Author Topic: Pentagon Silent on Iranian Nuke Virus  (Read 951 times)

0 Members and 5 Guests are viewing this topic.

Offline teamnelson

  • Trade Count: (30)
  • Senior Member
  • *****
  • Posts: 4487
  • Gender: Male
Pentagon Silent on Iranian Nuke Virus
« on: September 27, 2010, 02:02:24 PM »
http://liveshots.blogs.foxnews.com/2010/09/27/pentagon-silent-on-iranian-nuke-virus/

Quote
The Pentagon is refusing to comment on widespread accusations that it is responsible for coordinating a cyber-attack against Iran's nuclear facilities. Earlier this month the Iranians acknowledged the "Stuxnet Worm" had invaded software it uses at multiple nuclear production plants.

I hope some E-4 in a dark office in front of a glowing screen somewhere is getting a medal.  ;D
held fast

Offline Hooker

  • Trade Count: (2)
  • Senior Member
  • *****
  • Posts: 1581
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #1 on: September 27, 2010, 02:04:24 PM »
LOL ahh yup ;D
" In the beginning of change, the patriot is a brave and scarce man,hated and scorned. when the cause succeeds however,the timid join him...for then it cost nothing to be a patriot. "
-Mark Twain
"What country can preserve its liberties if its rulers are not warned from time to time that their people preserve the spirit of resistance? Let them take arms."
-- Thomas Jefferson to William Stephens Smith, 1787. ME 6:373, Papers 12:356

Offline powderman

  • Trade Count: (0)
  • Senior Member
  • *****
  • Posts: 32823
  • Gender: Male
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #2 on: September 27, 2010, 02:21:37 PM »
HEH. Maybe it could be hacked to make all their rockets act like a BOOMerang. POWDERMAN.  :D :D
Mr. Charles Glenn “Charlie” Nelson, age 73, of Payneville, KY passed away Thursday, October 14, 2021 at his residence. RIP Charlie, we'll will all miss you. GB

Only half the people leave an abortion clinic alive.
http://www.youtube.com/watch?v=MAiOEV0v2RM
What part of ILLEGAL is so hard to understand???
I learned everything about islam I need to know on 9-11-01.
http://www.thereligionofpeace.com/
http://www.youtube.com/watch?v=TDqmy1cSqgo
http://www.youtube.com/watch?v=_u9kieqGppE&feature=related
http://www.illinois.gov/gov/contactthegovernor.cfm

Offline Pat/Rick

  • Trade Count: (0)
  • Senior Member
  • *****
  • Posts: 1935
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #3 on: September 27, 2010, 02:26:34 PM »
Perhaps the next u.n. meeting, the USA will give him a statement of denial as it never really happened.  ;)   ;D

Maybe that E-4 is now an E-5?   ;)

Offline powderman

  • Trade Count: (0)
  • Senior Member
  • *****
  • Posts: 32823
  • Gender: Male
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #4 on: September 27, 2010, 02:35:16 PM »
Quote
Maybe that E-4 is now an E-5?



I Hope. POWDERMAN.  ;D ;D
Mr. Charles Glenn “Charlie” Nelson, age 73, of Payneville, KY passed away Thursday, October 14, 2021 at his residence. RIP Charlie, we'll will all miss you. GB

Only half the people leave an abortion clinic alive.
http://www.youtube.com/watch?v=MAiOEV0v2RM
What part of ILLEGAL is so hard to understand???
I learned everything about islam I need to know on 9-11-01.
http://www.thereligionofpeace.com/
http://www.youtube.com/watch?v=TDqmy1cSqgo
http://www.youtube.com/watch?v=_u9kieqGppE&feature=related
http://www.illinois.gov/gov/contactthegovernor.cfm

Offline MGMorden

  • Trade Count: (3)
  • Senior Member
  • *****
  • Posts: 2093
  • Gender: Male
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #5 on: September 27, 2010, 04:44:36 PM »
You'll see more and more of this as time goes on. Cyberwarfare is becoming increasingly important.

I must say though, how stupid do you have to be to connect a system THAT critical to the INTERNET?  Anything that important should have LAN access only - there should be no trace of network cable that leads from something like that back to the WAN. 

Given that it was Iran twas a good thing mind you - just boggles me that they were that inept.

Offline teamnelson

  • Trade Count: (30)
  • Senior Member
  • *****
  • Posts: 4487
  • Gender: Male
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #6 on: September 27, 2010, 05:17:40 PM »
Where I work sorta sets the bar for cyber, and it's not enough to simply be disconnected from the Internet. I'd love to know what all was involved in this caper.

We (the US) are VERY vulnerable, particularly infrastructure like power, transportation, etc. and many of those systems are independent.
held fast

Offline MGMorden

  • Trade Count: (3)
  • Senior Member
  • *****
  • Posts: 2093
  • Gender: Male
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #7 on: September 27, 2010, 05:34:41 PM »
Where I work sorta sets the bar for cyber, and it's not enough to simply be disconnected from the Internet.

Only other way would be to have an inside agent sneak it in (which certainly is a possibility).  No WAN (Internet) access eliminates remote deployment as an option though, so long as you're sure that there's no direct OR indirect access (ie, even if your server is off the WAN, if it's on the same LAN as other systems with WAN access then if the 2nd system is compromised from outside then you can piggyback to the server).

Offline teamnelson

  • Trade Count: (30)
  • Senior Member
  • *****
  • Posts: 4487
  • Gender: Male
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #8 on: September 27, 2010, 07:35:55 PM »
The virus targets siemens industrial hardware at the os level, not strictly computers or servers. It could've been introduced by barcode, IR, microwave, teletext, RFID ... any one of a number atypical "cyber" approaches. And of course wetware. All I can say is, nice shot.
held fast

Offline MGMorden

  • Trade Count: (3)
  • Senior Member
  • *****
  • Posts: 2093
  • Gender: Male
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #9 on: September 27, 2010, 08:15:12 PM »
The virus targets siemens industrial hardware at the os level, not strictly computers or servers. It could've been introduced by barcode, IR, microwave, teletext, RFID ... any one of a number atypical "cyber" approaches. And of course wetware. All I can say is, nice shot.

Most likely of those would be the wetware option (ie, either an inside agent or some clever social engineering).  Barcodes, IR, RFID etc are typically data-only inputs.  You get information in but without a specific targetable vulnerability such as a possible stack overflow (which would be very difficult for a barcode reader given that input it reads will either be fixed-length or of a very limited-length) you'll never get it to actually execute at all, much less with the privileges needed to access anything critical.  A lot of the more creative methods of delivery are seen in Hollywood films but not so much in real life - just doesn't work that way. 

PS: Yep, just did a bit of research on this one.  It's initially spread through a USB flash drive which would have to be inserted into a computer on-site.  That could have been an inside person. Maybe not.  There was a study recently that showed that a ton of people in a typical office would plug in a USB drive they just found on the ground.

Of interest though: this is a Windows-only virus.  Again, incredibly stupid of them to be running critical infrastructure on one of the most insecure OS's in the world.  I'd bet a pile of nickels that if they'd built this system on OpenBSD the system wouldn't have been compromised.  In the 15 years since it was created, OpenBSD has had only TWO remotely exploitable security vulnerabilities discovered (the last of which was corrected back in 2007).  Compare that with Windows with new ones being discovered seemingly every day (this Stuxnet worm took advantage of 4 different known vulnerabilities).

Offline saddlebum

  • Trade Count: (0)
  • Senior Member
  • *****
  • Posts: 1694
  • Gender: Male
  • "I ain't never been killed in my life."
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #10 on: September 27, 2010, 08:55:31 PM »
HEH. Maybe it could be hacked to make all their rockets act like a BOOMerang. POWDERMAN.  :D :D


YOU CRACK ME UP !!!   :D

When I read that I got this little Monty Python movie playing in my head of a missle doing a U-turn and heading straight at Achmadoofus.   ;D
" FIREARMS STAND NEXT IN IMPORTANCE TO THE CONSTITUTION ITSELF. THEY ARE THE AMERICAN PEOPLE'S LIBERTY TEETH AND KEYSTONE UNDER INDEPENDENCE."       George Washington

“OUR CONSTITUTION WAS MADE ONLY FOR A MORAL AND RELIGIOUS PEOPLE. IT IS WHOLLY INADEQUATE TO THE GOVERNMENT OF ANY OTHER."           John Adams

Offline wreckhog

  • Trade Count: (55)
  • Senior Member
  • *****
  • Posts: 2997
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #11 on: September 28, 2010, 02:16:12 AM »
Nice work Obama. I have no doubt that he signed off on this.

Offline billy_56081

  • GBO Supporter
  • Trade Count: (5)
  • Senior Member
  • *****
  • Posts: 8575
  • Gender: Male
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #12 on: September 28, 2010, 02:51:01 AM »
Hey I'm going to use someone elses famous line here, I bet the Jews did it. And good for them.
99% of all Lawyers give the other 1% a bad name. What I find hilarious about this is they are such an arrogant bunch, that they all think they are in the 1%.

Offline gypsyman

  • Trade Count: (1)
  • Senior Member
  • *****
  • Posts: 4852
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #13 on: September 28, 2010, 03:26:17 AM »
I'm with Billy on this one. The big O wouldn't try anything to pi** off his buddies. Isreal did it. gypsyman
We keep trying peace, it usually doesn't work!!Remember(12/7/41)(9/11/01) gypsyman

Offline powderman

  • Trade Count: (0)
  • Senior Member
  • *****
  • Posts: 32823
  • Gender: Male
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #14 on: September 28, 2010, 03:58:52 AM »
I'm with Billy on this one. The big O wouldn't try anything to pi** off his buddies. Isreal did it. gypsyman


YEP. Osamas not going to take that chance. POWDERMAN.  :D :D
Mr. Charles Glenn “Charlie” Nelson, age 73, of Payneville, KY passed away Thursday, October 14, 2021 at his residence. RIP Charlie, we'll will all miss you. GB

Only half the people leave an abortion clinic alive.
http://www.youtube.com/watch?v=MAiOEV0v2RM
What part of ILLEGAL is so hard to understand???
I learned everything about islam I need to know on 9-11-01.
http://www.thereligionofpeace.com/
http://www.youtube.com/watch?v=TDqmy1cSqgo
http://www.youtube.com/watch?v=_u9kieqGppE&feature=related
http://www.illinois.gov/gov/contactthegovernor.cfm

Offline wreckhog

  • Trade Count: (55)
  • Senior Member
  • *****
  • Posts: 2997
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #15 on: September 28, 2010, 04:42:07 AM »
So you prefer to believe that Israel runs the Pentagon not the CINC?

Offline MGMorden

  • Trade Count: (3)
  • Senior Member
  • *****
  • Posts: 2093
  • Gender: Male
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #16 on: September 28, 2010, 05:09:43 AM »
So you prefer to believe that Israel runs the Pentagon not the CINC?

If Israel did it then it wasn't the Pentagon.  The only evidence leading back to the US Government is the complexity of the worm and motives.  It would have taken far too much time for a hobbyist to have created this, hence the suspicion that it was a government.  The US is a prime possibility, but Israel and several others are perfectly possible too. 

Offline wreckhog

  • Trade Count: (55)
  • Senior Member
  • *****
  • Posts: 2997
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #17 on: September 28, 2010, 05:34:12 AM »
Israel is noted for a lot of ex-military software startups. That is about it. They have never been noted for hacking. More wireless. They do have a couple of nuke plants to test on.

Contrast this with China, where hacking both Chinese and other websites is a national hobby. You can even go into shops and buy viruses.

Offline SHOOTALL

  • Trade Count: (0)
  • Senior Member
  • *****
  • Posts: 23836
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #18 on: September 28, 2010, 06:05:22 AM »
Israel is noted for a lot of ex-military software startups. That is about it. They have never been noted for hacking. More wireless. They do have a couple of nuke plants to test on.

Contrast this with China, where hacking both Chinese and other websites is a national hobby. You can even go into shops and buy viruses.
Maybe they haven't got caught .  ;D thus not noted for it ! ;)
If ya can see it ya can hit it !

Offline MGMorden

  • Trade Count: (3)
  • Senior Member
  • *****
  • Posts: 2093
  • Gender: Male
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #19 on: September 28, 2010, 06:35:36 AM »
Israel is noted for a lot of ex-military software startups. That is about it. They have never been noted for hacking. More wireless. They do have a couple of nuke plants to test on.

Contrast this with China, where hacking both Chinese and other websites is a national hobby. You can even go into shops and buy viruses.

Trust me, there are smart people in just about every country.  There has been lots of software work being farmed out to poorer parts of Africa recently as India was starting to cost too much for the people outsourcing it.

Pick almost any government on this planet and I'd bet they could assembly a team capable of writing and delivering this.  It's more a question of motive and fear (or lack thereof) of retaliation then looking at the overall technical prowess of the country. 

Offline wreckhog

  • Trade Count: (55)
  • Senior Member
  • *****
  • Posts: 2997
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #20 on: September 28, 2010, 07:19:34 AM »
That goes against the premise of the original post. Pretty soon, we are going to be looking for a patriotic 5th grader coding on his school library PC.

Offline wreckhog

  • Trade Count: (55)
  • Senior Member
  • *****
  • Posts: 2997
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #21 on: September 28, 2010, 07:27:27 AM »
Fun, possibly true, factoid. Bill Gates, before he dropped out of Harvard, was a high school geek. Instead of mowing lawns and delivering newspapers, he was an independant consultant. Job? Programming control systems for the local utility company. Of course, it was a heck of a lot simpler then.

Offline MGMorden

  • Trade Count: (3)
  • Senior Member
  • *****
  • Posts: 2093
  • Gender: Male
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #22 on: September 28, 2010, 07:58:56 AM »
Quote
That goes against the premise of the original post. Pretty soon, we are going to be looking for a patriotic 5th grader coding on his school library PC.

Not at all.  The premise of saying it was likely a country is the effort involved.  It would have taken a single person a year - possibly several - working day in and day out to develop something this sophisticated.  A 5th grader isn't likely to have that type of attention span and motive.  Even your run of the mill hacker doing it for fun isn't going to put in that level of effort to specifically spy on technical industry.

The fingers pointing to governments as producing this isn't one of capability, it's one of motivation.  With the work involved you practically have to have some political and/or military motivations behind it.  Mere interest or patriotism isn't likely to cut it.

Fun, possibly true, factoid. Bill Gates, before he dropped out of Harvard, was a high school geek. Instead of mowing lawns and delivering newspapers, he was an independant consultant. Job? Programming control systems for the local utility company. Of course, it was a heck of a lot simpler then.

Not all that rare.  I did much the same thing in high school.  Built and repaired computers for people.  Even wrote a few programs here and there for various companies in the area (simple stuff like something to track their employees clocking in and out of work).  It was good money on the side at that age.

Offline teamnelson

  • Trade Count: (30)
  • Senior Member
  • *****
  • Posts: 4487
  • Gender: Male
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #23 on: September 28, 2010, 08:04:35 AM »
The great thing about cyberwar is there are literally millions of hobbyists, many of whom work in private network security, cluttering up the battlespace so actual attribution is near impossible to pin down. And they flood blogs, forums & chatrooms with so much speculation in an officious tone that it serves to obscure the event. It's like the trains in London, predictable & reliable. Serves a purpose.

And I seriously doubt Obama signs off on much of anything my agency or the subordinate units of cybercom specifically does. He personally does not meet the traditional requirements for access to certain information, like Clinton before him, nor does he have the time to be briefed on every activity with so many other priorities.

OBTW, the US was also targeted, as well as Indonesia. Hmm.
held fast

Offline MGMorden

  • Trade Count: (3)
  • Senior Member
  • *****
  • Posts: 2093
  • Gender: Male
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #24 on: September 28, 2010, 08:26:08 AM »
OBTW, the US was also targeted, as well as Indonesia. Hmm.

And Germany apparently.

Offline myronman3

  • Moderator
  • GBO Supporter
  • Trade Count: (1)
  • Senior Member
  • *****
  • Posts: 4837
  • Gender: Male
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #25 on: September 28, 2010, 08:30:44 AM »
the russians built it for them, took their money, then pushed the  self destruct button after the check cleared.    the bear dont play. 

Offline wreckhog

  • Trade Count: (55)
  • Senior Member
  • *****
  • Posts: 2997
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #26 on: September 28, 2010, 08:49:04 AM »
The great thing about cyberwar is there are literally millions of hobbyists, many of whom work in private network security, cluttering up the battlespace so actual attribution is near impossible to pin down. And they flood blogs, forums & chatrooms with so much speculation in an officious tone that it serves to obscure the event. It's like the trains in London, predictable & reliable. Serves a purpose.

And I seriously doubt Obama signs off on much of anything my agency or the subordinate units of cybercom specifically does. He personally does not meet the traditional requirements for access to certain information, like Clinton before him, nor does he have the time to be briefed on every activity with so many other priorities.

OBTW, the US was also targeted, as well as Indonesia. Hmm.
You don't think that O would have to sign off on an attack on Iran? Who would then?

 Viruses attack everywhere. However, their target appears to be Iran. Of course, now that it is out there, every 5th grader will be tweaking it to turn on the sprinklers in the girl's locker room too. Are there girl locker rooms in iran?

Offline teamnelson

  • Trade Count: (30)
  • Senior Member
  • *****
  • Posts: 4487
  • Gender: Male
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #27 on: September 28, 2010, 09:53:28 AM »
You don't think that O would have to sign off on an attack on Iran? Who would then?

Obama, like the Bushes before him, was an advocate of the consolidation of all US Cyber efforts under a single command. This may be one of a couple things Obama supports that I agree with, as it is the logical progression of future war. Part of the charter of CYBERCOM is cyber attack, along with cyber protect. No, Obama does not sign off on the millions of single incidences of cyber attack or protect that go on in a given fiscal year - he signed off on the existence of an entity who performs those functions. There are layers of oversight, regulation, including congressional review and DOJ task forces, who define very clearly operational parameters in an effort to keep it accountable.

I think a lot of people are very ignorant of what the President does and does not know. Given the size of government, the complexity of the issues, and how many moving parts are at play, the President doesn't really know much, and this one in particular. At his level its simply, "slow Iran down." and from that all the entities interpret their personal contribution to the effort.
held fast

Offline wreckhog

  • Trade Count: (55)
  • Senior Member
  • *****
  • Posts: 2997
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #28 on: September 28, 2010, 11:55:41 AM »
So who signs off on a specific attack on Iran? Do some risk management. Have a decimal point in the wrong place and you have another Chernobyl. I have a hard believing that is below anyone's paygrade. Fix the economy, fix healthcare, fix immigration, fix Muslims, fix America, fix the stock market, if that is all you have to say before you go to lunch, anyone could be President, as well as keep their old job.


The President as Commander In Chief gives the US military its orders, which all members of the military are obligated to carry out as ordered. The President out-ranks all other military officers and makes the decisions on the highest level. Or as George W. Bush once said, he is the decider.

Offline teamnelson

  • Trade Count: (30)
  • Senior Member
  • *****
  • Posts: 4487
  • Gender: Male
Re: Pentagon Silent on Iranian Nuke Virus
« Reply #29 on: September 28, 2010, 01:58:41 PM »
So who signs off on a specific attack on Iran? Do some risk management. Have a decimal point in the wrong place and you have another Chernobyl. I have a hard believing that is below anyone's paygrade. Fix the economy, fix healthcare, fix immigration, fix Muslims, fix America, fix the stock market, if that is all you have to say before you go to lunch, anyone could be President, as well as keep their old job.

So what you're saying is the US govt is a flat organization, and all of us in it report directly to him and he is personally aware of, guiding & directing every action we take? No. That's not the way it works. And yes, the primary function of the President is only to cast the vision, and surround himself with people who ensure implementation. He does not micromanage all operations. We have checks & balances for this specific reason.

The President as Commander In Chief gives the US military its orders, which all members of the military are obligated to carry out as ordered. The President out-ranks all other military officers and makes the decisions on the highest level. Or as George W. Bush once said, he is the decider.
[/quote]

His orders are in the form of desired-end-state, not in step by step implementation. And he is bound by the Constitution and the balance of power with the Legislative and Judicial branches ... and his oath. And if his desired end state is untenable, then it gets kicked back. To imagine that he issues all direct orders given in a day within the entirety of the government is ludicrous.
held fast