Entering the age of cyber warfare
Entering the age of cyber warfare
If you haven't read about the "cyber missle" attack on Iran's nuclear program you might want to check this out http://www.digitaltrends.com/computing/ ... /?news=123 A little bit of a long read at two pages (for the internet) it's worth it to read the whole thing.
-
whatahutch
- Posts: 446
- Joined: Wed Oct 19, 2005 1:39 pm
Re: Entering the age of cyber warfare
That is the best way to take them out without using force. I heard about this about a month ago. I didn't read your link, but I heard it was the Russians doing it.
"Come to send, not condescend" - Eddie Vedder
Re: Entering the age of cyber warfare
Amazing story. I've read several good pieces on it in which the authors speculate about U.S., Israeli, German and Russian involvement.
-
the lurkist
- Posts: 2240
- Joined: Wed Nov 13, 2002 2:07 pm
Re: Entering the age of cyber warfare
Cool. Do it again.
"It really is all good ! My thinking only occasionally calls it differently..."
Normie
Normie
Re: Entering the age of cyber warfare
all your base are belong to us !
"Everyone should have a plan for the zombie apocolipse" Courtney
Re: Entering the age of cyber warfare
Larry if you haven't heard of Bruce Schneier you may be interested. He's one of the best forward thinking security authors out there. He's the guy who invented the term " security theater". Here's his take on Stuxnet: http://www.schneier.com/blog/archives/2 ... uxnet.html
Yo Ray jack dynomite! Listen to my beat box! Bew ch ch pff BEW ch ch pfff! Sweet!
-Horatio
-Horatio
Re: Entering the age of cyber warfare
Very interesting article. And his main point, that almost everything we read about Stuxnet is highly speculative is well taken.
The following is from a link provided in the comments to Schneier's article.
(stuxnet is a so far not seen publicly class of nation-state weapons-grade attack software. It is using four different zero-day exploits, two stolen certificates to get proper insertion into the operating system and a really clever multi-stage propagation mechanism, starting with infected USB-sticks, ending with code insertion into Siemens S7 SPS industrial control systems. One of the Zero-Days is a USB-stick exploit named LNK that works seamlessly to infect the computer the stick is put into, regardless of the Windows operating system version – from the fossile Windows 2000 to the most modern and supposedly secure Windows 7.
The stuxnet software is exceptionally well written, it makes very very sure that nothing crashes, no outward signs of the infection can be seen and, above all, it makes pretty sure that its final payload, which manipulates parameters and code in the SPS computer is only executed if it is very certain to be on the right system. In other words: it is extremly targeted and constructed and build to be as side-effect free as humanly possible. Words used by reverse engineers working on the the thing are “After 10 years of reverse-engineering malware daily, I have never ever seen anything that comes even close to this”, and from another “This is what nation states build, if their only other option would be to go to war”.)
The link: http://frank.geekheim.de/?p=1189
The following is from a link provided in the comments to Schneier's article.
(stuxnet is a so far not seen publicly class of nation-state weapons-grade attack software. It is using four different zero-day exploits, two stolen certificates to get proper insertion into the operating system and a really clever multi-stage propagation mechanism, starting with infected USB-sticks, ending with code insertion into Siemens S7 SPS industrial control systems. One of the Zero-Days is a USB-stick exploit named LNK that works seamlessly to infect the computer the stick is put into, regardless of the Windows operating system version – from the fossile Windows 2000 to the most modern and supposedly secure Windows 7.
The stuxnet software is exceptionally well written, it makes very very sure that nothing crashes, no outward signs of the infection can be seen and, above all, it makes pretty sure that its final payload, which manipulates parameters and code in the SPS computer is only executed if it is very certain to be on the right system. In other words: it is extremly targeted and constructed and build to be as side-effect free as humanly possible. Words used by reverse engineers working on the the thing are “After 10 years of reverse-engineering malware daily, I have never ever seen anything that comes even close to this”, and from another “This is what nation states build, if their only other option would be to go to war”.)
The link: http://frank.geekheim.de/?p=1189