Stuxnet War 2 0 - 16 Марта 2011

Main » 2011 » Март » 16 » Stuxnet War 2 0

10:39

Stuxnet War 2 0

Virus, attacking Iran's nuclear facilities, marked the beginning of an era of cybernetic warfare.
The World - on the brink of military IT-revolution? Facts. Comments. Analyst.

"I do not know what weapons will be fighting in World War III, but in the fourth to move go stones and sticks"
Albert Einstein

At the end of September it became known that the virus Stuxnet inflicted serious damage to Iran nuclear program. Using the vulnerability of the operating system and the notorious "human factor», Stuxnet successfully hit 1368 of 5000 centrifuges at the uranium enrichment plant at Natanz, as well as disrupted launch date of nuclear plant at Bushehr. Customer - is unknown. Artist - careless employee Siemens, inserting an infected USB flash drive into a workstation. Damage to Iran's nuclear facilities, comparable with the damage from Israeli air attacks.
The world spoke about the wars of the new generation. Cyber ??attacks could become ideal tools of the next war - they are swift, efficient in its destructiveness, and usually anonymous. Today, the state hastily agree on joint strategies to counter the cybernetic threats. What will happen tomorrow? Unfortunately, the most realistic answer to this question still remains dismal aphorism of Einstein.

Iran is helpless before the techno-threat

editorial in the international press crowded the dark prophecies about the advent of technological warfare. Over key Stuxnet - virus that has hit Iran's nuclear facilities - beat the experts of different fields: from IT-security to linguistics and anthropology. Stuxnet was detected virus labs for a long time, but the true extent of contamination of the world learned in late September, when it became aware of the delay in launching the first in Iran's Bushehr nuclear power plant. Despite the fact that Ali Akbar Salehi (Ali Akbar Salehi), head of the Atomic Energy Organization of Iran, said that the delay in starting the plant is not connected with the activity of the virus, Mark Fitzpatrick (Mark Fitzpatrick), the International Institute for Strategic Studies noted that it sounds "not very serious" but Iran SLOPES conceal the real problems at the plant. After some time, "blurted out" Mahmoud Jafari (Mahmoud Jafari), manager of the project plant in Bushehr. According to him, Stuxnet «hit a few computers, but did not cause any damage to the underlying operating system of the station." Sapienti sat. Iran's nuclear facilities in Natanz have also suffered very severely: 1368 of 5000 centrifuges were destroyed by the actions of Stuxnet. When Mahmoud Ahmadinejad after the UN General Assembly session directly asked about technological problems with the nuclear program, he just shrugged and said nothing. Note that according to the New York Times, the damage from the virus in Iran is comparable, perhaps, to attack Israeli Air Force.

Author! Author!

For obvious reasons, developers Stuxnet prefer to stay in the shadows, but it is clear that the complexity of the virus can be called unprecedented. Creating such a project requires a huge intellectual and financial investment, and thus a force of only the scale structures of government. All experts agree that the virus is not the fruit of the efforts of the group of enthusiasts. " Eslo Laurent, head of security Symantec suggests that to create Stuxnet worked at least six to ten people for six to nine months. Frank Rieger (Frank Rieger), Technical Director of GSMK support their colleague - he said, the virus has created a team of ten experienced programmers, but the development took about six months. Rieger calls and an indicative amount of a Stuxnet: it is not less than $ 3 million on military uses of the virus says Evgeny Kaspersky, CEO of Kaspersky Lab »:« Stuxnet not steal the money, does not send spam or steal confidential information. This malicious program was created to control manufacturing processes, in the literal sense, to manage the huge production capacity. In the recent past we have struggled with cyber-criminals and online bullies, now, I'm afraid it's time to cyberterrorism, and cyberwarfare kiberoruzhiya. Tilman Werner (Tillmann Werner), the Commonwealth of experts in the field of Internet security Honeynet Project, is sure: hackers single is not able to. «Stuxnet so perfect from a technical point of view that we should proceed from the fact that the development of the malicious program was attended by experts from government agencies, or that they at least provided some help in creating it" - says Werner.

In the process of analyzing Stuxnet some media have concluded that the establishment of the virus is Israel. First spoke about the involvement of Israel's attack on Iran, John Markoff (John Markoff), journalist New York Times, saying that analysts highlighted the name of one of the snippets «myrtus» («myrtle"). In the Hebrew translation, "myrtle" sounds like "Adas", which, in turn, is consonant with the name "Hadassah", owned by Esther (Esther) - the heroine in Jewish history, who saved her people from destruction in the Persian Empire. Drawing an analogy with ancient Persia, the territory of which is modern Iran, some analysts believe that Israel has left the "business card" in the code of the virus. However, in the opinion of several experts, this version does not hold water and resembles a cheap detective story - too primitive "writing" as a project of this magnitude.

It should be emphasized that last summer (remember, the spread Stuxnet began in 2009), resource WikiLeaks reported serious nuclear accident in Natanz. Shortly thereafter, it became known that the head of the Atomic Energy Organization of Iran, Gholam Reza Aghazadeh (Gholam Reza Aghazadeh) resigned without explanation. Around the same time, media have statements of Israeli politicians and military about a possible confrontation with Iran on the technology front. In addition, Israel has corrected the projected date of receipt of Iran's atomic bomb, pushing her in 2014, and the powers of Meir Dagan (Meir Dagan), head of the Mossad, has been extended for the sake of his involvement in unspecified "important projects".

Human Factors

notable history of primary infection, marked the beginning of the spread of the virus. Obviously, the automated control system of this level are not connected to the web. An expert from Kibertsentra NATO in Estonia Kenneth Gears (Kenneth Geers) at a conference on security, suggested that the success of the attack Stuxnet depended entirely on contact with the right people ... and elementary USB-drives. "You can pay someone who will run the trojan in a closed system, or replace the memory stick, which was intended for internal use only" - reflects Gears. - "Just insert a standard USB-connector infected the stick, and Stuxnet immediately jumps automatically to the operating system, and no anti-virus programs and other measures to protect it is not a hindrance." Indeed, the "weak link" was the human factor - Stuxnet was entered into the system via the usual USB-drives, which inadvertently put in the workstation negligent employee. It is noteworthy that after the statement by Minister of Intelligence of Iran Heidar Moslehi (Heydar Moslehi) on the detention of "nuclear spies" (they were absolutely not involved in the Russian equipment), manual Siemens has recognized that the virus have brought the company's employees, stressing the unintentional contamination. It should be noted that Stuxnet affects only a specific type of controllers, Siemens, namely, SIMATIC S7, which, according to the IAEA, Iran is used.

Cyberwar. Battlefield - The Earth?

The Virus Bulletin Conference 2010, held in Vancouver (Canada), drew the attention of the audience a brief report about Murch Liam (Liam O Murchu), one of the leading experts in Symantec's IT-security. The analyst conducted an experiment explaining the danger of cyber-threats better than hundreds of formal reports. About Murch found at the scene an air pump, running an operating system of production Siemens, infected controlling pump workstation virus Stuxnet and started the process in action. Pump rapidly inflated balloon, but the process has not stopped - the ball inflated until until burst. "Imagine that this is not a balloon, and the Iranian nuclear power plant" - the expert said, putting an end to the question of "seriousness" cyberwar.

Colleagues On Merch fully share his concerns. Trend Micro researcher Paul Ferguson (Paul Ferguson) said that with the creation of the world's Stuxnet appeared full of cyber-weapons, which goes beyond the traditional destructive schemes (stealing credit card numbers, etc.) and can lead to serious accidents at a very dangerous industrial facilities. Ferguson stresses that analysts now are "literally intimidate the government to then start taking serious security measures."

And indeed, the head of the newly created U.S. Kibershtaba at the Pentagon, Gen. Keith Alexander (Keith Alexander), speaking in Congress, has publicly stated that over the past few years the threat of cyberwarfare is increasing rapidly. Alexander recalled two cyber-attacks on the entire state - in Estonia (in 2007, after the dismantling of the Bronze Soldier) and Georgia (in 2008, during the war with Russia).

Estonian President Toomas Hendrik Ilves (Toomas Hendrik Ilves) in an interview with Berliner Zeitung raises the issue of cyber threats at the highest level. Estonian president stresses: NATO's decision to place the center of cybersecurity is in Tallinn (remember, it opened in May 2008) due to the fact that Estonia is one of the most computerized countries in Europe, as well as the first state to have been subjected to a full-scale cyber attack in 2007. After the attack, paralyzing the entire country's infrastructure, the Minister of Defence of Estonia, Jaak Aaviksoo (Jaak Aaviksoo) even demanded that NATO equate these kibernalety to military action. Similar abstracts today expressed by the president: "The virus Stuxnet demonstrated how seriously we should relate to cyber security because with the help of these products can be destroyed vital infrastructure. In the case of Iran, the virus was, it seems, is aimed against a nuclear program, but similar viruses can destroy our economy, which is controlled by computers. It should be discussed in NATO: if a rocket destroys power, enters into force section 5. But how to act in case of attacks of computer viruses? "- Asked Mr. Toomas Hendrik Ilves. The President's proposal is in line with current trends: "Both the EU and NATO should develop a uniform policy, including regulations that will form the basis for collective defense against threats in cyberspace" - the head of state.

C Toomas Hendrik Ilves is completely accepts the Deputy Secretary of Defense William Lynn (William J. Lynn). In an interview with Radio Liberty, Lynn tried to answer the question raised by Ilves: "If the strike affected the essential elements of our economy, we should probably consider it an attack. But if the result was compromised data theft, it may not attack. Between these two extremes are many other options. To articulate a political line, we must decide where the boundary lies between the burglary and assault, or between espionage and data theft. I believe in the government and outside it is a discussion on this topic, and I do not think this debate has already been exhausted. "

In addition, the key performances of William Linn was a public announcement of the five principles that underpin a new strategy for cyber security of the United States. Quoting Deputy Defense Minister uncut:
"The first of these principles is that we should recognize cyberspace what it has already become - the new war zone. In the same way as land, sea, air and outer space, cyberspace, we must consider how the scope of our actions, we will defend and which extend its military doctrine. That's what prompted us to create a unified Kiberkomandovanie in the Strategic Command.

The second principle which I have mentioned - defense must be active. It should include two conventional lines of passive defense - actually, this is a common health: time to put patches, update their antivirus software, to improve protection. Also need a second line of defense, which is used by private companies: Intrusion Detection, Security Monitoring Programme. All these funds are likely to help you reflect about 80 percent of the attacks. The remaining 20 percent - this is a very rough estimate - sophisticated attacks that can not be prevented or stopped by tinkering around the edges. Requires much more active arsenal. Need tools that can detect and block malicious code. Need software that will detect and prosecute within your own network intruders in her malicious elements. When you find one, you should be able to block their interaction with the external network. In other words, it's more like a mobile warfare than the Maginot Line.

The third principle of strategy for cybersecurity - is the protection of civilian infrastructure.

Fourth - the U.S. and its allies should take measures of collective defense. At the upcoming NATO summit in Lisbon will take important decisions on this matter.

Finally, the fifth principle - the U.S. should remain at the forefront of software development. "

It is quite remarkable reaction, Dmitry Rogozin, the permanent representative of Russia to NATO, to take place in the alliance process. Apparently, Russia is extremely concerned about the upcoming NATO summit in Lisbon, which will be held on November 20, after all it is planned to clarify the dilemma is whether to attack military and government computer networks NATO member occasion to use the 5-th article of the Washington Treaty and reply collective military strike. Rogozin, a typical style for yourself wrote: "We finally know it permissible for a NATO strike on apartments hackers vigorous bomb or believed cyberwar did not go beyond cyberspace. In the latter scenario, I have great reason to doubt. Before our eyes in the western periodicals unfolding scandal in connection with the spread of a computer worm called Stuxnet. I'm used to reading and sending SMS to Latin, so I read the name of the virus as the Russian verb forms the future tense: "stuhnet. Be sure stuhnet or drop off something at somebody must, and those who ran the virus. As you know, who sows the wind, he reaps the storm. " Not daring to comment on the literary and creative pursuits, Mr. Rogozin, we note that two of the largest hacker attacks on entire states (Estonia and Georgia), Russia was accused - perhaps it is this caused such a violent reaction impressionable envoy.

So, against the backdrop of hysteria, provoked Stuxnet, several states expressed the need for the formation of a joint policy for the prevention of cyber attacks. Will this lead to the desired result, even if we assume that will be worked out (and signed) a document regulating the use of destructive technologies? IT Business week it seems very doubtful, so too is the temptation offered by high tech: the anonymity, security (for attack), an unprecedented ratio of price / performance ratio. " So, Stuxnet was only the first swallow era of techno-social revolution that began not just as dreamed.

Views: 461 | Added by: w1zard | Rating: 0.0/0

Total comments: 0


Имя *:
Email *:

Код *:

Virus, attacking Iran's nuclear facilities, marked the beginning of an era of cybernetic warfare.The World - on the brink of military IT-revolution? Facts. Comments. Analyst.

"I do not know what weapons will be fighting in World War III, but in the fourth to move go stones and sticks"Albert Einstein