Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Stuxnet Clone Found, Possibly Preparing For Power Plant Attacks
ANI via Yahoo News ^ | 19 Oct 2011 | ANI

Posted on 10/19/2011 3:35:47 AM PDT by edpc

Washington, Oct.19 (ANI): Security researchers have detected a new Trojan, scarily similar to the infamous Stuxnet worm, which could disrupt computers controlling power plants, oil refineries and other critical infrastructure networks.

The Trojan, dubbed "Duqu" by the security firm Symantec, appears, based on its code, to have been written by the same authors as the Stuxnet worm, which last July was used to cripple an Iranian nuclear-fuel processing plant, Fox News reports.

(Excerpt) Read more at in.news.yahoo.com ...


TOPICS: Foreign Affairs; Front Page News; News/Current Events
KEYWORDS: computers; duqu; iran; middleast; plc; stuxnet; virus
Stuxnet II: Electric Duqu-loo
1 posted on 10/19/2011 3:35:54 AM PDT by edpc
[ Post Reply | Private Reply | View Replies]

To: edpc

LOL!

All your Iranian centrifuges are belong to Mossad.


2 posted on 10/19/2011 3:49:59 AM PDT by TSgt (Legal Disclaimer: Look at my profile at your own risk)
[ Post Reply | Private Reply | To 1 | View Replies]

To: edpc

I hazard a guess that while ‘Count Duqu’ collects info on all SCADA, it only actually attacks if it thinks it’s in a power-station in Iran.


3 posted on 10/19/2011 3:51:07 AM PDT by agere_contra ("Debt is the foundation of destruction" : Sarah Palin.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: edpc

Neither link is working for me.


4 posted on 10/19/2011 4:00:29 AM PDT by elli1
[ Post Reply | Private Reply | To 1 | View Replies]

To: edpc
Now the link is working. Musta' been a puter hiccup.
5 posted on 10/19/2011 4:03:33 AM PDT by elli1
[ Post Reply | Private Reply | To 1 | View Replies]

To: edpc
Here in Michigan, there has been a series of extraordinary power failures. There has been partial substation failures and outages that have affected large building like schools, retail stores and the like. Typically, these building lose partial power, affecting electronics, lighting, etc. What could cause such an outbreak over such a wide area (SE Michigan). Could it be tied to the Electrical distribution Networks computers? I know someone here knows how Electrical utilities work.

Mike

6 posted on 10/19/2011 4:20:19 AM PDT by MichaelP (The ultimate result of shielding men from the effects of folly is to fill the world with fools ~HS)
[ Post Reply | Private Reply | To 1 | View Replies]

To: edpc
One day the homogeneity caused by the Microsoft Windows monopoly will have grave consequences: economic, social and financial.

Like the Dutch tulip market crash, the Irish potato blight, the cotton boll crash, etc., economic systems based on and solely dependent on a single commodity eventually crash with devastating results.

7 posted on 10/19/2011 4:23:20 AM PDT by eCSMaster (Democrats: the Party of NO!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: rdb3; Calvinist_Dark_Lord; GodGunsandGuts; CyberCowboy777; Salo; Bobsat; JosephW; ...

8 posted on 10/19/2011 4:28:00 AM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]

Comment #9 Removed by Moderator

To: MichaelP

No building loses partial power unless it’s a problem within the walls of the school. When power fails at a substation, all power provided by that substation is affected. Only if a building has a generator could it have “partial” power.


10 posted on 10/19/2011 4:34:01 AM PDT by Solson (The Voters stole the election! And the establishment wants it back.)
[ Post Reply | Private Reply | To 6 | View Replies]

To: eCSMaster
Yup, pull the plug on electric or water or drop the internet and watch the crash.

My wife has a business that used to be strictly stand-alone. Now it is highly electrified and internet-connected. Take the power or lose connectivity and business stops! Not a fun prospect at all...

11 posted on 10/19/2011 4:48:56 AM PDT by Dubh_Ghlase (Therefore, send not to know For whom the bell tolls, It tolls for thee.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: edpc
Link to the Fox News article which has more info.
12 posted on 10/19/2011 4:50:24 AM PDT by upchuck (Rerun: Think you know hardship? Wait till the dollar is no longer the world's reserve currency.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: MichaelP
What could cause such an outbreak over such a wide area (SE Michigan).

Theft of copper comes to mind. It is Detroit.

13 posted on 10/19/2011 4:59:29 AM PDT by ASA Vet (Natural-born citizens, are those born in the country, of parents who are citizens. De Vattel)
[ Post Reply | Private Reply | To 6 | View Replies]

To: Solson; MichaelP

>>No building loses partial power unless it’s a problem within the walls of the school.

That is not true. Most schools and commercial/institutional buildings have 3-phase power. It is possible for the utility feed to drop one phase. This will typically cause properly protected 3-phase motors to drop out (kills A/C, fans, etc.), and 1/3 of the lights and power receptacles. That leaves you with 2/3rd of the lights and receptacles, so a lot of things are still operational.


14 posted on 10/19/2011 5:12:21 AM PDT by FreedomPoster (Islam delenda est)
[ Post Reply | Private Reply | To 10 | View Replies]

To: FreedomPoster
That is what has been happening...

Mike

15 posted on 10/19/2011 5:15:51 AM PDT by MichaelP (The ultimate result of shielding men from the effects of folly is to fill the world with fools ~HS)
[ Post Reply | Private Reply | To 14 | View Replies]

To: eCSMaster

Greetings eCSMaster:

My employer’s generating facility is not a MSOS; seriously doubt many are. That aside, Stuxnet is a concern.

Cheers,
OLA


16 posted on 10/19/2011 5:32:25 AM PDT by OneLoyalAmerican (In God I trust, all others provide citations.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: eCSMaster

Homogeneity? You would be hard-pressed to find a Microsoft OS on any controlling system in a power plant. Most high-availability (HA) sites like power plants utilize hardened Linux kernels with very specific instruction libraries for only the programs being used on those systems.

And as a note, Windows is not solely the issue with IT security. MS plugged a lot of holes (and ruffled a lot of feathers) with their new OS kernel by prohibiting direct access without user approval (UAC and DEP, for instance). The issues come into play when users errantly click on approve in this dialog box without knowing what the program is going to do.

It is not the prettiest way to do things, but for what it does, the Windows OS is highly functional if not bloated.


17 posted on 10/19/2011 7:21:10 AM PDT by rarestia (It's time to water the Tree of Liberty.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: edpc

Whomever wrote this is incompetent. No where in the article does it say WHERE the virus was found or WHERE it might be used.


18 posted on 10/19/2011 7:43:58 AM PDT by pabianice (")
[ Post Reply | Private Reply | To 1 | View Replies]

To: edpc

A Breakin’ 2 reference at 0630...nice!


19 posted on 10/19/2011 7:53:55 AM PDT by EEGator
[ Post Reply | Private Reply | To 1 | View Replies]

To: EEGator

What can I say? My head is loaded with useless information.


20 posted on 10/19/2011 7:56:40 AM PDT by edpc (Former Normalcy Bias Victim)
[ Post Reply | Private Reply | To 19 | View Replies]

To: MichaelP
Here in Michigan, there has been a series of extraordinary power failures. There has been partial substation failures and outages that have affected large building like schools, retail stores and the like. Typically, these building lose partial power, affecting electronics, lighting, etc. What could cause such an outbreak over such a wide area (SE Michigan). Could it be tied to the Electrical distribution Networks computers? I know someone here knows how Electrical utilities work.

I work in telecom - and I have warned of security vulnerabilities for years. But, usually the "suits" won't listen.

Supervisory Control And Data Acquisition [SCADA] provides for remote data sensing and also remote supervisory control.

While the actual data sensing can be sent over public networks, such as the Internet, supervisory control should be sent over dedicated private networks [as an example: corporate T-1 lines] or thru the Public Switched Telephone Network [PSTN].

The T-1 lines [and the like] are absolutely secure [as long as no one physically taps into them], use of the public telephone network requires the use of a dial-back modem.

When using a dial-back modem, the remote user uses a computer terminal to call the station where the equipment is located. The dial-back modem at the station receives the call and hangs up. The dial-back modem then calls the pre-programmed telephone number back to the remote computer terminal.

Once the connection is established, a username and password are required by the dial-back modem for authentication. The connection is then allowed to be connected to the server located at the site. Again, a username and password are required.

Once this is accomplished, the reemote user has full control of the equipment at the site. Usually, the format is via Command Line Interface [CLI] - which uses simple text commands in order to control the equipment.

This method is EXTREMELY secure, albeit slow when compared to using the Internet. It also costs the price of a telephone line from EACH site to the PSTN and also a telephine line to the remote computer terminal at the Control Center. In addition, there is the one-time cost of the dial-back modem for each site.

The "suits" generally do not like this because of the cost involved. Lets say you have 100 sites. If the dial-back modems cost $50 apiece, the one-time cost is $5000. And if the telephone lines cost $20 pre month, the monthly recurring cost is $2020 [including the telephone line at the Control Center - or $24240 per year.

It is also much slower than using high-speed public Internet access. But, the security it gives vs. the time difference involved supercedes using the public Internet.

21 posted on 10/19/2011 9:24:23 AM PDT by Lmo56 (If ya wanna run with the big dawgs - ya gotta learn to piss in the tall grass ...)
[ Post Reply | Private Reply | To 6 | View Replies]

To: rarestia

Gratutious ignorant Windows-bashing aside, Stuxnet is a worm - the vulnerability is in the the application, not the OS, so it doesn’t really matter what OS it’s running on.


22 posted on 10/19/2011 9:31:13 AM PDT by tacticalogic
[ Post Reply | Private Reply | To 17 | View Replies]


*LOOKIN' FOR MORE MONTHLY DONORS*



Click Here To Support Free Republic

*Thank You To All Donors*

23 posted on 10/19/2011 10:20:32 AM PDT by TheOldLady (FReepmail me to get ON or OFF the ZOT LIGHTNING ping list)
[ Post Reply | Private Reply | View Replies]

To: tacticalogic

Stuxnet was designed to specifically target the intricacies of an Iranian power plant based on the intelligence community’s understanding of their operating parameters. Also, given the fact that any operating systems can be infected much the same way our drone fleet was compromised (through human error), you simply cannot stand by your assessment that Windows is the root cause.

Properly implemented, Windows environments are stable. It’s the applications installed on those operating systems that can cause the problems. I’ve been in data center engineering and systems analysis for 15 years, and I can attest that our Windows infrastructure (DNS, DHCP, AD, Exchange, etc.) is among the most stable in our environment.

FWIW, I’m a Linux engineer by trade, so going so far as to say that I am ignorant to this discussion is a stretch. And as a correction, worms are built to specific kernels. Trying to infect a Linux or Mac machine with a Windows worm won’t work, and the converse is also true.


24 posted on 10/19/2011 10:30:01 AM PDT by rarestia (It's time to water the Tree of Liberty.)
[ Post Reply | Private Reply | To 22 | View Replies]

To: rarestia
You weren't doing the "gratuitious ignorant Windows bashing" I was referring to.

Sorry for the misunderstanding.

25 posted on 10/19/2011 10:34:36 AM PDT by tacticalogic
[ Post Reply | Private Reply | To 24 | View Replies]

To: tacticalogic

I thought it seemed a little out of place, but I wanted to make sure. I’m always up for good conversation, but I always like to reinforce my position.


26 posted on 10/19/2011 10:36:35 AM PDT by rarestia (It's time to water the Tree of Liberty.)
[ Post Reply | Private Reply | To 25 | View Replies]

To: rarestia

No problem. I’m an AD/Exchange admin so we could probably have a pretty good converstation, but duty calls and I have some Powershell script that needs written.


27 posted on 10/19/2011 11:20:51 AM PDT by tacticalogic
[ Post Reply | Private Reply | To 26 | View Replies]

To: agere_contra
I hazard a guess that while ‘Count Duqu’ collects info on all SCADA, it only actually attacks if it thinks it’s in a power-station in Iran.

I'll bet you're right...

28 posted on 10/19/2011 12:39:15 PM PDT by GOPJ (OWS - a scam to shift blame for unemployment and misery away from Obama and dems..)
[ Post Reply | Private Reply | To 3 | View Replies]

To: tacticalogic

God bless ya, there! I got out of the Windows/AD/Exchange world for infrastructure. Much happier with hardware, personally.


29 posted on 10/19/2011 1:51:57 PM PDT by rarestia (It's time to water the Tree of Liberty.)
[ Post Reply | Private Reply | To 27 | View Replies]

To: FreedomPoster
This will typically cause properly protected 3-phase motors to drop out (kills A/C, fans, etc.),

If the motor isn't properly protected w/ a phase monitor it's killed, permanently.

30 posted on 10/19/2011 2:01:14 PM PDT by Vinnie
[ Post Reply | Private Reply | To 14 | View Replies]

To: FreedomPoster

Single phase issues also fry just about everything. Go put a ballast on single phase and see what happens.


31 posted on 10/19/2011 7:45:34 PM PDT by Solson (The Voters stole the election! And the establishment wants it back.)
[ Post Reply | Private Reply | To 14 | View Replies]

To: Solson

That would only affect 208 or 480 ballasts. The vast majority are 120 or 277. Are there even 480 ballasts?


32 posted on 10/20/2011 5:53:53 AM PDT by FreedomPoster (Islam delenda est)
[ Post Reply | Private Reply | To 31 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson