Our Announcements

Not Found

Sorry, but you are looking for something that isn't here.

Posts Tagged Stuxnet

VIDEO LECTURE FOR COMPUTER GEEKS ON STUX NET CYBERWARFARE AGENT: Langner’s Stuxnet Deep Dive S4 Video

Langner’s Stuxnet Deep Dive S4 Video

Dale G Peterson
 
 
 
 
 

Edward Snowden: U.S., Israel ‘Co-Wrote’ Cyber Super Weapon Stuxnet

Jul 9, 2013 2:22pm

db1c7ad0416df7f0d9616317c3215fb7

The former National Security Agency contractor on the run from U.S. authorities halfway around the world said that Stuxnet, an unprecedented cyber weapon thattargeted Iran’s nuclear program, was the product of a joint American-Israeli secret operation.

Before Edward Snowden became a household name, he conducted an interview via encrypted emails with cyber security expert Jacob Appelbaum and was asked about the game-changing computer code, according to the interview published in the German newspaper Der Spiegel Monday.

“NSA [U.S. National Security Agency] and Israel co-wrote it,” Snowden said.

Snowden said that the NSA regularly works with foreign governments and has a “massive body” called the Foreign Affairs Directorate to deal with international partners.

In the interview Snowden did not discuss Stuxnet further and, so far, none of the newspapers Snowden has worked with have published any documents directly relating to the cyber weapon.

Discovered in 2010 but possibly in action as early as 2005, Stuxnet was designed to infiltrate the computer system at an Iranian nuclear facility, physically damage the facility’s infrastructure by throwing off automated systems and cover its tracks so that even if engineers were monitoring those systems, everything would appear normal.

At the time of its discovery, cyber security experts put the U.S. and Israel on a short list of nations capable of developing such a sophisticated and expensive cyber weapon. In June 2012, The New York Times reported Stuxnet was part of a cyber offensive program begun under President Bush and accelerated by President Obama which targeted Iran’s nuclear program and said Stuxnet was “developed by the United States and Israel.” No U.S. or Israeli officials have gone on the record to claim responsibility for Stuxnet or its digital successors.

Snowden remains holed up on the transit side of Moscow’s Sheremedevo International Airport. He has been unable to travel since he arrived there from Hong Kong more than two weeks ago because the State Department canceled his passport. He has also managed to remain out of sight since his arrival.

Snowden has been searching for a safe haven where he can evade U.S. charges of espionage. Venezuela has said it would grant Snowden political asylum, but it remains unclear how he will be able to travel to the South American nation from Moscow without having to stop in a country that holds an extradition treaty with the U.S. There are no direct commercial flights to Venezuela’s capital of Caracas.

 
 
 
 
 
 
 
 
 
 
 
 

 

 
 

Ralph Langner’s Stuxnet Deep Dive is the definitive technical presentation on the PLC attack portion of Stuxnet. He did a good job of showing very technical details in a readable and logical presentation that you can follow in the video if you know something about programming and PLC’s.

The main purpose of Ralph’s talk was to convince the audience with “100% certainty” that Stuxnet was designed specifically to attack the Natanz facility. He does this at least four different ways, and I have to agree there is no doubt.

This video represents exactly what we are trying to accomplish at S4. Ralph is speaking in front of a very experienced and knowledgeable ICS security audience, and he doesn’t waste any time on what Stuxnet 101. Instead, he dives right into the S7 code and walks the audience through, line by line, some of the most interesting FC’s. This level of detail has never been seen before. It likely would bore or be lost on most audiences, but the S4 crowd was spellbound.

It’s high quality video so expand to full screen to see the code.

The video shows the level of effort Langner’s team put into analyzing Stuxnet as there comments are throughout the S7 Stuxnet code. Many in the audience remarked that it was probably much better documented than the Stuxnet author’s version.

I’m tempted to try to excerpt the most interesting points of the presentation, but if you want to know about Stuxnet’s PLC code you should just watch it.

, , ,

No Comments

KIM ZETTER,WIRED: NATO Researchers: Stuxnet Attack on Iran Was Illegal ‘Act of Force’

NATO Researchers: Stuxnet Attack on Iran Was Illegal ‘Act of Force’

 

 

 

A cyberattack that sabotaged Iran’s uranium enrichment program was an “act of force” and was likely illegal, according to research commissioned by NATO’s cyberwarfare center.

“Acts that kill or injure persons or destroy or damage objects are unambiguously uses of force” and likely violate international law, according to the Tallinn Manual on the International Law Applicable to Cyber Warfare, a study produced by international legal experts at the request of NATO’s Cooperative Cyber Defense Center of Excellence in Estonia.

Acts of force are prohibited under the United Nations charter, except when done in self-defense, Michael Schmitt, professor of international law at the U.S. Naval War College in Rhode Island and lead author of the study, told the Washington Times.

The 20 experts who produced the study were unanimous that Stuxnet was an act of force, but were less clear about whether the cyber sabotage against Iran’s nuclear program constituted an “armed attack,” which would entitle Iran to use counterforce in self-defense. An armed attack constitutes a start of international hostilities under which the Geneva Convention’s laws of war would apply.

Stuxnet was launched in 2009 and 2010, and possibly 2008 as well, and targeted cascades and centrifuges at the Natanz uranium enrichment plant in Iran. The cyberweapon was reportedly designed by Israel and the U.S. in an effort to set back Iran’s ability to produce a nuclear weapon, though the U.S. has not officially acknowledged its role in the attack. Until the attacks occurred, intelligence agencies speculated that Iran would be able to produce a nuclear weapon by 2010. The attacks by Stuxnet are believed to have set back the program by an estimated three years.

The 300-page NATO manual was produced by 20 researchers, including legal scholars and senior military lawyers from NATO countries, with assistance from cybersecurity analysts.

“We wrote it as an aid to legal advisers to governments and militaries, almost a textbook,” Schmitt told the paper. “We wanted to create a product that would be useful to states to help them decide what their position is. We were not making recommendations, we did not define best practice, we did not want to get into policy,” he said.

Others disagreed with the legal conclusion of the researchers, however.

James A. Lewis, a researcher at the Center for Strategic and International Studies, said the researchers were getting ahead of themselves and there had not been enough incidents of cyberconflict yet to develop a sound interpretation of the law in that regard.

“A cyberattack is generally not going to be an act of force. That is why Estonia did not trigger Article 5 in 2007,” he said, referring to the coordinated DDoS attacks that took down the computer networks of banks, government agencies and media outlets in Estonia that were blamed on Russia, or hackers sympathetic to the Russian government.

Article 5 of the NATO treaty requires member states to aid other members if they come under attack.

 

Reference

, ,

No Comments