Welcome to European Tribune. It's gone a bit quiet around here these days, but it's still going.
O'MURCHU: We continued to search, and we continued to search in code, and eventually we found some other bread crumbs left we were able to follow. It was doing something with Siemens, Siemens software, possibly Siemens hardware. We'd never even seen that in any malware before, something targeting Siemens. We didn't even know why they would be doing that. But after Googling, very quickly we understood, it was targeting Siemens PLCs.
CHIEN:Stuxnet was targeting a very specific hardware device, something called a PLC or a programmable logic controller.
LANGER: The PLC is a kind of very small computer attached to physical equipment, like pumps, like valves, like motors. So this little box is running a digital program, and the actions of this program turns that motor on, off, or sets a specific speed.
CHIEN: Those program module controllers control things like power plants, power grids.
O'MURCHU: And of course we did notice that at the time there had been assassinations of nuclear scientists. So that was worrying. We knew that there was something bad happening.
CHIEN: We'd been publishing information about stuxnet all through that summer. And then in November, the industrial control system sort of expert in Holland contacted us, and he said all of these devices that would be inside of an industrial control system hold a unique identifier number that identified the make and model of that device. And we actully had a couple of these number in the code that we didn't know what they were. So we realized that maybe what he was referring to was the magic numbers we had. Then when we searched for those magic numbers in that context, we saw that what had to be connected to this industrial control system that was being targeted were something called frequency converters from two specific manufacturers, one of which was in Iran. So at this time, we absolutely knew that the facility that was being targeted had to be in Iran and had equipment made from Irania manufacturers.When we looked up those frequency converters, we immediately found out that they were actually export controlled by the [US] Nuclear Regulatory Commission [USC DOCUMENT OVERLAY: Specific license required when exported to embargoed destinations listed in 10 CFR 110.28] And that immediately led us then to some nuclear facility.
by Cat on Wed Nov 2nd, 2022 at 08:01:22 PM EST
[ Parent ]
Stuxnet Facts Report - 2012

Stuxnet was first discovered by Belarusian security company VirusBlokAda (www.anti-virus.by) on June 17, 2010, in the computers of one of its customers, who asked the company for technical help with some unexplainable system reboots. The malware was found on 14 systems, the majority of which were located in Iran.

24 June 2012. Self-kill date (after this date Stuxnet auto-terminates itself).

'Sapere aude'

by Oui (Oui) on Wed Nov 2nd, 2022 at 08:46:31 PM EST
[ Parent ]
The original code is archived for study, modification, and improvement.
by Cat on Thu Nov 3rd, 2022 at 01:58:28 AM EST
[ Parent ]
That TAO ("Tailored Access Operation") iteration targeted Iranian equipment, specifically, and did enough damage to their enrichment schedule. What followed? Capitualtion to duplicitous Obama clemency, the long-winded JCPOA.

Other than that, there's reason not to assume parallel dev tailored to handicap any other US arch-rival.

by Cat on Thu Nov 3rd, 2022 at 02:33:23 AM EST
[ Parent ]
ANONYMOUS: For Natanz, it was a CIA-led operation, so we had to have agency sign-off. Someone from the agency stood behind the operator and the analyst and gave the order to launch every attack.
CHIEN: Before they could have even started this attack, they put inside the code the kill date, a date at which it would stop opperating.
O'MURCHU: Cut-off dates. We don't normally see that. And you have to think, well, 'Why is that cut-off date in there?' When you realize, well, this section was probably written by government and that there are laws regarding how you can use this sort of software, there may have been a legal team who said, 'No. You need to have a cutt-off date in there, and you can only do this and you can only go this far. We nee to check if this is legal or not. That date is a few days before Obama's inauguration [JANUARY 20,2009]. So the theory was that this was an operation that needed to stopped at a certain time, because there was going to be a hand-over and more approval was needed.
Zero Days
archived U.S. Senators Introduce Expedited LNG for American Allies Act, 2012
goes to motive for Nord Stream I sabotage in the long run
by Cat on Thu Nov 3rd, 2022 at 02:12:04 AM EST
[ Parent ]
In my estimation, it was developed by NSA in Idaho facilities in close cooperation with Israel Mossad/Unit 8200 experts. It was tested at Dimona and spread and implemented by Israel. The damage done was less than envisioned. Therefore Israel's political leadership pushed its national security cabinet to bomb the nuclear facilities in 2012. Launch bases included airfields in Azerbaijan. Obama blocked the endeavor by sending a public warning to parties involved. Israel's military and intelligence agencies were not convinced it would bring less harm to Israel. Secrets were leaked to the media.

The relationship between Obama-Kerry and Israel's Netanyahu and Moshe Ya'alon would never recover. Obama intervened in early 2016 election in Israel in an failed attempt to unseat Bibi. In the fall of 2016, Netanyahu, oligarchs with (Arab) allies succeeded to change White House color from blue to red.

Israel tests on worm called crucial in Iran nuclear delay | 16 Jan 2011 |

Meir Dagan told the Israeli Knesset in recent days that Iran had run into technological difficulties that could delay a bomb until 2015--a sharp reversal from Israel's long-held argument that Iran was on the cusp of success.

The biggest single factor in putting time on the nuclear clock appears to be Stuxnet, the most sophisticated cyberweapon ever deployed.

Experts who have picked apart the computer worm describe it as far more complex--and ingenious--than anything they had imagined when it began circulating around the world, unexplained, in mid-2009.

Many mysteries remain, chief among them, exactly who constructed a computer worm that appears to have several authors on several continents.

Stuxnet and the Limits of Cyber Warfare

'Sapere aude'

by Oui (Oui) on Thu Nov 3rd, 2022 at 10:45:41 AM EST
[ Parent ]


Occasional Series