanding of the Stuxnet virus and contradict what has been discussed elsewhere by professional control system security experts.

I'm skeptical of this. But it's hard to separate information from misinformation.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

cheapdate

(3,811 posts)
17. There was widspread discussion about Stuxnet
Reply to cprise (Reply #16)
Sat Nov 16, 2013, 08:30 PM
Nov 2013

within the process control and automation community. It's been the subject of conferences, papers, standards committees meetings, etc.

This article from Control magazine is typical.

http://www.controlglobal.com/whitepapers/2011/006/

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

cprise

(8,445 posts)
15. Kaspersky has a big reputation to uphold
Reply to cheapdate (Reply #11)
Sat Nov 16, 2013, 07:47 PM
Nov 2013

...his company and as a person. I would tend to believe him and would be more worried that the newspaper is twisting his words, if anything.

He has basically admitted that antivirus scanners are a dead-end approach to security... yet his company's main revenue stream comes from antivirus.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

Response to bananas (Original post)

Name removed Message auto-removed

NickB79

(19,233 posts)
19. No, Stuxnet Did Not Infect the International Space Station
Reply to bananas (Original post)
Sun Nov 17, 2013, 03:03 AM
Nov 2013
http://news.yahoo.com/no-stuxnet-did-not-infect-international-space-station-002152419.html

Kaspersky's sensational-sounding comments, combined with reporters hungry for news about evil hackers and cyberwar, yet not well versed on the background details, meant that many media outlets got what Kaspersky said flat-out wrong.

At least one of them eventually got it right.

"This article originally said the ISS was infected with Stuxnet," said the Atlantic in a correction. "Upon further review of Kaspersky's statements, that's not the case. We're sorry for the confusion."
TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

bananas

(27,509 posts)
22. Astronauts endorse Linux!
Reply to NickB79 (Reply #19)
Sun Nov 17, 2013, 06:33 AM
Nov 2013
Since then, most, if not all, of the laptops used by astronauts aboard the ISS have been switched to the open-source Linux operating system, which many of the ISS' built-in systems already ran. Linux has far fewer malware issues than Windows.



SpaceX rockets also run on linux: http://slashdot.org/story/13/03/24/2050221/spacex-lessons-learned-developing-software-for-space-vehicles


TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post
Reply to this discussion
Latest Discussions»Latest Breaking News»Stuxnet, gone rogue, hit ...
Home | Latest Discussions | Greatest Discussions | Latest Videos | All Forums

About | Copyright | Privacy | Terms of service | Contact

In Memoriam

© 2001 - 2024 Democratic Underground, LLC. Thank you for visiting.