Stuxnet: An actual Cyber attack weapon

[Adios]

Damn. Why did I just have to remember the dam right above me?

[Nephew Twiddleton]

I don't habeeb it.

It really could be from anywhere and targeting anywhere. All of the countries effective have some potential of being either originator or target. It was pointed out that the program uses English for file names, but that doesn't automatically point to US origin- I think I heard somewhere that English is a default language for computer programmers due to it's versatility. The only thing that suggest US origin is confirmation that the US has the capability of creating it.

[Nephew Twiddleton]

Damn. Why did I just have to remember the dam right above me?

Shopping list:
Guns
Ammo
Boat

[Adios]

I don't habeeb it.

It really could be from anywhere and targeting anywhere. All of the countries effective have some potential of being either originator or target. It was pointed out that the program uses English for file names, but that doesn't automatically point to US origin- I think I heard somewhere that English is a default language for computer programmers due to it's versatility. The only thing that suggest US origin is confirmation that the US has the capability of creating it.

The 007 reference was English, not American.  Bond, ya know?

[LMNO]

Charley, I don't know how much we can trust the report, but:

"A geographical distribution of computers hit by Stuxnet, which Microsoft produced in July, found Iran to be the apparent epicenter of the Stuxnet infections. That suggests that any enemy of Iran with advanced cyber war capability might be involved, Langner says. The US is acknowledged to have that ability, and Israel is also reported to have a formidable offensive cyber-war-fighting capability."

I smell political motives. 

Reverse it: Iran is Patient Zero, self-infected.  Anyone hacking into Iran's networks then becomes infected.  Since it's Iran's virus, no Iranian system will be affected.

[Golden Applesauce]

The appearance of Stuxnet created a ripple of amazement among computer security experts. Too large, too encrypted, too complex to be immediately understood, it employed amazing new tricks, like taking control of a computer system without the user taking any action or clicking any button other than inserting an infected memory stick. Experts say it took a massive expenditure of time, money, and software engineering talent to identify and exploit such vulnerabilities in industrial control software systems.

It employs the amazing new trick of requiring the victim to physically insert an infected memory stick?

We're screwed.



In all seriousness, this probably isn't the global meltdown strike you're looking for, CB.  If the experts say it's looking for a very specific target, then it probably is.  That, and nobody with the resources to put this together is terribly interested in the economy shutting down once and for all.

I don't habeeb it.

It really could be from anywhere and targeting anywhere. All of the countries effective have some potential of being either originator or target. It was pointed out that the program uses English for file names, but that doesn't automatically point to US origin- I think I heard somewhere that English is a default language for computer programmers due to it's versatility. The only thing that suggest US origin is confirmation that the US has the capability of creating it.

The 007 reference was English, not American.  Bond, ya know?

foo is a standard generic name in computer science.  So I parse that filename as DEAD+FOO+7, not DEADF+007.

[Nephew Twiddleton]

I don't habeeb it.

It really could be from anywhere and targeting anywhere. All of the countries effective have some potential of being either originator or target. It was pointed out that the program uses English for file names, but that doesn't automatically point to US origin- I think I heard somewhere that English is a default language for computer programmers due to it's versatility. The only thing that suggest US origin is confirmation that the US has the capability of creating it.

The 007 reference was English, not American.  Bond, ya know?

Yeah, but 007 transcends Englishness in that the reference is global. Plus Bond has been played by a Scot as well as an Irishman.  

[Golden Applesauce]

Charley, I don't know how much we can trust the report, but:

"A geographical distribution of computers hit by Stuxnet, which Microsoft produced in July, found Iran to be the apparent epicenter of the Stuxnet infections. That suggests that any enemy of Iran with advanced cyber war capability might be involved, Langner says. The US is acknowledged to have that ability, and Israel is also reported to have a formidable offensive cyber-war-fighting capability."

I smell political motives. 

Reverse it: Iran is Patient Zero, self-infected.  Anyone hacking into Iran's networks then becomes infected.  Since it's Iran's virus, no Iranian system will be affected.

If it spreads by USB stick, not that likely.

[Adios]

The appearance of Stuxnet created a ripple of amazement among computer security experts. Too large, too encrypted, too complex to be immediately understood, it employed amazing new tricks, like taking control of a computer system without the user taking any action or clicking any button other than inserting an infected memory stick. Experts say it took a massive expenditure of time, money, and software engineering talent to identify and exploit such vulnerabilities in industrial control software systems.

It employs the amazing new trick of requiring the victim to physically insert an infected memory stick?

We're screwed.



In all seriousness, this probably isn't the global meltdown strike you're looking for, CB.  If the experts say it's looking for a very specific target, then it probably is.  That, and nobody with the resources to put this together is terribly interested in the economy shutting down once and for all.

I don't habeeb it.

It really could be from anywhere and targeting anywhere. All of the countries effective have some potential of being either originator or target. It was pointed out that the program uses English for file names, but that doesn't automatically point to US origin- I think I heard somewhere that English is a default language for computer programmers due to it's versatility. The only thing that suggest US origin is confirmation that the US has the capability of creating it.

The 007 reference was English, not American.  Bond, ya know?

foo is a standard generic name in computer science.  So I parse that filename as DEAD+FOO+7, not DEADF+007.

Okay, let's assume I just don't trust what I hear. I still think anyone capable of producing this not only has the ability to lay false trails but would do so.

Infect the sticks at the manufacturing source.

[Jasper]

That, and nobody with the resources to put this together is terribly interested in the economy shutting down once and for all.

That's why I don't believe it's going to be a worldwide event. 

[Nephew Twiddleton]

The appearance of Stuxnet created a ripple of amazement among computer security experts. Too large, too encrypted, too complex to be immediately understood, it employed amazing new tricks, like taking control of a computer system without the user taking any action or clicking any button other than inserting an infected memory stick. Experts say it took a massive expenditure of time, money, and software engineering talent to identify and exploit such vulnerabilities in industrial control software systems.

It employs the amazing new trick of requiring the victim to physically insert an infected memory stick?

We're screwed.



In all seriousness, this probably isn't the global meltdown strike you're looking for, CB.  If the experts say it's looking for a very specific target, then it probably is.  That, and nobody with the resources to put this together is terribly interested in the economy shutting down once and for all.

I don't habeeb it.

It really could be from anywhere and targeting anywhere. All of the countries effective have some potential of being either originator or target. It was pointed out that the program uses English for file names, but that doesn't automatically point to US origin- I think I heard somewhere that English is a default language for computer programmers due to it's versatility. The only thing that suggest US origin is confirmation that the US has the capability of creating it.

The 007 reference was English, not American.  Bond, ya know?

foo is a standard generic name in computer science.  So I parse that filename as DEAD+FOO+7, not DEADF+007.

Okay, let's assume I just don't trust what I hear. I still think anyone capable of producing this not only has the ability to lay false trails but would do so.

Infect the sticks at the manufacturing source.

I assumed the same thing. It seems a little convenient that the language suggests Anglosphere origin and Iran is one of the infected countries.

Infection at the manufacturing source is pretty interesting, and would probably be hard to trace. It would also guarantee that the program would propagate across a long range of computers.

Is it confirmed that the program can only spread through a thumbdrive? It's a good starting point but might not have the best success at reaching its target if it is only spread that way.

[Adios]

That, and nobody with the resources to put this together is terribly interested in the economy shutting down once and for all.

That's why I don't believe it's going to be a worldwide event. 

Devils Advocate.

If I controlled all of that, why would I concern myself with something as insignificant as the economy?

[Elder Iptuous]

no matter what your status is, the world economy is not insignificant...

[Jasper]

Well, most things this sophisticated and organized tend to have roots in profitability, which leads me to suspect mere industry sabotage.

[Adios]

Paging Captain Nemo....