StuxNet: Implications?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Just read http://tinyurl.com/2v5cdn8 .

Can anybody explain why something like this wouldn't present a
significant hazard to the perpetrator as well as to the target?

Sounds a little like one of the hazards inherent in battlefield
chemical/biological warfare: you fire off the weapons, they
explode over the enemy... then the wind changes...
--
PeteCresswell

Re: StuxNet: Implications?


| Just read http://tinyurl.com/2v5cdn8 .

| Can anybody explain why something like this wouldn't present a
| significant hazard to the perpetrator as well as to the target?

| Sounds a little like one of the hazards inherent in battlefield
| chemical/biological warfare: you fire off the weapons, they
| explode over the enemy... then the wind changes...

It has been a "cyber missile" and it does indeed and severe implications.

Unlike real "chemical" weapons which can directly affect both foe and friends
(aka;
fratricide).  Stuxnet is a targeted weapon.  It uses C&C and thus will only
initiate its
payload when told to on the targeted system using the Siemens chip-set it was
programmed
for.

However it can have untold collateral damages.
For example;
A coolant pump is told to shutdown on a nuclear reactor and the reactor core
goes super
critical in a Chernobyl type of event.


--
Dave
New, Multi-AV v7.03
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp



Re: StuxNet: Implications?

Per David H. Lipman:
Quoted text here. Click to load it

I was thinking in terms of people using it as a model to create
similar viruses.

Reading a little (for once...) I get the impression that one
saving grace is the necessity of obtaining something called a
"Private Key" for the control devices targeted - apparently
something that requires collusion with somebody in the company
that makes said devices.
--
PeteCresswell

Re: StuxNet: Implications?

Quoted text here. Click to load it

What in particular are you referring to?

The worm? - Yes, using self-replicating code to distribute malware is
always risky, but much less back-trackable.

The payload?

Actually, I would think that the target area can be reduced or fine
tuned before any trigger event is established.

Quoted text here. Click to load it

Yeah, kinda like the blowback effect. :o)

Having a workable rootkit for such controllers is scary enough. As is
usually the case, having a worm carry and install it, quickly makes it a
known thing. Making the release of the worm a form of disclosure.

That's another way it can be considered blowback.




Site Timeline