Stuxnet Increasingly Sounding Like A Movie Plot

from the made-for-hollywood dept

Like many people, I've been following the story of the Stuxnet worm with great interest. As you probably know, this worm was apparently designed to infect Iranian nuclear operations to create problems -- and supposedly setting back their nuclear operations quite a bit. The NY Times came out with a fascinating investigative report about the background of Stuxnet over the weekend, and it's worth a read. What I found most entertaining was the rather Hollywood-trickery angle by which Stuxnet did its dirty work:
The worm itself now appears to have included two major components. One was designed to send Iranís nuclear centrifuges spinning wildly out of control. Another seems right out of the movies: The computer program also secretly recorded what normal operations at the nuclear plant looked like, then played those readings back to plant operators, like a pre-recorded security tape in a bank heist, so that it would appear that everything was operating normally while the centrifuges were actually tearing themselves apart.
That latter part is, indeed, right out of a movie. I guess sometimes truth does mimic fiction. That said, I'm still trying to figure out how or why Iran allowed any sort of outside code or computers into their nuclear operations.

Filed Under: iran, stuxnet


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    aldestrawk (profile), 18 Jan 2011 @ 8:49pm

    ha ha ha

    It is felt that the real target site was the Natanz fuel enrichment facility rather than the Bushehr nuclear power plant where the Iranian Homer works. Getting malware onto the target PLC's was a multi-step effort which required multiple vulnerabilities. One of them happened to be use of a default password, actually recommended by Siemens to stay its' default value because it was thought that not being connected directly to the internet meant it was safe to do. This should be easily fixed. What is not easy and is still something of a mystery to me is the availability of code signing keys to enable a root kit to be loaded onto a Windows machine. There is also speculation that there may have been a contractor, maybe from Siemens, who helped with the initial infection. Ultimately, it did not require bumbling by doughnut eating buffoons sleeping at every desk. Remember, that even Google was victimized by a hacking attack

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.