Stuxnet, the most sophisticated piece of malware ever seen, devised for just one specific target.

Posted by DanielS on Thursday, 04 January 2018 01:25.

It was quite picky on its target. It went through several checks and when those checks failed, it would not implement the attack. It was obviously probing for a very specific target…you have to put this in context - this was the most sophisticated piece of malware that we have ever seen. So, its kind of strange that someone makes this huge effort to hit one specific target…well, that must be quite a significant target:

Whoever was behind Stuxnet hasn’t admitted they were behind it.

Even after the cyberweapon had penetrated computers all over the world, no one was willing to admit that it was loose, or talk about the dangers that it posed.

Stuxnet first surfaced with a Belarusian security company servicing Iran.

“Had you ever seen anything quite so sophisticated before?”

“Not with this kind of ‘zero-day’ capacity…......... it was the first time in my practice.”

... a third kind of hactivist is sponsored by state governments…

It went beyond our worst fears… our worst nightmares ..and this continued the more we analyzed….

The first time we opened up Stuxnet there was just bad things everywhere.

Just to give you some context, we can go through and understand every line of code for the average threat in minutes… and here we are one month into this threat and we are just beginning to discover what we call its payload, or its whole purpose…

When looking at the Stuxnet code, its twenty times the size of the average piece of code but contains almost no bugs inside of it, which is extremely rare, code always has bugs inside of it. It’s dense and everything does something or does something right in order to conduct its attack.

One of the things that surprised us was that Stuxnet utilized what is called a zero day exploit.

...its a piece of code allows it to spread without you having to do anything…

A zero day is an exploit which nobody knows about except for the attacker; so there’s no protection against it, there’s been no patch released.

There’s been zero days protection against it. That’s what attackers value because they know 100 percent that if they have this zero day that they can get in whenever they want

They’re actually very valuable - you can sell them for hundreds of thousands of dollars.

Then we became worried because immediately we discovered we had more zero days, and again, these zero days are extremely rare.

Inside Stuxnet we had four zero days, and for the entire rest of the year we only saw twelve zero days used.

It blows everything else out of the water ..we’ve never seen this before and never seen it since, either.

Seeing one in a malware you could understand because the malware offers a means to make money, they’re stealing people’s credit cards so its worth their while to use it, but seeing four zero days…could be worth half a million dollars right there in one piece of malware ..this is not your ordinary criminal gang doing this, this is someone bigger.

It’s definitely not traditional crime. Not hacktivists.

It was evident early on, just given the sophistication of this malware that there must have been a nation state involved - at least one nation state involved in the development.

However, there were “breadcrumbs” left…they had to have some human assets steal certificates, which they did, traceable from two companies in close proximity in a business park in Taiwan.

Eventually we were able to see that Iran was the number one infected country in the world.

That immediately raised our eyebrows.

...we’d never seen a threat before where it was predominantly in Iran.

So we began to follow what was going on in the geopolitical world, what was happening in the general news.

At that time there were actually multiple explosions of pipelines going in and out of Iran.

And we noticed that there had been assassinations of nuclear scientists

More breadcrumbs showed that Stuxnet was targeting Siemans progammable logic controllers.

The PLC is like a very small computer attached to physical equipment like pumps, like valves, like motors.

So, this little box is running a digital program and the actions of this program turns that motor on, off, or sets the specific speed.

They control things like power plants, power grids… things in factories… in critical infrastructure ...critical infrastructure is everywhere around us ...transportation, telecommunication, financial services, health care..

So the payload of Stuxnet was designed to attack some very important part of our world.

The payload was going to be very important..

We knew that Stuxnet could have very dire consequences.

Stuxnet caused the centrifuges (of Iranian nuclear reactors) to spin much faster (than programmed for, to the point where they would explode).



Comments: None.



Post a comment:


Name: (required)

Email: (required but not displayed)

URL: (optional)

Note: You should copy your comment to the clipboard or paste it somewhere before submitting it, so that it will not be lost if the session times out.

Remember me


Next entry: Andrew “Weev” Auernheimer of Jewish Descent on Both Sides of His Family, His Mom Says
Previous entry: US Navy Information Dominance Warfare: the question is…

image of the day

Existential Issues

DNA Nations

Establishment Problem

Categories

Links

Endorsement not implied.

Immigration

Islamist Threat

Anti-white Media Networks

Audio/Video

Crime

Economics

Education

General

Historical Re-Evaluation

Controlled Opposition

Nationalist Political Parties

Science

Europeans in Africa

Of Note

Comments

15 and Pregnant commented in entry 'Euro-DNA Nation' on Sat, 20 Jan 2018 02:17. (View)

Mixed signal for Whitey, not for bloods commented in entry 'Euro-DNA Nation' on Sat, 20 Jan 2018 01:53. (View)

Al Ross commented in entry 'A crisis in the custody suite – seventh (and final) part' on Sat, 20 Jan 2018 00:58. (View)

Another question from Chris L. commented in entry 'Euro-DNA Nation' on Fri, 19 Jan 2018 23:47. (View)

Ahed Tamimi interviewed commented in entry '“Gaza: An Inquest into Its Martyrdom”: Norman Finkelstein on the Many Lies Perpetuated About Gaza' on Fri, 19 Jan 2018 11:12. (View)

DanielS commented in entry 'Euro-DNA Nation' on Fri, 19 Jan 2018 10:11. (View)

Putinism commented in entry 'Putin's Revenge' on Fri, 19 Jan 2018 08:12. (View)

Jewish occupy, demonstrate for open borders USA commented in entry 'Africans Deported from Israel “Appear” in Rome' on Fri, 19 Jan 2018 02:08. (View)

question commented in entry 'Euro-DNA Nation' on Thu, 18 Jan 2018 23:15. (View)

mancinblack commented in entry 'Trout Mask Replica' on Thu, 18 Jan 2018 17:43. (View)

Crazy Over You commented in entry 'Trout Mask Replica' on Thu, 18 Jan 2018 14:22. (View)

mancinblack commented in entry 'Trout Mask Replica' on Thu, 18 Jan 2018 13:24. (View)

I'm a Man commented in entry 'Trout Mask Replica' on Thu, 18 Jan 2018 12:41. (View)

mancinblack commented in entry 'Carolyn Emerick talks pagan folk culture and ethnonationalism with Tara's alt-right panel' on Thu, 18 Jan 2018 08:15. (View)

uh commented in entry 'Spencer: My conception of the ethnostate is imperialist - true ethno nationalism is a zero sum game.' on Thu, 18 Jan 2018 08:07. (View)

mancinblack commented in entry 'Carolyn Emerick talks pagan folk culture and ethnonationalism with Tara's alt-right panel' on Thu, 18 Jan 2018 07:18. (View)

100% European commented in entry 'Euro-DNA Nation' on Thu, 18 Jan 2018 06:39. (View)

The ancient is the modern commented in entry 'Snyder's lessons applied to reality now: universalized liberalism tyrannizing over ethnonationalism' on Thu, 18 Jan 2018 02:19. (View)

100% European but you might not guess commented in entry 'Euro-DNA Nation' on Thu, 18 Jan 2018 00:45. (View)

Near 100% European commented in entry 'Euro-DNA Nation' on Thu, 18 Jan 2018 00:18. (View)

95% Native American (Central) commented in entry 'Euro-DNA Nation' on Wed, 17 Jan 2018 11:11. (View)

20% sub-Saharan commented in entry 'Euro-DNA Nation' on Wed, 17 Jan 2018 09:53. (View)

We knew these things commented in entry 'Hermeneutic construction of Putin and Trump's character, positions and relation:' on Wed, 17 Jan 2018 04:13. (View)

DanielS commented in entry 'Trout Mask Replica' on Wed, 17 Jan 2018 01:18. (View)

DanielS commented in entry 'MR Radio: Greg Johnson talks to GW and Daniel' on Wed, 17 Jan 2018 01:09. (View)

henry m commented in entry 'MR Radio: Greg Johnson talks to GW and Daniel' on Tue, 16 Jan 2018 18:29. (View)

mancinblack commented in entry 'Trout Mask Replica' on Tue, 16 Jan 2018 16:51. (View)

This is the Day commented in entry 'Trout Mask Replica' on Tue, 16 Jan 2018 16:17. (View)

Emerald City commented in entry 'Trout Mask Replica' on Tue, 16 Jan 2018 15:46. (View)

mancinblack commented in entry 'America: Making The World Safe for Hypocrisy' on Tue, 16 Jan 2018 15:41. (View)

Anything, Anything commented in entry 'Trout Mask Replica' on Tue, 16 Jan 2018 15:26. (View)

The Allman Brothers commented in entry 'Trout Mask Replica' on Tue, 16 Jan 2018 15:04. (View)

Nobody to Depend on commented in entry 'America: Making The World Safe for Hypocrisy' on Tue, 16 Jan 2018 14:56. (View)

Pearl Jam commented in entry 'Trout Mask Replica' on Tue, 16 Jan 2018 14:09. (View)

John McLaughlin commented in entry 'Trout Mask Replica' on Tue, 16 Jan 2018 13:55. (View)

affection-tone