back to article Meet Stuxnet's stealthier older sister: Super-bug turned Iran's nuke plants into pressure cookers

Newly published research has shined new light on super-malware Stuxnet's older sibling – which was also designed to wreck Iran's nuclear facilities albeit in a different way. The lesser-known elder strain of the worm, dubbed Stuxnet Mark I, dates from 2007 - three years before Stuxnet Mark II was discovered and well documented …

COMMENTS

This topic is closed for new posts.
  1. John Smith 19 Gold badge
    Unhappy

    Apart from being what most people would call an "Act of war"...

    This should make every country in the world on notice that whenever one of their strategic government programmes starts experiencing a convenient run of "bad luck," they should have this on their check list.

    I do hope Israel and the US behave as well when, say some of the hardware at Dimona, or the flight software of the F35 gets a little surreptitious "upgrade."

    Something tells me there will be major "Pacifier ejection event" from their respective national perambulators.

    1. 's water music

      Re: Apart from being what most people would call an "Act of war"...

      > This should make every country in the world on notice that whenever one of their strategic government programmes starts experiencing a convenient run of "bad luck," they should have this on their check list.

      So, has anyone ever checked out the credentials of the agencies that supply contractors for public sector IT projects?

    2. Can't think of anything witty...
      Mushroom

      Re: Apart from being what most people would call an "Act of war"...

      I'm really not sure what i think about this. On the one hand, it is definitely an act of aggression against a nation state and so yeah, it could be construed as an act of war.

      but at the same time, if you accept that the US wanted to derail the Iranian programme (yeah, i know this is quite a big if, it is probably not legal and raises a lot of moral questions) and diplomatic approaches are not working, then this is a great way of doing it.

      Because the other way (and one that Dubya was not worried about undertaking) is of course to drop a whole load of high explosives on it and try to slow it down that way. Doing it this way at least means that no-one got hurt - even though large quantities of hair may have been torn out...

      1. Ian 55

        " no-one got hurt "

        Well, no-one who mattered to the authors anyway.

        If people haven't been executed by Iran for suspicion of sabotage / lack of progress, I would be amazed.

    3. I ain't Spartacus Gold badge

      Re: Apart from being what most people would call an "Act of war"...

      I do hope Israel and the US behave as well when, say some of the hardware at Dimona, or the flight software of the F35 gets a little surreptitious "upgrade."

      John Smith 19,

      There is a difference here. At least in terms of the F35 software example. The authors of Stuxnet went to considerable trouble to not cause accidents, which they could have and might well have been dangerous. Whereas if you play with flight control software, real aeroplanes are going to fall out of the sky, and land on peoples' heads. Not to mention what it does to the pilots. That is a different quality of interference.

      At the same time not only were the US pursuing (successfully) UN sanctions against Iran for its nuclear program, but they were also offering (along with others) money and sweetners in order to allow Iran to operate a legitimate civillian nuclear infrastructure without proliferation risk.

      So it's not like they were acting totally carelessly, thoughtlessly or immorally. It's a reasonable well calibrated, multi-layered diplomatic initiative that may even bear fruit in the talks that are currently going on. And if so, bear fruit without anyone getting killed*. The alternatives probably being worse. Most likely an Israeli air attack on Iran, or a US one - given that most opinion seems to be Israel could only half do the job on its own, and as the US would take so much heat if it happened, they may as well step in and do the job properly. Or Iran getting the bomb - then Saudi also doing so, or some combination of all of them.

      Was the whole thing moral? In my opinion,yes. Foreign policy often isn't very nice. For good reasons. You're often steering between various unpleasant alternatives, and trying to push for the least horrible ones. Bombing Iran, in order to stop them aquiring nukes, can plausibly be described as worse than dealing with the consequences of Iran getting them. Particularly as it would probably take a lot of repeat bombing to keep them from just starting all over again. As Iran provides massive numbers of rockets for Hamas and Hizbollah to lob at Israeli civilians and is currently equipping and training Assad's troops in their continuing campaign to massacre their way to a regime survival, they're hardly in a position to complain about a bit of malware.

      *I'm assuming here that the Iranian nuclear scientists who've been assinated is down to Israel and not the US. Although it's perfectly possible that they were involved in that too, but it does look more Mossad's style.

      1. Grave

        Re: Apart from being what most people would call an "Act of war"...

        while "playing with fire gets you burned" applies

        unfortunately the real world version translates to:

        government douchebags play with fire, innocent civilians get burned.

        this #%^$ keeps looping over and over

        until civilian dissent reaches critical mass > then revolution > gov cleansing attempt > gov parasites scramble to hide like the roaches they are and when the lights are gone, crawl back and infect the society once again

      2. Richard 22
        Thumb Down

        Re: Apart from being what most people would call an "Act of war"...

        "There is a difference here. At least in terms of the F35 software example. The authors of Stuxnet went to considerable trouble to not cause accidents, which they could have and might well have been dangerous. Whereas if you play with flight control software, real aeroplanes are going to fall out of the sky, and land on peoples' heads. Not to mention what it does to the pilots. That is a different quality of interference."

        This argument doesn't hold water. Playing with a nuclear reactors safety systems is potentially a lot more dangerous to a lot more people than playing with an aircraft flight system. Yes they were careful - but equally you could be careful in the aircraft system scenario. Make the fuel gauge under-read amount of fuel left, for example, thus reducing their effective flight range. Make warning lights go on more than they should - give the aircraft an undeserved reputation for unreliability, causing an expensive and unnecessary re-procurement. That sort of thing.

        1. I ain't Spartacus Gold badge

          Re: Apart from being what most people would call an "Act of war"...

          Richard 22,

          Iran doesn't have a working nuclear reactor. Yet. It's been using centrifuges to enrich uranium to the purities required for theirs - which I believe they still haven't fueled, but is close to complete/completed.

          The problem is that once they've got that 20% uranium, it's a pretty easy step to then go up to weapons grade, by re-centrifuging (is that a real word?). Also, they were making more than it was thought required for the shiny new reactor, and had built a secret site with more modern centrifuges, that they failed to declare to the IAEA (as they are required to by the NNPT - to which they are a signatory). That's one of the reasons why the IAEA declared that they'd been running a secret program, in breach of their treaty obligations, and is why they're under economic sanctions.

        2. Anonymous Coward
          Anonymous Coward

          Re: Apart from being what most people would call an "Act of war"...

          "Make the fuel gauge under-read amount of fuel left"

          In theory the aircrew are supposed to correlate the amount of fuel purchased+loaded before take-off, with the reading showing on the fuel guages. And there are supposed to be other cross checks. So IN THEORY at least, a fuel gauge fault wouldn't be a big problem.

          Unfortunately historysays otherwise. Look up Gimli Glider - a 767 ran out of fuel owing to a string of "shouldn't happen" errors, and the crew, despite the lack of documentation and training for gliding a 767 in to land safely (!), managed to bring everyone home alive.

          "Make warning lights go on more than they should - give the aircraft an undeserved reputation for unreliability, causing an expensive and unnecessary re-procurement. "

          Even better might be have the fault logged falsely 99 times (some critical failure), and on the 100th, genuinely disable it. There's lots of potential mileage in something like that: "oh ignore it, it always does that".

      3. Anonymous Coward
        Anonymous Coward

        Re: Apart from being what most people would call an "Act of war"...

        Re. I Ain't Spartacus' question "Was the whole thing moral?"

        In the conduct of foreign policy, moral considerations are more often tools and debating points than they are objectives or constraints. The "community of nations" is not a kindergarten in which the nice teacher exercises control by agreed on authority and can send the uncompliant to the principal's office* for counseling. It is a quite nasty world in which the major players have gobs of guns, warships, attack planes and weapons of more or less mass destruction. A nonviolent ploy like the Stuxnets arguably is a better "next step" (on some scale) than bombing, burning, killing, pillage, and rape when the diplomatic approaches of negotiation and polite, understated bribery have failed. Distasteful it certainly is, but that probably is true also for targeted assassinations.

        * Or to the UN, unless the permanent Security Council members are in agreement.

  2. This post has been deleted by its author

    1. Anonymous Coward
      Anonymous Coward

      Re: How long...?

      I can see it now.

      Iran starts the court case and provides experts to testify, Iran ships experts to US and they disappear...

      1. Anomalous Cowturd
        Mushroom

        Re: How long...?

        Or a passing motorcyclist helpfully attaches a magnetic bomb to their car on the way to court.

    2. loneranger

      Re: How long...?

      Plausible deniability. We can neither confirm nor deny...

    3. The Man Who Fell To Earth Silver badge
      Boffin

      Re: How long...?

      To sue the US govrrnment for damages in a US court, the government has to agree to be sued. Under normal circumstances, this is granted. But often in National Security cases, it's not. In addition, the US hss been holding billions of dollars of seized Iranian assets since the Iranian revolution due to damage claims by US entities from the Iranians seizing property during their revolution. The bottom line is that the Iranians can't do squat in US courts until they decide to normalize relations with the US. And to do that, they need to start behaving in regards to nukes, terrorism, etc.

      1. Tom 13

        Re: until they decide to normalize relations with the US.

        That's a really key phrase. And most people forget what it means.

        Part of what it means, is that technically the US and Iran have been in a state of War since the Iranian revolution. In particular the seizure of the American Embassy during the revolution was the unprovoked Act of War against the US. These acts have never been remedied by formal cease fire or peace treaty. That further means that under international law, the US is well within allowed parameters to engage in whatever military actions it deems necessary to prevent further aggression.

        Given that context, Stuxnet and its antecedent are quite mild responses.

  3. Anonymous Coward
    Anonymous Coward

    It'll all end in tears...

  4. Peter Simpson 1
    Thumb Up

    Aside from the political and moral issues involved

    You really have to admire the quality of the technical work that went into making something this intricately designed.

    It's kinda like Bernie Madoff -- on one hand, he stole money from little old ladies, but on the other, he's the current holder of the world record for keeping a Ponzi scheme going. And he even managed to get it to pay for his retirement (though, granted, spending winters in the Med is probably off the table).

    1. Ian 55

      Re: Aside from the political and moral issues involved

      "I admire its purity. A survivor... unclouded by conscience, remorse, or delusions of morality."

  5. John Smith 19 Gold badge
    Coat

    Remember people "cyberwarfare" is a game for *any* size and number of players.

    IOW.

    First we had the arms race.

    Then the legs race.

    Now we have the brain race.

    Why yes that is a copy of "The Shockwave Rider" in my jacket pocket.

    1. Anonymous Blowhard

      Re: Remember people "cyberwarfare" is a game for *any* size and number of players.

      "Now we have the brain race."

      Oh dear; from what we've seen of government IT, the MoD and its suppliers, the UK is screwed.

      The MoD couldn't get malware written for an operating system within the lifetime of the software; they've probably just completed equipping themselves with an attack for the PDP-11.

      1. Hoe

        Re: Remember people "cyberwarfare" is a game for *any* size and number of players.

        I think the UK Brain is working fine, AKA, Let America do it, everyone hate's them already anyway, then they can just deny they knew anything about it too.

      2. Anonymous Coward
        Anonymous Coward

        Re: Remember people "cyberwarfare" is a game for *any* size and number of players.

        "The MoD couldn't get malware written for an operating system within the lifetime of the software".

        Nonsense, young man! Chinook Mk3 proves that they can get malware written, documented and installed. Admittedly only on their own aircraft, but they can do it.

        1. John Smith 19 Gold badge
          Unhappy

          Chinook Mk3

          "Nonsense, young man! Chinook Mk3 proves that they can get malware written, documented and installed. Admittedly only on their own aircraft, but they can do it."

          Indeed.

          A fine piece of "development" work. Yet another example of the MoD's "Oh we can't use anything off the shelf because our needs are so special."

          Still got to keep the (what is it?) 14000 staff in MoD procurement Bristol employed, eh?

        2. Anonymous Coward
          Anonymous Coward

          Re: Remember people "cyberwarfare" is a game for *any* size and number of players.

          "Chinook Mk3 proves that they can get malware written, documented and installed."

          I thought one of the documented problems with the Chinook FADEC (Mk2, 1994 crash, 29 fatalities, that one?) was that it wasn't properly documented. As in, for example, the documents on flight procedures for the crew (and for support staff?) were not fit for purpose.

          RIP.

  6. Anonymous Coward
    Anonymous Coward

    "The MoD couldn't get malware written for an operating system within the lifetime of the software; they've probably just completed equipping themselves with an attack for the PDP-11"

    That depends on whether they subcontracted it out to BAe Systems Qinetiq etc or to somebody with a technical clue (but without the aforementioned's cosy relationship with HMG, MoDPE etc - just ask Lewis about this one, it's a subject he's credible on).

    Speaking of credibility, I'd expected from the headline that this would be yet another hype story, so I was very pleasantly surprised to see Ralf Langner's name right at the top. He's very credible on Stuxnet, unlike some of the more familiar names associated with the story.

  7. Anonymous Coward
    Anonymous Coward

    sovereign nation

    Iran is a sovereign nation, why do we get to tell them how to run their country? Everything we've done from sanctions to dangerous nuclear sabotage is nothing more than bullying. The US has nukes and invades countries based on lies, where are their sanctions?

  8. Ian 55

    The PDF is well worth a read

    Especially the final appendix, showing how much can be known about what Iran is doing and how from their publicity shots.

  9. No Quarter
    Black Helicopters

    The CIA are really naughty.

This topic is closed for new posts.