Wednesday, 22 December 2010

Stuxnet worm update

The Economist has a fascinating article about the Stuxnet worm infecting Iran's nuclear facilities, here's an extract:
'According to Symantec, a computer-security company, the worm performs an inventory of the systems it is running on, looking specifically for “frequency converter drives” made by two firms, one Iranian and the other Finnish, running at speeds between 807 Hz and 1210 Hz. (These high frequencies correspond to the rotation speeds of centrifuges; America tightly controls the export of frequency converter drives able to operate at frequencies above 600 Hz.)

If it finds the right configuration, Stuxnet sabotages it by making subtle changes to the speeds of the centrifuges over several weeks, while displaying normal readings to cover its tracks.

That is not all. Ralph Langner, a German researcher, says Stuxnet has a “second warhead”. It targets a different industrial-control system that just happens to be used at Bushehr, Iran’s much-delayed nuclear-power station, replaying previously recorded normal readings as it causes havoc.'
maybe those people laughing at the UK finally spending some money on cyber warfare defences should wise-up to what is really happening out there.


Katabasis said...

Sorry NaS, I'll continue laughing uproariously. That article shows exactly the kind of mistake the British government will make (and has made again and again in the past at great cost to us) in this regard:

"A new security patch from Microsoft, released this week, plugs the last of the four security holes that Stuxnet uses to spread itself, but it cannot be used on older systems, widely used in Iran."

I rest my case here your honour.

Not a sheep said...

I know about the government's IE policy and realise that installing MS patches is not the answer to cyber-terrorism but the UK government has to start taking this matter seriously and many people really don't see why.

Katabasis said...

The British government has never taken this seriously, because it simply doesn't understand it at all.

The whole "cyberwarfare" meme will be used to inspire maximum fear (also playing on the general public level of ignorance and built in tendency to - erroneously - see the government as an authority), whilst nothing effective will actually be done.

And as with almost every other major government IT project in the past, millions will be flushed down the toilet to the government's favoured IT contractors who tell them what they want to hear.

Notice that the HO pleads poverty for the IE6 upgrade. Think this will be one of the first things addressed by the £1billion cyberwarfare fund? No of course it won't!