Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Russian experts flee Iran, escape dragnet for cyber worm smugglers
DEBKAfile ^

Posted on 10/03/2010 8:34:55 PM PDT by Pride_of_the_Bluegrass

debkafile's intelligence sources report from Iran that dozens of Russian nuclear engineers, technicians and contractors are hurriedly departing Iran for home since local intelligence authorities began rounding up their compatriots as suspects of planting the Stuxnet malworm into their nuclear program. Among them are the Russian personnel who built Iran's first nuclear reactor at Bushehr which Tehran admits has been damaged by the virus. One of the Russian nuclear staffers, questioned in Moscow Sunday, Oct. 3 by Western sources, confirmed that many of his Russian colleagues had decided to leave with their families after team members were detained for questioning at the beginning of last week. He refused to give his name because he and his colleagues intend to return to Iran if the trouble blows over and the detainees are quickly released after questioning.

(Excerpt) Read more at debka.com ...


TOPICS: Foreign Affairs; Front Page News; News/Current Events; War on Terror
KEYWORDS: axisofaholes; cyberwar; debka; debkafile; fsb; iran; moonlightmaze; russia; stuxnet; tech; virus; waronterror; worm; wot

1 posted on 10/03/2010 8:35:01 PM PDT by Pride_of_the_Bluegrass
[ Post Reply | Private Reply | View Replies]

To: Pride_of_the_Bluegrass

Run Russkis Run!!! LOL!


2 posted on 10/03/2010 8:36:42 PM PDT by FlingWingFlyer (Furlough the Congress!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Pride_of_the_Bluegrass

msp the israeli intelligence agency mossad working with russia current .
all I can say is mazal tov Simon tov!


3 posted on 10/03/2010 8:39:15 PM PDT by ncfool (The new USSA - United Socialst States of AmeriKa. Welcome to Obummers world or Obamaville USSA.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Pride_of_the_Bluegrass

Zero hour is approaching...


4 posted on 10/03/2010 8:41:19 PM PDT by eleni121 (http://www.serfes.org/orthodox/memoryof.htm)
[ Post Reply | Private Reply | To 1 | View Replies]

To: eleni121

A really smart guy once said Halloween.


5 posted on 10/03/2010 8:49:07 PM PDT by Pride_of_the_Bluegrass
[ Post Reply | Private Reply | To 4 | View Replies]

To: Pride_of_the_Bluegrass

Hey Aminajob(sp): Chase out the Russians as you ask them to sell you the S-300 system.


6 posted on 10/03/2010 8:55:52 PM PDT by Pearls Before Swine
[ Post Reply | Private Reply | To 1 | View Replies]

To: Pride_of_the_Bluegrass

It’s Debka. They have a 10% truth rating. Even the psychic hotline has a better record than Debka.


7 posted on 10/03/2010 8:57:40 PM PDT by Thunder90 (Fighting for truth and the American way... http://citizensfortruthandtheamericanway.blogspot.com/)
[ Post Reply | Private Reply | To 1 | View Replies]

To: eleni121; kronos77; jb6; x5452

Debka file is NOT to be believed...

The Russians will stay in Iran. And Putin loves it.


8 posted on 10/03/2010 8:59:25 PM PDT by Thunder90 (Fighting for truth and the American way... http://citizensfortruthandtheamericanway.blogspot.com/)
[ Post Reply | Private Reply | To 4 | View Replies]

To: Pride_of_the_Bluegrass

When all your eggs are in a Russian basket, you are f$%&!


9 posted on 10/03/2010 9:21:27 PM PDT by mainsail that ('Sed quis custodiet ipsos custodes')
[ Post Reply | Private Reply | To 1 | View Replies]

To: Pride_of_the_Bluegrass

Teehehe....might just be a tad hard to go fully nuke when all of your data is gone?


10 posted on 10/03/2010 9:22:51 PM PDT by chris_bdba
[ Post Reply | Private Reply | To 1 | View Replies]

To: Thunder90

The Russians have done this before

http://en.wikipedia.org/wiki/2007_cyberattacks_on_Estonia

http://en.wikipedia.org/wiki/Cyberattacks_during_the_2008_South_Ossetia_war


11 posted on 10/03/2010 9:29:23 PM PDT by Pride_of_the_Bluegrass
[ Post Reply | Private Reply | To 8 | View Replies]

To: Pride_of_the_Bluegrass

Wonder if this is the deal that Omama gave the Russians for pulling our interceptors out of Czech Republic?


12 posted on 10/03/2010 9:35:20 PM PDT by garjog
[ Post Reply | Private Reply | To 11 | View Replies]

To: Pride_of_the_Bluegrass

Couldn’t have turned out better!


13 posted on 10/03/2010 9:44:37 PM PDT by dila813
[ Post Reply | Private Reply | To 1 | View Replies]

To: eleni121

Zero hour is approaching...


Yes it is.


14 posted on 10/03/2010 9:45:21 PM PDT by unkus
[ Post Reply | Private Reply | To 4 | View Replies]

To: Pride_of_the_Bluegrass

I wonder if the reactor is dead forever, along with much of Iran’s industry.

Would you be willing to load nuclear fuel into a reactor if it had been scrubbed by an anti-virus company and pronounced “clean”? What if something residual is left?

No way to know until it craps out in the middle of something vital. Same with a lot of other industrial installations.


15 posted on 10/03/2010 9:47:59 PM PDT by CurlyDave
[ Post Reply | Private Reply | To 1 | View Replies]

To: CurlyDave
Its one thing to have a functioning nuclear reactor for peaceful purposed,
its worse yet as in Irans' case since the whole world knows its for weapon development,
but the ultimate is a malfunctioning & sabotaged reactors which may potentially blow its top via a cyber-worm and spew nuclear radiation all over the middle east and then contaminate the millions of peaceful loving muslims they have as neighbors!!
16 posted on 10/03/2010 10:03:15 PM PDT by prophetic (0Bama = 1 illegal president = 32 illegal, unconstitutional & unnecessary CZARS to do his job!!)
[ Post Reply | Private Reply | To 15 | View Replies]

To: CurlyDave
The current Stuxnet is targeted at two specific Siemens PLC modules. It propagates to the project file of the programming software. Every time the software is launched to work on the PLC code, the worm is propagated. Now that a paradigm of attack exists, you can expect the example to be played out against additional PLC and like devices. While this has kicked Iran's nuclear program in the crotch, it has the capability to visit other countries (including ours) and be targeted at assets that matter to us. I believe the phrase is, "blowback is a bitch".
17 posted on 10/03/2010 10:08:40 PM PDT by Myrddin
[ Post Reply | Private Reply | To 15 | View Replies]

To: Pride_of_the_Bluegrass

And the Russians had it done to them at least once before:

http://en.wikipedia.org/wiki/Siberian_pipeline_sabotage


18 posted on 10/03/2010 10:12:52 PM PDT by Rebelbase (Political correctness in America today is a Rip Van Winkle acid trip.)
[ Post Reply | Private Reply | To 11 | View Replies]

To: Rebelbase

Yes I know

https://www.cia.gov/library/center-for-the-study-of-intelligence/csi-publications/csi-studies/studies/96unclass/farewell.htm


19 posted on 10/03/2010 10:30:56 PM PDT by Pride_of_the_Bluegrass
[ Post Reply | Private Reply | To 18 | View Replies]

To: Thunder90

Really?? Kinda irritating with these loudmouthed joos, issit?


20 posted on 10/04/2010 12:14:12 AM PDT by Hardraade (I want gigaton warheads now!!)
[ Post Reply | Private Reply | To 7 | View Replies]

To: Pride_of_the_Bluegrass

I don’t think that Control/Alt/Delete is going to fix this one.


21 posted on 10/04/2010 1:27:26 AM PDT by Jimmy Valentine (DemocRATS - when they speak, they lie; when they are silent, they are stealing the American Dream)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Myrddin

Believe the virus code gets compiled into the SCAD executable code. So if you do not update the SCAD software and do not recompile the code, you can keep a current clean system clean. Just disconnect it from the local net.


22 posted on 10/04/2010 1:42:51 AM PDT by justa-hairyape
[ Post Reply | Private Reply | To 17 | View Replies]

To: Pride_of_the_Bluegrass

Man O man,
It sure would be fitting if Iran flipped the switch to turn its russian built nuke plant on and it melted down like Chernobyl.
Tee hee hee.


23 posted on 10/04/2010 3:12:44 AM PDT by Joe Boucher ((FUBO) Less gubmint is best gubmint.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Myrddin

In the last day or two there have been rumors that the worm has invaded China.
If it has this ability there is NOTHING to keep it from visiting the U.S. or anyone else using Siemens.

Sooo, has fall finally hit Idaho?


24 posted on 10/04/2010 3:16:37 AM PDT by Joe Boucher ((FUBO) Less gubmint is best gubmint.)
[ Post Reply | Private Reply | To 17 | View Replies]

To: Joe Boucher

since we have over 40 operational nuclear plants there, it bwould be a disaster.


25 posted on 10/04/2010 5:45:30 AM PDT by brivette
[ Post Reply | Private Reply | To 24 | View Replies]

To: Joe Boucher

>>or anyone else using Siemens.<<

I would think that our IT guys would be throwing up firewalls right now.

My DH took his company’s system totally off the net on Friday. He won’t let anyone hook up laptops or bring in USB sticks. It’s work but he is handling the Website himself from ONE laptop. Every bit of company business goes through him and he views everything in DOS before it’s opened.

Email is being handled through phones and an intranet system he set up a while ago.

The difference between us and China is that we know it’s coming.


26 posted on 10/04/2010 6:45:03 AM PDT by netmilsmom ("Happiness is a choice"-Fr. Ben Ludtke. Pray for healing of his Brain Tumor, pls.)
[ Post Reply | Private Reply | To 24 | View Replies]

To: Thunder90

Sad if true.
Almost as sad as US support to Saudi Arabia and Pakistan.


27 posted on 10/04/2010 7:25:41 AM PDT by kronos77 (Kosovo is Serbian Jerusalem. No Serbia without Kosovo.)
[ Post Reply | Private Reply | To 8 | View Replies]

To: Myrddin
The current Stuxnet is targeted at two specific Siemens PLC modules.

I read an article yesterday that suggests something I find plausible: the target wasn't the Bushehr reactor -- it was their uranium enrichment program. There is apparently some evidence that Stuxnet was programmed to lie in dormancy even after it found the targeted PLC, then act simultaneously.

If one or both of those PLCs were being used in the uranium centrifuges, then it wouldn't be difficult to destroy one, perhaps by spinning them out-of-control.

Or maybe it targeted both. I guess we will never know until we determine where those two PLC's were being used. In any event, it indicates that someone had inside knowledge and access.

28 posted on 10/04/2010 7:52:01 AM PDT by justlurking (The only remedy for a bad guy with a gun is a good WOMAN (Sgt. Kimberly Munley) with a gun)
[ Post Reply | Private Reply | To 17 | View Replies]

To: netmilsmom
I would think that our IT guys would be throwing up firewalls right now.

Given the likely vector of attack, the best thing that anyone can do is disable the "autoplay" functionality in Windows XP. That's what runs a program automatically when you plug in a USB stick (or even put in a CD/DVD).

There's a PowerToy on Microsoft's website called TweakUI that does exactly that.

29 posted on 10/04/2010 7:56:07 AM PDT by justlurking (The only remedy for a bad guy with a gun is a good WOMAN (Sgt. Kimberly Munley) with a gun)
[ Post Reply | Private Reply | To 26 | View Replies]

To: justlurking

WOW!
Thanks, I’m going to pass that along to my husband.


30 posted on 10/04/2010 8:14:47 AM PDT by netmilsmom ("Happiness is a choice"-Fr. Ben Ludtke. Pray for healing of his Brain Tumor, pls.)
[ Post Reply | Private Reply | To 29 | View Replies]

To: Joe Boucher
Sooo, has fall finally hit Idaho?

That's something I would like to know as well. Last year and this year I was summoned to San Diego at the start of Summer and missed all of the Summer in Idaho. The first trip was June 21, 2009 to Feb 5, 2010. The current trip started July 5, 2010 and continues. I really want to be home, but I have to carve out tasking from the work in San Diego that I can take home. The embedded systems work that provided me 6 years of work at the house in Idaho fell through the cracks when Obama arrived. Summer in San Diego was cold and gray.

31 posted on 10/04/2010 9:29:30 AM PDT by Myrddin
[ Post Reply | Private Reply | To 24 | View Replies]

To: justa-hairyape
The worm is infecting the project files of the PLC programming software. It infects every file on a machine when the compiler is executed. I agree that the impact is delayed until the new code is deployed to the PLC devices in use. The delayed execution on the PLCs allows it to get widely deployed before the infected parties are aware. Injecting fear and uncertainty into the the software developers is going to damage their productivity and put deployments of suspect firmware on hold. That alone is damaging. A floor full of damaged equipment from misbehaving PLCs doesn't bode well either.
32 posted on 10/04/2010 9:36:45 AM PDT by Myrddin
[ Post Reply | Private Reply | To 22 | View Replies]

To: Pride_of_the_Bluegrass
I have absolutely no idea of what's going on, but I can't wait for the worm that tells their TBMs that the GPS coordinates of Tel Aviv are 35°44'N, 51°30'E.
33 posted on 10/04/2010 9:37:22 AM PDT by Lonesome in Massachussets (The naked casuistry of the high priests of Warmism would make a Jesuit blush.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: AdmSmith; Arthur Wildfire! March; Berosus; bigheadfred; blueyon; Convert from ECUSA; dervish; ...
It's from DEBKA, but regardless, it's kinda funny:
...dozens of Russian nuclear engineers, technicians and contractors are hurriedly departing Iran for home since local intelligence authorities began rounding up their compatriots as suspects of planting the Stuxnet malworm... Among them are the Russian personnel who built Iran's first nuclear reactor at Bushehr which Tehran admits has been damaged by the virus.
They're gettin' out of town ahead of the MOABs.

34 posted on 10/04/2010 6:16:14 PM PDT by SunkenCiv (Democratic Underground... matters are worse, as their latest fund drive has come up short...)
[ Post Reply | Private Reply | To 1 | View Replies]

What “sleeping virus” is waiting to wake and destroy.

whoaaaaaa ha ha!!!!!!!


35 posted on 10/04/2010 10:40:26 PM PDT by kennyboy509 (Let us eat cake.)
[ Post Reply | Private Reply | To 17 | View Replies]

To: Myrddin

I was in L.A. for a week in early summer and it was chilly compared to usual.
I need to get back to Priest Lake.


36 posted on 10/05/2010 3:30:51 AM PDT by Joe Boucher ((FUBO) Less gubmint is best gubmint.)
[ Post Reply | Private Reply | To 31 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson