Computer security experts are studying a scary new cyber weapon: A software smart bomb that may have been crafted to find and sabotage a nuclear facility in Iran.
Malicious software, or malware, dubbed “Stuxnet” is able to recognize a specific facility’s control network and then destroy it, according to German computer security researcher Ralph Langner.
“Welcome to cyber war,” Langner said in a post at his Web site. “This is sabotage.”
Langner has been analyzing Stuxnet since it was discovered in June and said the code had a technology fingerprint of the control system it was seeking and would go into action automatically when it found its target.
“It’s pretty amazing,” James Lewis, a senior fellow at the Center for Strategic and International Studies, said on Thursday. “It looks like more than simple cyber espionage.”
Stuxnet was tailored for Siemens supervisory control and data acquisition (SCADA) systems commonly used to manage water supplies, oil rigs, power plants and other industrial facilities.
It traveled by sneaking onto USB memory sticks and was able to thereby hop from system to system without needing the Internet, according to Roel Schouwenberg, senior anti-virus researcher at Kaspersky Lab Americas.
Stuxnet is considered a malware “worm” because it burrows from machine to machine, replicating itself on the way.
Once in a computer system running on Windows software, Stuxnet checked for any of three Siemens SCADA programmable logic controllers (PLCs) that manage functions, such as cooling or turbine speed, Schouwenberg said.
If there was a match, Stuxnet automatically took over control of the PLC and hid any changes from workers operating or managing a system, Schouwenberg said.
“When the operator looks at the plant, everything will look just fine,” Schouwenberg said. “Meanwhile, the machine will be overloading. Its ultimate goal is cyber sabotage.”
“Stuxnet manipulates a fast running process,” Langner explained at his Web site. “We can expect that something will blow up soon. Something big.”
The software saboteur has been found lurking on systems in India, Indonesia, Pakistan and elsewhere, but the heaviest infiltration appeared to be in Iran, according to software security researchers.
“This was assembled by a highly qualified team of experts, involving some with specific control system expertise,” Langner said.
“This is not some hacker sitting in the basement of his parents’ house. The resources needed to stage this attack point to a nation state,” Langner added.
The pattern of spread correlated somewhat with jobs handled by a firm commissioned to work at nuclear facilities, according to researchers.
Langner suspected Stuxnet’s mark was the Bushehr nuclear facility in Iran. Unspecified problems have been blamed for a delay in getting the facility fully operational.
On Aug. 31, Iranian atomic chief Ali Akbar Salehi blamed “severe hot weather” for a delay in moving fuel rods into its Russian-built first nuclear power plant.
“Look at the Iranian nuclear program,” Langner said. “Strange — they are presently having some technical difficulties down there in Bushehr.”
There have been Stuxnet infections all over the world and it was impossible to be certain the target was Iran, Schouwenberg cautioned.
Stuxnet creators left plenty of clues in the malware, giving the impression they did not fear being caught, according to Langner.
“The whole attack only makes sense within a very limited timeframe,” Langner said. “After Stuxnet is analyzed, the attack won’t work any more. It’s a one-shot weapon.”
STEPPING UP: Diminished US polar science presence mean opportunities for the UK and other countries, although China or Russia might also fill that gap, a researcher said The UK’s flagship polar research vessel is to head to Antarctica next week to help advance dozens of climate change-linked science projects, as Western nations spearhead studies there while the US withdraws. The RRS Sir David Attenborough, a state-of-the-art ship named after the renowned British naturalist, would aid research on everything from “hunting underwater tsunamis” to tracking glacier melt and whale populations. Operated by the British Antarctic Survey (BAS), the country’s polar research institute, the 15,000-tonne icebreaker — boasting a helipad, and various laboratories and gadgetry — is pivotal to the UK’s efforts to assess climate change’s impact there. “The saying goes
Police in China detained dozens of pastors of one of its largest underground churches over the weekend, a church spokesperson and relatives said, in the biggest crackdown on Christians since 2018. The detentions, which come amid renewed China-US tensions after Beijing dramatically expanded rare earth export controls last week, drew condemnation from US Secretary of State Marco Rubio, who on Sunday called for the immediate release of the pastors. Pastor Jin Mingri (金明日), founder of Zion Church, an unofficial “house church” not sanctioned by the Chinese government, was detained at his home in the southern city of Beihai on Friday evening, said
Floods on Sunday trapped people in vehicles and homes in Spain as torrential rain drenched the northeastern Catalonia region, a day after downpours unleashed travel chaos on the Mediterranean island of Ibiza. Local media shared videos of roaring torrents of brown water tearing through streets and submerging vehicles. National weather agency AEMET decreed the highest red alert in the province of Tarragona, warning of 180mm of rain in 12 hours in the Ebro River delta. Catalan fire service spokesman Oriol Corbella told reporters people had been caught by surprise, with people trapped “inside vehicles, in buildings, on ground floors.” Santa Barbara Mayor Josep Lluis
TICKING CLOCK: A path to a budget agreement was still possible, the president’s office said, as a debate on reversing an increase of the pension age carries on French President Emmanuel Macron yesterday was racing to find a new prime minister within a two-day deadline after the resignation of outgoing French Prime Minister Sebastien Lecornu tipped the country deeper into political crisis. The presidency late on Wednesday said that Macron would name a new prime minister within 48 hours, indicating that the appointment would come by this evening at the latest. Lecornu told French television in an interview that he expected a new prime minister to be named — rather than early legislative elections or Macron’s resignation — to resolve the crisis. The developments were the latest twists in three tumultuous
RSS