Join 3,572 readers in helping fund MetaFilter (Hide)


Operation Olympic Games
November 20, 2013 7:02 AM   Subscribe

The Langner Group, based in Germany, has published the most detailed report yet on the Stuxnet malware that was used to sabotage Iran's uranium enrichment efforts.

"Different from cyber attacks as we see them every day, a cyber-physical attack involves three layers and their specific vulnerabilities: The IT layer which is used to spread the malware, the control system layer which is used to manipulate (but not disrupt) process control, and finally the physical layer where the actual damage is created. In the case of the cyber attack against Natanz, the vulnerability on the physical layer was the fragility of the fast-spinning centrifuge rotors that was exploited by manipulations of process pressure and rotor speed. The Stuxnet malware makes for a textbook example how interaction of these layers can be leveraged to create physical destruction by a cyber attack. Visible through the various cyber-physical exploits is the silhouette of a methodology for attack engineering that can be taught in school and can ultimately be implemented in algorithms. The report also addresses common misconceptions about Stuxnet, such as the theory that the malware would have escaped from Natanz due to a programming error, or that nation-state capabilities would be required to pull off copycat attacks against critical infrastructure installations."

Come for the detailed breakdown of the attack - how and why it worked - but stay for the detailed analysis of screencaps from Ahmadinejad's televised tours of the facility. An enormous amount of detail can be gleaned from the workstation displays, pipe locations and floor layout.

Stuxnet previously: 1, 2
posted by jquinby (23 comments total) 28 users marked this as a favorite

 
Great post. Stuxnet is, to my knowledge, the most analyzed of the nation-state malware infections so far.

Some newer malware (e.g. Skywiper) is sophisticated enough that researchers haven't yet fully decoded the software.
posted by blob at 7:19 AM on November 20, 2013 [2 favorites]


"More inside" never seemed so apt.
posted by yoink at 7:21 AM on November 20, 2013 [1 favorite]


Much better than the proposed Netanyahu bombing.
posted by Ironmouth at 8:09 AM on November 20, 2013


Much better than the proposed Netanyahu bombing.

But still an act of war. In its first formal cyber strategy, the Pentagon has concluded that computer sabotage by another country could constitute an act of war, administration and military sources told NBC News on Tuesday, confirming a report in the Wall Street Journal.

This was a reckless and unwarranted military attack and the Iranians - and the rest of the world - should see it as nothing less.
posted by three blind mice at 8:25 AM on November 20, 2013 [2 favorites]


It's hard to imagine that the US reaction to similar actions by another nation would be anything less than dramatic (to say the least).
posted by jquinby at 8:29 AM on November 20, 2013


This is fascinating. Thanks for posting it.
"While resulting in approximately the same amount of setback for Iran as a brute force tactic, the low-yield approach offered added value. It drove Iranian engineers crazy in the process, up to the point where they may ultimately end in total frustration about their capabilities to get a stolen plant design from the Seventies running, and to get value from their overkill digital protection system."
And of course, it would done exactly that: Repeated, unpredictable, unreplicatable equipment failures would sow seeds of distrust in the system and and concerns about unreliability in the minds of the system's engineers.
posted by zarq at 8:31 AM on November 20, 2013 [1 favorite]


Ironmouth: "Much better than the proposed Netanyahu bombing."

Um, no. Not really. It's an extremely dangerous strategy. Natanz is a nuclear enrichment facility. If it goes down, then that's one thing. But Stuxnet also hit Bushehr. Once the plant became fully operational, a virus targeting its safety systems could conceivably have caused a nuclear catastrophe.

The Bushehr plant is 11 miles south of the eponymous port city of Bushehr, home to a couple of hundred thousand people. Both the plant and the city sit on the coast of the Persian Gulf. Meltdown = nuclear fallout and radioactive materials entering a large body of water whose coastline is shared by eight Middle East nations.

The only way this is "better" than carpet bombing nuclear facilities is that it provides plausible deniability to the sociopaths who feel that a meltdown is an acceptable possible outcome.
posted by zarq at 8:49 AM on November 20, 2013 [3 favorites]


Much better than the proposed Netanyahu bombing. / Not really.

Gentlemen, please... we'll find out soon enough which one was better.
posted by Behemoth at 8:51 AM on November 20, 2013 [1 favorite]


This was a reckless and unwarranted military attack and the Iranians - and the rest of the world - should see it as nothing less.

Except for the whole "nobody died" thing, this was just like a war!

This is not a scary and new thing antagonistic nations do to one another. Compared to sanctions or actual military action, this is far preferable. (Iran has already retaliated by taking down a CA. While not happy with this consequence, I'm much happier than I would be if they decided to do something more concrete in revenge.

If this is the future face of war - attacking strategic targets to do economic damage that will be felt most keenly by the business and political classes without killing anyone - I'm all for it.
posted by Slap*Happy at 9:26 AM on November 20, 2013 [4 favorites]


This is not 'the future face of war' as much as warfare pushing into a new slice of the spectrum. Its interesting, everyone has been talking about the RMA for years but no-one really knew what it would look like. I guess this is it and these things will.become more common.
Sadly, rather than seize the moment to adopt some kind of 'digital chemical weapons treaty' it seems the US seems to have preemptively abandoned the moral high ground.
Silly really because these are really good weapons for poor nations.
posted by fingerbang at 9:55 AM on November 20, 2013


rather than seize the moment to adopt some kind of 'digital chemical weapons treaty'

What would be the point? What possible inspection regime could you imagine implementing that would reassure signatories to such a treaty that member states were adhering to its terms? Any such treaty would be nothing more than an empty goodwill gesture.
posted by yoink at 10:26 AM on November 20, 2013


Or, in other words, it's a "the food here is so lousy; and the portions are so small!" problem.
posted by yoink at 10:54 AM on November 20, 2013


On a related and yet totally different note, I was surprised and dismayed yesterday when watching puppy videos on Youtube with my toddler: the advertisement that appeared before the video ran was trying to sell me the idea that Iran is Evil.

Who pays for such a thing, anyway? And would Google have accepted advertising which makes a similar case about (say) the United States?
posted by Slothrup at 11:15 AM on November 20, 2013


It's well over a year old, but here is Terri Gross interviewing David Sanger about Obama's 'secret wars' including Stuxnet...for those of you who like things listenable. I just happened to be looking back through my unlistened podcasts today.
posted by K.P. at 11:32 AM on November 20, 2013 [1 favorite]


Slothrup: "And would Google have accepted advertising which makes a similar case about (say) the United States?"

The ad you describe would appear to be against their policies.
posted by zarq at 11:33 AM on November 20, 2013


Well yoink. What would be the point? To try and reduce or remove attacks on civilian infrastructure for starters? It shouldn't be acceptable to trash fresh water systems or medical facilities or schools.
How would it work? I dunno, for starters ask the hippies at the economist, they have been pushing to get this on the agenda for years now, they have some good ideas and some good suggestions. Probably because they actually realize what's at stake.
Now if you're going down the line that it couldn't work perfectly then...sure...but that's a dumb argument.
What would be the point? Lol.
posted by fingerbang at 11:42 AM on November 20, 2013


Except for the whole "nobody died" thing, this was just like a war!

They were lucky that nobody died, and there are a whole host of 'cyber' attacks that could cause fatalities.
posted by empath at 1:46 PM on November 20, 2013


Iran is a signatory to the Treaty on the Non-Proliferation of Nuclear Weapons and is a member of the IAEA. Iran, consequently, has a number of obligations related to nuclear research and the production of material that can be used for nuclear weapons of nuclear power. If you read the IAEA's report page on Iran, it basically says that it looks as though Iran is producing nuclear weapons, but the IAEA can't give a definitive answer because Iran refuses to allow inspection of military sites.

As far as I'm concerned, while I wouldn't welcome another Chernobyl, I'd rather have the limited deaths consequent to a meltdown than to have another aggressive state in possession of nuclear weapons. At least the site would be effectively embargoed.
posted by Joe in Australia at 1:55 PM on November 20, 2013 [1 favorite]


I agree. When is Israel going to relinquish its nuclear stockpile?
posted by empath at 2:00 PM on November 20, 2013


Israel isn't a signatory to the NPT! So it's totally cool! Neither are Pakistan and India, and nobody's worried about them.

Or North Korea.
posted by Joe in Australia at 2:15 PM on November 20, 2013


I agree. When is Israel going to relinquish its nuclear stockpile?

Israel never signed the NPT. Israel could be gotten to sign the NPT. There are so many things that could be offered as quid pro quos by those countries concerned by Israel's abstention from the NPT.

It does not take much to come up with some reasonable ones.
posted by ocschwar at 2:24 PM on November 20, 2013 [2 favorites]


Skywiper stop skywiping!
Skywiper stop skywiping!
Skywiper stop skywiping!

...

Aw man!
posted by Homemade Interossiter at 3:58 AM on November 21, 2013 [1 favorite]


Stuxnet creators defined 21st century warfare
posted by homunculus at 2:17 PM on November 24, 2013


« Older The Ultimate Guide to Shooting Rubber Bands....   |   This could be your last best c... Newer »


This thread has been archived and is closed to new comments