Posted on 09/30/2010 8:59:08 AM PDT by Reaganite Republican
A most unwelcome visitor...
Brietbart reported that a computer virus dubbed the world's "first cyber superweapon" by experts and which may have been designed to attack Iran's nuclear facilities has found a new target... that being China.
The Stuxnet computer worm has wreaked havoc in China, infecting millions of computers around the country, state media reported this week. Stuxnet is feared by experts around the globe as it can break into computers that control machinery at the heart of industry, allowing an attacker to assume control of critical systems like pumps, motors, alarms and valves. It could, technically, make factory boilers explode, destroy gas pipelines or even cause a nuclear plant to malfunction.
The virus targets control systems made by German industrial giant Siemens commonly used to manage water supplies, oil rigs, power plants and other industrial facilities. "This malware is specially designed to sabotage plants and damage industrial systems, instead of stealing personal data," an engineer surnamed Wang at antivirus service provider Rising International Software told the Global Times. "Once Stuxnet successfully penetrates factory computers in China, those industries may collapse, which would damage China's national security," he added.
Another unnamed expert at Rising International said the attacks had so far infected more than six million individual accounts and nearly 1,000 corporate accounts around the country, the official Xinhua news agency reported.
The Stuxnet computer worm -- a piece of malicious software (malware) which copies itself and sends itself on to other computers in a network -- was first publicly identified in June. It was found lurking on Siemens systems in India, Indonesia, Pakistan and elsewhere, but the heaviest infiltration appears to be in Iran, according to software security researchers.
__________________________________________________
Rumored origin of course is an Israeli-CIA collaboration of some sort. DebkaFile reported that Israel has had special elite units carrying out such assignments for some time. Three years ago, for instance, cyber raiders played a role in the destruction of the plutonium reactor North Korea was building at A-Zur in northern Syria. Now reportedly 3000 centrifuges are down at Nanantz... and these 7th-century savages had no idea what hit them... but they've started to figure it out
Israel is probably more than 10 years ahead of the Iranians in this field, and I doubt this is the last of it- not by a long shot. Cyberwarfare presents a battlefield of Israel's choosing: it's fairly deniable, and far preferable a country smaller than Lake Michigan taking on Syria, Iran, Hezbollah, and Hamas all at once... and with tepid US support.
More at Reaganite Republican
If an infection spreads from a known source point - in this case Iran - and the first reported spread is at another point - in this case China - one must wonder about the connections between Iran and China.
Seems to me, anyway.
This is not good. Could the Iranians have infected the Chinese in order to force the US/Israeliis to release the solution?
This reminds me of the Star Trek TOS episode where they were messin’ with genetics to make a superman. The new people were completely impervious to disease because their immune system was REALLY proactive.
That is, it left their body as a virus itself and killed everything, including other people, around them.
Either this thing is still doing its job (wink, wink) or it may have gotten out of control.
Good point. Kinda like that stuff they inject into your blood to watch how it flows.
This sure isn’t getting much airplay.
I’d like to be hootin and hollerin but for all that machinery in the GOM...
I’m in the industry and Siemens is a major competitor of ours. The only reason I can think that it is designed to hit their systems is they are automating Iran and China. We are automating two nuke plants in China but so far our stuff is untouched.
These systems that drive plants are NOT on the ‘net. The only way to infect them is on-site. If they had our secure solution they’d be okay.
We’ve been analyzing W32.Stuxnet, which is a threat that uses a legitimate digital certificate from a major third party and takes advantage of a previously unknown bug in Windows; ultimately, it searches for SCADA systems and design documents. The findings of our analysis are being documented in a series of blog articles.
Stuxnet contacts two remote servers for command and control, and until last week those domains were pointing to a server hosted in Malaysia. Once we identified those domains, we redirected traffic away from the C&C servers thereby preventing them from controlling the infected machines and retrieving stolen information.
Within the past 72 hours we’ve seen close to 14,000 unique IP addresses infected with W32.Stuxnet attempt to contact the C&C server. Here is a breakdown per country of the approximately 14,000 IP addresses obtained during the past 72 hours:
http://www.symantec.com/connect/blogs/w32stuxnet-network-information
IMHO, it's more likely it piggy backed onto some serrupticious equipment transfer between China and Iran.
Confucius say: Never bring fortune cookie to malware fight.
Sounds like a very cost-efficient weapon...probably some global-dominance group.
Sounds like this malware is capable of messing with Siemens trains too.
I haven’t seen details - are these Windows-only networks that are infected?
uh-oh!
I still think 4chan did it.
Confucius also say: Listen to Wang with caution.
These are wise words, Grasshopper!
Could be the Israelis are taking out all their enemies and potential enemies now. Look to Russia. Look to the Kenyan’s America. Then again, the article says that many Chinese systems are infected but does not say that any damage has been done. If it is a specifically targeted worm that self propagates then it will go everywhere but will only eat the food that is in its programmed diet.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.