Stuxnet: An actual Cyber attack weapon

[Elder Iptuous]

romantic, but unlikely, don't you think?

[Adios]

In all honesty, I find this entire concept unlikely.

[Elder Iptuous]

entire concept?
you mean a SCADA attack?
why?

[Adios]

entire concept?
you mean a SCADA attack?
why?

Not a SCADA attack, no. A big issue in this particular report is the utter dependency on one Siemiens PLC device. Seriously, doesn't that strike you as odd?

[Adios]

Got quiet in here.

[Requia ☣]

Is it confirmed that the program can only spread through a thumbdrive? It's a good starting point but might not have the best success at reaching its target if it is only spread that way.

Viruses used to spread like mad through floppy disks, I don't see why a thumb drive would have any less effect as long as this thing still infects home systems to get its infected base high enough.

[Adios]

Is it confirmed that the program can only spread through a thumbdrive? It's a good starting point but might not have the best success at reaching its target if it is only spread that way.

Viruses used to spread like mad through floppy disks, I don't see why a thumb drive would have any less effect as long as this thing still infects home systems to get its infected base high enough.

Almost without exception all line control systems have very strict rules about ANY outside devices being stuck in holes.

[Elder Iptuous]

entire concept?
you mean a SCADA attack?
why?

Not a SCADA attack, no. A big issue in this particular report is the utter dependency on one Siemiens PLC device. Seriously, doesn't that strike you as odd?

oh yeah....
also,
i noticed in the wiki article about stuxnet that it says that the software relies on using default passwords in the Siemens PLCs, too, but Siemens has advised not changing them from default because "it could impact plant operations"....
lol.

[Adios]

entire concept?
you mean a SCADA attack?
why?

Not a SCADA attack, no. A big issue in this particular report is the utter dependency on one Siemiens PLC device. Seriously, doesn't that strike you as odd?

oh yeah....
also,
i noticed in the wiki article about stuxnet that it says that the software relies on using default passwords in the Siemens PLCs, too, but Siemens has advised not changing them from default because "it could impact plant operations"....
lol.

I was a plant tech for 25 years and the plant electrician for most of those. PLC's fail. They can be replaced WITHOUT blowing up the plant.

The more critical a system the more safeguards and bypass systems it has.

[Adios]

I don't know how much redundancy something like a nuclear plant would have, but I bet one failed PLC wouldn't do shit.

[Elder Iptuous]

i would think a sophisticated software would take that into account.
if it requires intimate knowledge of the systems involved, why would it limit itself to only one part of a redundant system?

[Adios]

i would think a sophisticated software would take that into account.
if it requires intimate knowledge of the systems involved, why would it limit itself to only one part of a redundant system?

Once Stuxnet identifies the critical function running on a programmable logic controller, or PLC, made by Siemens, the giant industrial controls company, the malware takes control. One of the last codes Stuxnet sends is an enigmatic "DEADF007."

Also in almost all cases there are manual overrides and bypasses.

[Nephew Twiddleton]

Got quiet in here.

I was stuck trying to wade through another thread. In retrospect should have stayed here.

[Adios]

Well, if it's an actual attack, I would look to Siemens competitors in the PLC market. Trying to sell their PLC's.

DEADFOO7 doesn't sound like an executable command but instead a diagnostic code.

[Nephew Twiddleton]

Is it confirmed that the program can only spread through a thumbdrive? It's a good starting point but might not have the best success at reaching its target if it is only spread that way.

Viruses used to spread like mad through floppy disks, I don't see why a thumb drive would have any less effect as long as this thing still infects home systems to get its infected base high enough.

Almost without exception all line control systems have very strict rules about ANY outside devices being stuck in holes.

This. It strikes me that if there is some sort of network to be targeted in a sensitive industry or whatever, it would be hard to spread it to that system without turning an employee and having them infect the computer themself. I know that at VA hospitals you can have outside devices confiscated. I would think that an Iranian nuclear plant would not be less secure than a VA hospital.

This makes Charley's suggestion that the infection point might be the manufacturing plant more likely- provided that the company that supplied thumbdrives to high security Iranian targets was known and could be sufficiently convinced to include the programming, which is not unlikely at all.