Wednesday, November 17, 2010

Cyber Warfare Reaches From The Net Into The Real World "Stuxnet cyber attack is as good as using explosives" On Iranian Nuclear Facilities

"Researchers from California and Germany dove into the Stuxnet code and found it sought out specialized components used in Iran nuclear centrifuges – and could cause them to explode."

"Stuxnet, the world's first known “cyber missile,” was designed to sabotage special power supplies used almost exclusively in nuclear fuel-refining centrifuge systems, researchers studying its code have revealed. The discovery is another puzzle piece experts say points to Iran's nuclear centrifuge plants as the likely target."

"It now appears that a smoking gun within Stuxnet's software code targets power supplies almost certainly used inside any Iranian nuclear fuel refining plant, researchers say. Working separately, researchers at California computer security firm Symantec arrived at the same conclusion as researchers in Germany late last week: Nuclear-fuel centrifuges were the target.

The researchers followed a complex trail. After cleverly gaining access to computer systems using an array of devious "exploits," Stuxnet searches for and infects only a specific Siemens-made programmable logic controller (PLC) performing specific functions, the researchers found. Then – and this is the part just unearthed – it hunts for identification numbers unique to a special kind of "frequency converter drive" made by just two firms in the world: one headquartered in Finland, the other in Tehran.

Frequency converter drives are a kind of power supply that can change the frequency of its output to control the speed of a motor. The drive responds to a PLC's computer commands and is used for industrial control in factory settings worldwide. Stuxnet hunts for specific drives set at specific speeds – the very high speeds a centrifuge must achieve to physically separate and concentrate uranium isotopes for use as nuclear fuel. Such fuel can then be used in a reactor or, if refined to far higher concentrations, a nuclear weapon.

Symantec researchers were aided by a Dutch industrial control systems expert who revealed the connection with Tehran and Finland firms. It turns out that the special drives Stuxnet targets are built to operate "at very high speeds ... speeds used only in a limited number of applications," Symantec stated in a report update Nov. 12. Such drives are "regulated for export in the US by the Nuclear Regulatory Commission," because one of their main uses is for uranium enrichment, it noted."

"Once Stuxnet has locked its sights on the target, it alternately brings the centrifuge process to either a grinding slowdown or an explosive surge – by sabotaging the centrifuge refining process. It tells the commandeered PLC to force the frequency converter drive to do something it's not ever supposed to do: Switch back and forth from high speed to low speed at intervals punctuated by long period of normal operation. It also occasionally pushes the centrifuge to far exceed its maximum speed."

"Stuxnet "sabotages the system by slowing down or speeding up the motor to different rates at different times," including sending it up to 1410 Hz, well beyond its intended maximum speed. Such wide swings would probably destroy the centrifuge – or at least wreck its ability to produce refined uranium fuel, others researchers say.

"One reasonable goal for the attack could be to destroy the centrifuge rotor by vibration, which causes the centrifuge to explode" as well as simply degrading the output subtly over time, Ralph Langner, the German researcher who first revealed Stuxnet's function as a weapon in mid-September, wrote on his blog last week.

All of the circumstantial evidence points in the same direction: Natanz. "

Christian Science Monitor - How Stuxnet cyber weapon targeted Iran nuclear plant

(again, Dear Readers, click through onto the story that I have heavily excerpted and give CSM some ad views, please. The whole article is really interesting, too)


If you haven't read my previous post linking to a Wired story on the change in tactical warfare thought that occurred because of the burning of Atlanta, you should read the story: Nov. 15, 1864: Sherman’s March to the Sea Changes Tactical Warfare

As the Wired article says:

"Sherman was vilified for his barbarism, but the Union commander was a realist, not a romantic. He understood — as few of his contemporaries seemed to — that technology and industrialization were radically changing the nature of warfare.

It was no longer a question of independent armies meeting on remote battlefields to settle the issue. Civilians, who helped produce the means for waging modern war, would no longer be considered innocent noncombatants. Hitting the enemy where he ate and breaking him psychologically were just as important to victory as vanquishing his armies in the field.

Sherman grasped this and, though he wasn’t the first military proponent of total war, he was the first modern commander to deliberately strike at the enemy’s infrastructure. The scorched-earth tactics were effective. The fragile Southern economy collapsed, and a once-stout rebel army was irretrievably broken.

Meanwhile, the marshals of Europe watched Sherman’s progress with fascination. And they learned. "

The whole world is learning from Stuxnet.

Stuxnet is more significant in military terms as the development of the Blitzkrieg, or even probably more significant as the development of mobile armoured artillery (tanks), or military aircraft - it is a paradigm shift. Totally and completely. I won't say it is as significant as the development of the nuclear bomb - but i was going to. Atomic weapons naturally win the significance battle because all life on the planet could be wiped out.

Stuxnet is significant because it allows warfare to be waged secretly. Without major powers having to admit they are taking action.

It also gives large organisations of any kind (think private corporations [think blackwater/Xe]) the ability to wage war.

And it certainly gives groups of individuals the model to create their own cyber weapons. We have nuclear plants too...

And India, China, and Pakistan all have large numbers of awesome programmers - some of whom might be feeling less than charitable toward the United States and its allies (like Canada - of the recent extended Afghanistan mission).

You do the math. Someone else most certainly already is.

Perhaps it's time to stock up on survivalist gear. Freeze dried peas in large cans anyone? Good thing I know some Mormons - they are suppose to always have a year's worth of food and gear in case some cleansing happens:

"“Should the Lord decide at this time to cleanse the Church—and the need for that cleansing seems to be increasing—a famine in this land of one year’s duration could wipe out a large percentage of slothful members, including some ward and stake officers. Yet we cannot say we have not been warned.”"

"I believe that every prophet over the last 60 years has talked about having the Church members get a bare minimum of at least a one year’s supply of basic food items. Though it is not addressed directly in every conference, it is published in a tremendous amount of Church literature, pamphlets, Church handbook of instructions, monthly messages for home teachers and visiting teachers, instruction manuals, etc."

Here's a link to a "Latter Day Saints" compliant list of survival crap (meant in a positive manner) we'll all need (.pdf)

Here's some great stuff courtesy of Wired Mag.


Picture Credit: Hasan Sarbakhshian / AP Photo - Exploring Iran's Secret Nuclear Plant (link and photo ripped off via Google images and the Daily Beast...)

1 comment: