"If you don't understand the message, it's not meant for you"
"If I'm wrong in any way, please correct me in any way"

-Ammar Zufar <-click to Google him!

click here if the text is too small

Monday, October 11, 2010

Stuxnet Alert!!

The cyber warfare has begun!! I would personally says that this is the splinter cell of the cyberworld. WHY?? You all don't know STUXNET??
Since that question had already been answered by many people, I'll just pick it up for all of you.

  1. It's a Windows worm, spreading via USB sticks. Once inside an organization, it can also spread by copying itself to network shares if they have weak passwords.
  2. It can spread anything that you can mount as a drive.
  3. It infects the system, hides itself with a rootkit and sees if the infected computer is connected to a Siemens Simatic (Step7) factory system. see: Siemens - Factory Automation Systems
  4. It modifies commands sent from the Windows computer to the PLC. Once running on the PLC, it looks for a specific factory environment. If this is not found, it does nothing
The rest you can read it at the site given. What interesting about this worm is that it's made a year ago, and just recently discovered. It's is about 1.5MB in size. Extremely big for a worm. A more interesting fact is that the worm may originate from Israel

"..Buried in Stuxnet's code is a marker with the digits "19790509" that the researchers believe is a "do-not infect" indicator. If the marker equals that value, Stuxnet stops in its tracks, and does not infect the targeted PC.

The researchers -- Nicolas Falliere, Liam O Murchu a

nd Eric Chen -- speculated that the marker represents a date: May 9, 1979.

"While on May 9, 1979, a variety of historical events occurred, according to Wikipedia "Habib Elghanian was executed by a firing squad in Tehran sending shock waves through the closely knit Iranian Jewish community," the researchers wrote.."


"..Kevin Hogan, Senior Director of Security Response at Symantec, noted that 60 percent of the infected computers worldwide were in Iran, suggesting its industrial plants were the target. Kaspersky Labs concluded that the attacks could only have been conducted "with nation-state support", making Iran the first target of real cyber warfare.."

"..Furthermore, the worm's probable target has been said to have been high value infrastructures in Iran using Siemens control systems. According to news reports the infestation b

y this worm might have damaged Iran's nuclear facilities in Natanz and eventually delayed the start up of Iran's Bushehr Nuclear Power Plant..."

ref: w32_stuxnet_dossier.pdf

I don't want people says I'm just talking shits. See the data, evaluates the shits yourselve. But oh my.. My country in the list. Oh well, not like I got a nuclear plant running. lol. Anyway, hope our government is not stupid (I still realy don't know how smart or stupid they are). Maybe it's nice to have a week or two off due to the virus(like that would ever happen).

And like always, peace be with you all.

No comments:

Share With The World