Advertisement: The new Mac Pro. Now with up to 12 cores of processing power. From $2499. Fast, free shipping.
“The Stuxnet computer worm spreads through previously unknown holes in Microsoft’s Windows operating system and then looks for a type of software made by Siemens and used to control industrial components, including valves and brakes,” Menn and Watkins report. “Stuxnet can hide itself, wait for certain conditions and give new orders to the components that reverse what they would normally do, the experts said. The commands are so specific that they appear aimed at an industrial sector, but officials do not know which one or what the affected equipment would do.”
Menn and Watkins report, “At a closed-door conference this week in Maryland, Ralph Langner, a German industrial controls safety expert, said Stuxnet might be targeting not a sector but perhaps only one plant, and he speculated that it could be a controversial nuclear facility in Iran. According to Symantec, which has been investigating the virus and plans to publish details of the rogue commands on Wednesday, Iran has had far more infections than any other country.”
“Experts say Stuxnet’s knowledge of Microsoft’s Windows operating system, the Siemens program and the associated hardware of the target industry make it the work of a well-financed, highly organised team,” Menn and Watkins report. “They suggest that it is most likely associated with a national government and that terrorism, ideological motivation or even extortion cannot be ruled out.”
Full article here.
John Markoff reports for The New York Times that Stuxnet “is continuing to spread through computer systems around the world through the Internet. It is also raising fear of dangerous proliferation. Stuxnet has laid bare significant vulnerabilities in industrial control systems. The program is being examined for clues not only by the world’s computer security companies, but also by intelligence agencies and countless hackers.”
Markoff reports, “‘Proliferation is a real problem, and no country is prepared to deal with it,’ said Melissa Hathaway, a former United States national cybersecurity coordinator. The widespread availability of the attack techniques revealed by the software has set off alarms among industrial control specialists, she said: ‘All of these guys are scared to death. We have about 90 days to fix this before some hacker begins using it.'”
Full article here.
Nicolas Falliere reports for Symantec, “Stuxnet infects Windows systems in its search for industrial control systems, often generically (but incorrectly) known as SCADA systems. Industrial control systems consist of Programmable Logic Controllers (PLCs), which can be thought of as mini-computers that can be programmed from a Windows system. These PLCs contain special code that controls the automation of industrial processes—for instance, to control machinery in a plant or a factory. Programmers use software (e.g., on a Windows PC) to create code and then upload their code to the PLCs.”
“Previously, we reported that Stuxnet can steal code and design projects and also hide itself using a classic Windows rootkit, but unfortunately it can also do much more. Stuxnet has the ability to take advantage of the programming software to also upload its own code to the PLC in an industrial control system that is typically monitored by SCADA systems,” Falliere reports. “In addition, Stuxnet then hides these code blocks, so when a programmer using an infected machine tries to view all of the code blocks on a PLC, they will not see the code injected by Stuxnet. Thus, Stuxnet isn’t just a rootkit that hides itself on Windows, but is the first publicly known rootkit that is able to hide injected code located on a PLC.”
“In particular, Stuxnet hooks the programming software, which means that when someone uses the software to view code blocks on the PLC, the injected blocks are nowhere to be found,” Falliere reports. “This is done by hooking enumeration, read, and write functions so that you can’t accidentally overwrite the hidden blocks as well.”
“Stuxnet contains 70 encrypted code blocks that appear to replace some ‘foundation routines’ that take care of simple yet very common tasks, such as comparing file times and others that are custom code and data blocks. Before some of these blocks are uploaded to the PLC, they are customized depending on the PLC,” Falliere reports. “By writing code to the PLC, Stuxnet can potentially control or alter how the system operates.”
Read more in the full article here.
MacDailyNews Take: The common denominator, as always, is Microsoft’s Windows.
[Thanks to MacDailyNews Reader “Patty D.” for the heads up.]
its probably some pissed off hacker eating hot pockets in his moms basement…
its probably some pissed off hacker eating hot pockets in his moms basement…
When will they ever learn..?
When will they ever learn..?
Reason no. 1,878,237 why windows sucks: nuclear accidents that cause WWW III.
Reason no. 1,878,237 why windows sucks: nuclear accidents that cause WWW III.
Sounds like this thing was put out by the CIA. Wait, that may be the entire plan by the CIA: give all our enemies Windows and then infect them with viruses while the US switches to Macs.
Sounds like this thing was put out by the CIA. Wait, that may be the entire plan by the CIA: give all our enemies Windows and then infect them with viruses while the US switches to Macs.
Ballmer commissioned this to stop the flow of crap out of Redmond. It escaped into the wild, and has now re-opened the pipeline of sewage from Microsoft (see Win phone7).
Ballmer commissioned this to stop the flow of crap out of Redmond. It escaped into the wild, and has now re-opened the pipeline of sewage from Microsoft (see Win phone7).
Compare this incident with the faux one about “antenna gate.”
Holy frikkin’ cow!
Compare this incident with the faux one about “antenna gate.”
Holy frikkin’ cow!
“Virus Bites Windows” — This is news?
“Virus Bites Windows” — This is news?
Lets see how many news services report this wrong or omit that Macs are unaffected.
Lets see how many news services report this wrong or omit that Macs are unaffected.
This is one of the many reasons why I own a Mac.
This is one of the many reasons why I own a Mac.
This real crap virus news is how m$oft gets their news / image out to the public!!! 🙁
Like a bad commercial!
iFeel4 those virus users, Not!
Buy a Mac! and $BUY AAPL stocks
” width=”19″ height=”19″ alt=”grin” style=”border:0;” />
This real crap virus news is how m$oft gets their news / image out to the public!!! 🙁
Like a bad commercial!
iFeel4 those virus users, Not!
Buy a Mac! and $BUY AAPL stocks
” width=”19″ height=”19″ alt=”grin” style=”border:0;” />
Israel would be my first choice.
The Pentagon would be my second choice.
Somebody who would gain by making making people believe it was either one of my previous choices would be my third choice.
You don’t want to hear my fourth choice, it involves Bil Gates, Steve Ballmer and Eric Schmidt, three cans of whipping cream and a pair of handcuffs…
Israel would be my first choice.
The Pentagon would be my second choice.
Somebody who would gain by making making people believe it was either one of my previous choices would be my third choice.
You don’t want to hear my fourth choice, it involves Bil Gates, Steve Ballmer and Eric Schmidt, three cans of whipping cream and a pair of handcuffs…
So at what point can the MS management be sent to Guantanamo Bay for aiding and assisting potential terrorists?
So at what point can the MS management be sent to Guantanamo Bay for aiding and assisting potential terrorists?
The fact that the inordinate number on infections happen to be in Iran should raise some eyebrows. I’m not sure that CIA would yet bother with this, however, MOSAD…?
Actually, the possible cost (in identifying and hiring the necessary manpower to develop this) associated with this isn’t that high, which means that any number of people or groups with some beef with Iran and their nuclear programme can afford to do this.
What makes the whole concept so scary is how relatively easy it is to inflict very serious damage to any major entity by developing Windows software.