StuxNet: Implications?

  • Thread starter Thread starter (PeteCresswell)
  • Start date Start date
P

(PeteCresswell)

Just read http://tinyurl.com/2v5cdn8.

Can anybody explain why something like this wouldn't present a
significant hazard to the perpetrator as well as to the target?

Sounds a little like one of the hazards inherent in battlefield
chemical/biological warfare: you fire off the weapons, they
explode over the enemy... then the wind changes...
 
From: "(PeteCresswell)" <[email protected]>

| Just read http://tinyurl.com/2v5cdn8.

| Can anybody explain why something like this wouldn't present a
| significant hazard to the perpetrator as well as to the target?

| Sounds a little like one of the hazards inherent in battlefield
| chemical/biological warfare: you fire off the weapons, they
| explode over the enemy... then the wind changes...

It has been a "cyber missile" and it does indeed and severe implications.

Unlike real "chemical" weapons which can directly affect both foe and friends (aka;
fratricide). Stuxnet is a targeted weapon. It uses C&C and thus will only initiate its
payload when told to on the targeted system using the Siemens chip-set it was programmed
for.

However it can have untold collateral damages.
For example;
A coolant pump is told to shutdown on a nuclear reactor and the reactor core goes super
critical in a Chernobyl type of event.
 
(PeteCresswell) said:
Just read http://tinyurl.com/2v5cdn8.

Can anybody explain why something like this wouldn't present a
significant hazard to the perpetrator as well as to the target?
Click to expand...

What in particular are you referring to?

The worm? - Yes, using self-replicating code to distribute malware is
always risky, but much less back-trackable.

The payload?

Actually, I would think that the target area can be reduced or fine
tuned before any trigger event is established.
Sounds a little like one of the hazards inherent in battlefield
chemical/biological warfare: you fire off the weapons, they
explode over the enemy... then the wind changes...
Click to expand...

Yeah, kinda like the blowback effect. :o)

Having a workable rootkit for such controllers is scary enough. As is
usually the case, having a worm carry and install it, quickly makes it a
known thing. Making the release of the worm a form of disclosure.

That's another way it can be considered blowback.
 
Per David H. Lipman:
Unlike real "chemical" weapons which can directly affect both foe and friends (aka;
fratricide). Stuxnet is a targeted weapon.
Click to expand...

I was thinking in terms of people using it as a model to create
similar viruses.

Reading a little (for once...) I get the impression that one
saving grace is the necessity of obtaining something called a
"Private Key" for the control devices targeted - apparently
something that requires collusion with somebody in the company
that makes said devices.
 
Back
Top