# Stuxnet: Anatomy of a computer virus (video)



## TheBeanie (Apr 8, 2011)

Title's self-explanatory. 
The online availability of stuxnet was a bad, bad idea.


----------



## Demian (Feb 20, 2010)

Wow , really cool


----------



## WhySoSerious (Mar 11, 2011)

So amazing, thanks for showing us!


----------



## Levone (Jun 21, 2011)

not happened to me, but people should be careful, some online sites promises free removal tools to get rid of the Stuxnet virus, but actually wipes the harddrive out. Always check scripts lines


----------



## Synthetik (Jun 17, 2011)

That was really interesting, and kind of scary.


----------



## DouglasMl (Nov 3, 2009)

Wow, a Pandora's box made entirely of code (as in, it's not possible to put its evils back in the box once it's opened).

All that's left now is _who's the next one to be hit_?


----------



## RobynC (Jun 10, 2011)

Personally, I think Stuxnet wasn't just created to destroy Iran's capability, but to provide an enduring cyber-security threat that will require governments to create elaborately intrusive cyber-security programs to deal with the problem. 

After all in the United States, Present Obama has been going nonstop about cyber-security this, and cyber security that, and most all the initiatives place Cyber Command, which is a military command at the heart of cyber-defense. This is a problem because the military is not supposed to be performing domestic policing functions and for good reason. To make matters even worse than that, the same guy who heads Cyber-Command (General Keith Alexander) is the same guy who heads the NSA, and the Central Security Service (which integrates the NSA with the Service Cryptologic Elements of the US Armed Forces) which has had a notoriously bad record over the past several years for performing massive warrantless wiretapping (any phone call you made, any e-mail you sent and received, as well as IM's have pretty much been all intercepted by the NSA with the help of telecommunications companies).

Since 2006, an NSA official under condition of anonymity claimed that the NSA had an objective to archive every single phone-call ever made in the United States, this year an individual who actually played a role in creating the technology used has stated that he has reason to suspect the NSA is archiving every e-mail sent over the past few years, and finally a former NSA employee named J. Kirk Wieb has actually stated the following: I feel I'm living in the very country I worked for years to defeat: the Soviet Union. We're turning into a police state."

Effectively, at least 90% of the reason for these cyber-security initiatives are about giving the government broad-sweeping powers to perform massive autonomous surveillance and data-mining of American citizens, businesses the likes the world has never seen. 

Over the past several years there have been a couple of prominent programs such as... 
ADVISE
AQUAINT
...and currently under development
Perfect Citizen: which is particularly designed for Cyber security.

That being said, I'd like to remind everybody in a manner reminiscent of the SNL bit on Julian Assange
- No matter how I die: It was murder (even if there was a suicide note or a video of me peacefully dying in my sleep) 
- Should I be arrested or framed for a criminal offense, or disappear entirely -- I think we all know who to blame for it


----------



## Sabaki (Jul 4, 2011)

I would like to take a look at that code. Just for learning, I am not evil.


----------



## MrShatter (Sep 28, 2010)

Very interesting thank you.


----------



## sprinkles (Feb 7, 2010)

LOL Stuxnet is a Windows virus.

I would not put Windows anywhere NEAR a nuclear facility.


----------



## Bote (Jun 16, 2010)

sprinkles said:


> LOL Stuxnet is a Windows virus.
> 
> I would not put Windows anywhere NEAR a nuclear facility.


Yah. I would not even put internet and mailing programs in a nuclear facility. -.-


----------



## absentminded (Dec 3, 2010)

Bote said:


> Yah. I would not even put internet and mailing programs in a nuclear facility. -.-


The problem wasn't their being in the facility. It's the hooking them up to important things that caused all the problems.


----------



## Vtile (Feb 27, 2011)

Yep, the most powerfull firewall is a meter of thin air between the phoneline and the computer. Yet only effective antivirus is a keyboard and a ton of code pages in a paper.


----------



## TheBeanie (Apr 8, 2011)

RobynC said:


> Personally, I think Stuxnet wasn't just created to destroy Iran's capability, but to provide an enduring cyber-security threat that will require governments to create elaborately intrusive cyber-security programs to deal with the problem.
> 
> After all in the United States, Present Obama has been going nonstop about cyber-security this, and cyber security that, and most all the initiatives place Cyber Command, which is a military command at the heart of cyber-defense. This is a problem because the military is not supposed to be performing domestic policing functions and for good reason. To make matters even worse than that, the same guy who heads Cyber-Command (General Keith Alexander) is the same guy who heads the NSA, and the Central Security Service (which integrates the NSA with the Service Cryptologic Elements of the US Armed Forces) which has had a notoriously bad record over the past several years for performing massive warrantless wiretapping (any phone call you made, any e-mail you sent and received, as well as IM's have pretty much been all intercepted by the NSA with the help of telecommunications companies).
> 
> ...


 
Thanks, that was rather well written and very informative. 
However, I think whether or not Stuxnet was created for defensive purposes isn't really important now -- creators of the the A-bombs and the first largescale guns had similar excuses too. If it had indeed been the people you think with those intentions, then it's the same issue seeing that they leaked the code and made it a readily available weapon. And for all we know, the US Govt may have had both defense and sabotage in mind. (If I'm missing a point, attribute it to my not being American )


----------



## TheBeanie (Apr 8, 2011)

Sabaki said:


> I would like to take a look at that code. Just for learning, I am not evil.


Hah, do let us know if you do.


----------



## RobynC (Jun 10, 2011)

*TheBeanie*



> Thanks, that was rather well written and very informative.


Thank you



> However, I think whether or not Stuxnet was created for defensive purposes isn't really important now -- creators of the the A-bombs and the first largescale guns had similar excuses too.


Correct



> If it had indeed been the people you think with those intentions, then it's the same issue seeing that they leaked the code and made it a readily available weapon. And for all we know, the US Govt may have had both defense and sabotage in mind. (If I'm missing a point, attribute it to my not being American )


Much simpler actually. The US government made the code public because that creates an enduring cyber security threat. It was the proverbial match that burns twice. It burned once in that it threw a serious monkey wrench into Iran's nuclear weapon's program; it burns twice in that it's now a threat that needs to be guarded against, and with it being open source, anybody could alter it and make it into an even newer deadlier weapon.

This means there's always a cyber security threat that has to be guarded against with ever more elaborate surveillance of ever greater intrusiveness. Never let a crisis go to waste, and should one not present itself, create your own.

It's a gift that just keeps on giving.


----------



## TheBeanie (Apr 8, 2011)

@RobynC

But I can't see what they might have to gain from a cyber crisis, presuming they were behind it and planned out the leakage. Since it's open source, it can be altered and used against them too. Would it not have been much safer for them if no one else got a share of the golden egg?
Unless you meant they did it to get a kick out of all the chaos.


----------



## RobynC (Jun 10, 2011)

*TheBeanie*



> But I can't see what they might have to gain from a cyber crisis, presuming they were behind it and planned out the leakage.


Well, 9/11 was a crisis gave the government all sorts of power that they didn't have before. I'm not saying 9/11 was orchestrated by our government, but it was a disastrous crisis (a crisis can be opportunistically exploited, allowed to happen, orchestrated).


----------



## whisperycat (Aug 9, 2009)

*Windows in a nuclear plant?*

You have to wonder how much of this is pure propaganda. Windows PCs hooked up to process control hardware in foreign nuclear facilities? I suppose the workers log on to Facebook while they're watching the centrifuges going round do they? Pulleeaze. The NSA had back doors in Windows in the early 80's and I can't see any reason why they wouldn't have them in Windows now. I'm sure Iranian computer scientists are aware of that. Windows has 0% penetration into the safety critical market and I'd class nuclear process control as safety critical, yes? Or do people really think that the centrifuges busily making weapons grade Uranium in a hundred US facilities are powered by f****n Windows 7 (or Vista, if they haven't upgraded LOL) ?


----------



## Vtile (Feb 27, 2011)

Prolly yes, with Allen Bradley SLC500 as a PLC :laughing: 
There is no need to hook the actual process to windows machine or any other PC on that matter. The one reason the StuxNet did have the usb spreading ability were that it could infect the programming devices of the PLCs = Windows PCs that way, which are in many cases kept as a standalone machines.

I'm really satisfied that that worlds biggest nuclear reactor will have old fashion relay programmed safety system when it's ready.


----------



## nightowl (Jul 18, 2010)

I remember reading about Stuxnet and found it interesting it was created to do certain things and its ability to stay hidden. I think most of us who have an interest in technology can agree this is definitely where the next weapons will be. If these viruses can shut off grids, nuclear plants, that is a way to definitely 'hurt" a country. 

In the video it says that it is available to anyone and that people are tinkering with it. That sounds like a a very stimulating yet scary subject. As it was said in the last bit of that video who knows who will use it?


----------



## TheBeanie (Apr 8, 2011)

nightowl said:


> I remember reading about Stuxnet and found it interesting it was created to do certain things and its ability to stay hidden. I think most of us who have an interest in technology can agree this is definitely where the next weapons will be. If these viruses can shut off grids, nuclear plants, that is a way to definitely 'hurt" a country.
> 
> In the video it says that it is available to anyone and that people are tinkering with it. That sounds like a a very stimulating yet scary subject. As it was said in the last bit of that video who knows who will use it?


Indeed, it does seem like Stuxnet is only the harbinger of an upcoming code war.
That is, unless it has already started.


----------



## nightowl (Jul 18, 2010)

I think with the attacks that have happened currently and over the last few years its already happening. The next big question what will be the first BIG disaster from the code war!!


----------



## RobynC (Jun 10, 2011)

*nightowl*



> I think with the attacks that have happened currently and over the last few years its already happening. The next big question what will be the first BIG disaster from the code war!!


No idea, but rest assured, our government will milk it to the maximum possible extent to justify it's cyber-security proposals _(mass surveillance and data-mining of the internet, and the internet kill switch)_


----------



## NotSoRighteousRob (Jan 1, 2010)

stuxnet is not the first of it's kind, and it won't be the last. Putting it online more than likely helped to develop countermeasures if anything. The code already existed it is not as if people were going to leave it alone as is. Cyber security is a very real threat as more and more things become interconnected, although having the main components to a nuclear facility accessible through an internet connection instead of a stand alone operation seems like a bad idea. From my research when you investigate botnets and other viruses that don't cause any damage anywheres from 1 out of every 5 people have a virus on their computer. Anti-virus protection will not stop many and even hardening your root partition using a firewall with integrated heuristics can be bypassed. It is good practice to use updated software on a live cd to scan a computer every so often. I myself format and rebuild my operating system every semester. I've disinfected many systems with Norton and Mcafee AV on them.

The biggest threat to individuals unfamiliar with computer security is the rouge programs similar to what levone was talking about. They act like official Windows security alerts asking permission to more or less bypass any security on the current host system and then locks the user out holding the pc for ransom. Easy to remove if you know what you are doing but a pain if you don't have the current software or another computer accessible.

While the nuclear arms race may have ended the cold war will never end until we unite as a species instead of countries or one destroys the rest or all of us.


"Kill one man you are a murderer, kill thousands a conqueror, Kill them all and your God"


----------



## nightowl (Jul 18, 2010)

@NotSoRighteousRob, since you know something about the subject of security what do you think about this article?


Cybersecurity is a myth - Aug. 5, 2011*http://personalitycafe.com/members/notsorighteousrob.html*


----------



## NotSoRighteousRob (Jan 1, 2010)

@nightowl 

It is a very accurate summary of the way things are. Nothing can ever be 100% secure, and contrary to popular belief Windows is not any less secure than Macintosh or Linux. Hackers and/or the creators of malicious software and code generally go after the biggest target which just so happens to be Windows. Something like over 70% of the worlds computer users use some form of Windows operating system and I know if I wanted to cause the most damage or gain the most information I would target Windows.

The biggest threat is not destructive programs anymore. It is the quiet code that steals information including passwords and login information for bank accounts and other sensitive documents. Rootkits will write themselves into the very first sectors of a computers hard drive making it virtually undetectable and difficult to remove by ordinary measures. While it hasn't been discussed much the concept of creating a virus to infect a computers BIOS is quite real although it wouldn't be very beneficial except for specialized targeted attacks similar to this stuxnet virus. 

Just by having a computer connected to the internet it is possible to hack into it without the owner even having to be sitting at the machine. These are all very advanced techniques that are required to do so but just as there are specialists in every field people have devoted their entire lives to this area and are able to do things that are quite amazing, and quite scary.

Companies like HBGary which actually advise and consult for many government facilities was hacked by the group Anon, and this is a firm devoted completely to computer security and military implications. The same firm that spent millions of dollars on the first commercial quantum computer.

For personal computer security for those who don't realize the importance of a secure password this site will give you an idea just how easy it is to crack a number of passwords a password of 9 numbers which has 1000 million combinations can be cracked in an instant with the right hardware, and this was done years ago. even with a basic computer like your average laptop it would only take about a day. 
http://www.lockdown.co.uk/?pg=combi&s=articles

Honestly I wish I didn't know as much as I do about computer security, my paranoia was bad enough without the knowledge.

In short perfect cyber security does not exist. When WEP encryption for wireless networks was first released, it was announced at a conference and was supposed to be impenetrable, later that day people at that conference announced they had cracked it.

Anonymous Hacks Security Firm Investigating It; Releases E-mail | Threat Level | Wired.com


----------



## sprinkles (Feb 7, 2010)

NotSoRighteousRob said:


> stuxnet is not the first of it's kind, and it won't be the last. Putting it online more than likely helped to develop countermeasures if anything. The code already existed it is not as if people were going to leave it alone as is. Cyber security is a very real threat as more and more things become interconnected, although having the main components to a nuclear facility accessible through an internet connection instead of a stand alone operation seems like a bad idea. From my research when you investigate botnets and other viruses that don't cause any damage anywheres from 1 out of every 5 people have a virus on their computer. Anti-virus protection will not stop many and even hardening your root partition using a firewall with integrated heuristics can be bypassed. It is good practice to use updated software on a live cd to scan a computer every so often. I myself format and rebuild my operating system every semester. I've disinfected many systems with Norton and Mcafee AV on them.
> 
> The biggest threat to individuals unfamiliar with computer security is the rouge programs similar to what levone was talking about. They act like official Windows security alerts asking permission to more or less bypass any security on the current host system and then locks the user out holding the pc for ransom. Easy to remove if you know what you are doing but a pain if you don't have the current software or another computer accessible.
> 
> ...


Best security is still physical security, and deception.

Even Linux or UNIX aren't immune (but can be a lot harder to crack if set up right, which means more than slapping a firewall on it)

Best to make it so where you have to be at a specific, physical terminal to do much damage (and then just not let people know it is there, preferably)


----------



## nightowl (Jul 18, 2010)

@NotSoRightousRob, I am late in keeping up with the cyber attacks, but i do read about the one you mentioned. Its interesting and scary that a company such as them was hacked. Yes i have heard about it isnt viruses and such but code and similar things that can bypass security silently and be in a system without anyone knowing it. I dont claim to be a know it all with computers ( far from it , but ALWAYS learning)!!

So, what are your thoughts on this group Anonymous?
*
*


----------



## NotSoRighteousRob (Jan 1, 2010)

@sprinkles , yes you are right when physical security along with a stand alone machine set up is an easier route for making a building more secure. And unix/linux do give you easier customization abilities to allow for stronger security measures although I've found resetting a password on someone elses machine actually easier with unix than it is with windows almost. Granted thanks to Hirens boot CD all you need is a click of a button to do either anymore..

Deception along with misdirection is a very powerful tool. A DMZ is a very useful tool for network admins to help monitor breaches in security without giving the attacker access to anything incredible important.

@nightowl

Anonymous for the most part has remained mostly harmless as far as who they have targeted and why. Lulz sec, a splinter cell of Anon has done some of my favorite attacks such as my favorite:









Sadly however they have claimed to be disbanding and rejoining Anon. Also it appears that Anon is becoming more financially motivated which may mean we will see more malicious attacks in the future

The recent DDoS attacks committed by Anon were vastly done out of retaliation of actions taken against wikileaks and I can respect the for of non-violent protest that the group took. If they were however to start doing these things as a result of financial motivation I would lose admiration of their principles. As a group they have proven that they are extremely proficient with their abilities and I doubt any corporation or government agency will ever refer to them as a group of kids again. In many cases they have shown tenacious resourcefulness when it comes to achieving their goals, and this is generally the case of any group as large with a variety of talents.

Personally I would love to have my own botnet, and have given some serious consideration as to whether I would have the skills to do so. Not for any malicious reason but just so I would be able to complete some of the tasks I perform in seconds instead of days. Really it's better off that I don't because the potential for abuse would be great and me being me... well.. it's best I leave it at that


----------



## nightowl (Jul 18, 2010)

@NotSoRighteousRob, I too read that about Lulz disbanding then joining up with Annon. They defiantly do have skills/resource to get at the information they want. Yet, the thing with Annon and the identity of its members is the anonmity it could span from kids to adults! 
http://personalitycafe.com/members/notsorighteousrob.html


----------



## sprinkles (Feb 7, 2010)

NotSoRighteousRob said:


> @sprinkles , yes you are right when physical security along with a stand alone machine set up is an easier route for making a building more secure. And unix/linux do give you easier customization abilities to allow for stronger security measures although I've found resetting a password on someone elses machine actually easier with unix than it is with windows almost. Granted thanks to Hirens boot CD all you need is a click of a button to do either anymore..


This is why on my secure machines I password lock the BIOS and disable booting from removable devices, as well as have a password lockout on the bootloader AND passwords to log in, and no user account for root.

Basically the only way around that is to get inside the case and fool with the hardware which makes a good speedbump at least.


----------



## NotSoRighteousRob (Jan 1, 2010)

@sprinkles , while I cannot say with 100% certainty I've been able to circumvent Bios passwords just as easily as standard passwords once I know of the motherboard manufacturer. Granted it would be more difficult with the disabling of booting from external devices. It isn't commonly known but many bios manufacturers actually create fail safes to prevent accidental lock outs of machines. However if you were to use truecrypt to encrypt the hard drive as well as the boot partition it would take the resources of the federal government (or the botnet I desire) to break through the security. 

For those who are overly cautious truecrypt offers many ways to secure various functions on a computer, it goes as far as to have a complete hidden operating system encrypted within an already encrypted operating system which is supposed to allow for the use of the argument "plausible deniability " should a person be forced to reveal their password.

I feel as though I've reached the point that unless I am at a machine without 256 bit encryption on the entire hard drive then accessing it's contents is just a matter of using the right tool. And I really don't feel that I am as experienced as many people already out there. My skills while continuing to grow are nothing compared to those of some people I've encountered and can't even be measured against those of forensic scientists currently employed by many government agencies around the world. 

I really need to improve my skills in the linux/unix area. I'm still what I would consider a novice in this aspect, I spend most time focusing on windows because if I want to make money with my knowledge I need to focus on the larger consumer base, however I do find many flavors of linux appealing and wish I had more time to devote to the learning of it's programming.


----------



## sprinkles (Feb 7, 2010)

NotSoRighteousRob said:


> @sprinkles , while I cannot say with 100% certainty I've been able to circumvent Bios passwords just as easily as standard passwords once I know of the motherboard manufacturer. Granted it would be more difficult with the disabling of booting from external devices. It isn't commonly known but many bios manufacturers actually create fail safes to prevent accidental lock outs of machines. However if you were to use truecrypt to encrypt the hard drive as well as the boot partition it would take the resources of the federal government (or the botnet I desire) to break through the security.
> 
> For those who are overly cautious truecrypt offers many ways to secure various functions on a computer, it goes as far as to have a complete hidden operating system encrypted within an already encrypted operating system which is supposed to allow for the use of the argument "plausible deniability " should a person be forced to reveal their password.
> 
> ...


Yeah that can work. Another thing I like to do is make a virtual file storage system using loopback device. It's like having a hard drive inside of a file, you can mount it and it operates like a totally separate drive but it is inside an innocuous file which you can hide somewhere like among the crapton of system files that Linux has. Nobody would think to find it there unless they are seriously ripping things apart for a reason.


----------



## Britt Mathis (Aug 11, 2011)

This is exactly why I run Ubuntu. lol


----------



## dusttrust (Mar 4, 2011)

Thank you. Interesting... and scary lol.


----------



## RobynC (Jun 10, 2011)

How do you guys know that LulzSec isn't somehow infiltrated or controlled by HB Gary or the government?


----------



## Mumintroll (Aug 27, 2011)

Just a minor detail: there isn't anything like a Siemens Mobile Phone company. It seized to exist many years ago. Probably meant "code from the former Siemens Mobile Phone company."


----------

