New Stuxnet Waiting for Green LightApril 24 2012 at 12:00 PM
Coalde (Login cwc.mgmt)
Interesting if true.
By Richard Sale, Wednesday, April 18, 2012 @ 09:04 PM gHale
In the event of war with Iran, Israel is going to deploy a vast array of high tech weapons that would “take out” Iran’s air defense systems by rendering them deaf, dumb and blind, and then inserting and activating a new version of the Stuxnet virus to destroy its command centers, said serving and former U.S. intelligence officials.
Israel’s battle plan also calls for the destruction of all of Tehran’s communication and network surveillance including its electrical plants, radar sites and command centers, said officials who requested anonymity because of their close proximity to ongoing investigations.
Israel’s multi-billion dollar program, developed with U.S. assistance, would include other high value targets such as Iran’s electric grid, its Internet, cell phone network, and even emergency frequencies for firefighters and police officers, these sources said.
Israel has already prepared measures to take down Iran’s electric grid making a list of more than two dozen sites. Israel learned from the U.S. blackout of 1996 when the power grid serving nine states collapsed depriving 4 million people of electricity. At first, U.S. investigators thought it had been an attack by terrorists, but after lengthy investigation the villain turned out to be tree limbs shorting out lines which then started a cascade of shorts through the system.
Two years ago, U.S. officials realized Iran’s big-city electric grids were connected to the Internet and therefore vulnerable to an attack of a new Stuxnet-type virus, U.S. sources said. Their grids are not “air gapped,” they said. The United States and Israel learned after Desert Storm, that Iran’s Command and Control could be disputed by denying it electric power. Israel has already made a list of Iran’s key electric sites and could jam Tehran’s equipment by using low passes of aircraft to disgorge tiny spools of carbon filament that unravel as they fall. These filaments would drape themselves over the power lines, knocking them out.
Denying electrical power would weaken or disrupt Iran’s command and control centers, U.S. officials said.
Israel’s double agents, who sources said implanted the first Stuxnet virus in Iran by means of a memory stick, would play a key part in the event of an Israeli preventive strike. Using double agents is not without precedence. During the Cold War, in an operation code-named TAW, the CIA was able to plant one of its own men in an effort to place a sophisticated bug that recorded all the conversations between KGB headquarters, its stations abroad and at home. Former KGB General Oleg Kalugin called it the CIA’s “greatest coup. They heard every conversation. Everything.”
U.S. officials said Israel could pull off the same feat. “It’s possible,” said one former U.S. official. Israel once gave a hand calculator to an Iranian official that contained a listening device, and it is believed thousands of bugs of that ilk have been seeded throughout Iran.
Israel has developed a weapon, based on U.S. technology that imitates a cell phone signal to order a cell network to stop transmitting signals. There are reports of other Israeli weapons capable of creating interference within Iran’s emergency frequencies for first responders. The psychological effect of Israel’s technology has its own crucial impact on Iran, a U.S official said.
In an attack on a suspected nuclear site in 2007, the Syrian military got a taste of this warfare when Israeli planes “spoofed” the country’s air-defense radars, at first making it appear that no jets were in the sky and then in an instant making the radar believe the sky was filled with hundreds of planes.
Israeli jets then bombed a suspected nuclear installation at al-Kibar in northeastern Syria. The chief question after the raid was why the failure of Syrian radar – supposedly state-of-the-art – hadn’t warned the Syrian military of the incoming assault. It wasn’t long before military and technology bloggers concluded this was an incident of electronic warfare – and not just any kind.
According to published accounts, the site was assaulted with a mix of electronic attacks and precision bombs that allowed the Israeli force to enter and exit Syrian airspace. Almost immediately, the entire Syrian radar system went off the air for a period of time that included the raid, U.S. intelligence analysts said.
These sources said the United States only provided advice for the air raid, not technology.
Other elements used “brute-force jamming,” which is still an important element of attacking air defenses, U.S. analysts said. Also, Syrian air defenses are still centralized and dependent on dedicated HF and VHF communications, which made them vulnerable, according to a report by Aviation Week. Their report said U.S. analysts don’t believe any part of Syria’s electrical grid was shut down. But Aviation Week sources contend that network penetration involved remote air-to-ground electronic attack and penetration through computer-to-computer links. There were also electronic “diversions,” to throw Syria off the scent.
That ability of non-stealthy Israeli aircraft to penetrate without interference rested on Israeli specialists able to hack into Syria’s networked air defense, said U.S. officials in the attack’s aftermath. According to sources interviewed by ISSSource, “network raiders” can conduct their invasion from an aircraft that sends signals into a network that then jumps from frequency to frequency until it finds an entry into Syria’s communications loop.
The United States has similar but improved technology that was going to attack Libya’s air defense system, but the plan was canceled at the last minute, U.S. officials said.
Re: New Stuxnet Waiting for Green Light
|April 25 2012, 4:27 PM |
This is an extract from an excellent Whitepaper I read this morning regarding the Stuxnet virus and it's potential application to other SCADA systems.
Iranian nuclear facilities, zero-day exploits, secret operatives and nation-state government involvement sounds more like the backstory to
a spy novel than a piece of malware. Yet Stuxnet, the most researched and analyzed malware ever, is still being studied and discussed in security circles around the world even though it was discovered more than a year ago.
You probably don’t operate a nuclear facility, so why should you care about a piece of software that targeted specific centrifuge models in particular nuclear plants in another part of the world? Simply put, Stuxnet made cybernightmares reality and changed the security world forever while simultaneously bringing to light the high risks associated with the supervisory control and data acquisition (SCADA) networks that control operations within many energy and utility companies.
In this report, we’ll explain what Stuxnet does (and doesn’t do), what aspects of Stuxnet you need to address, and what information you need to build a solid set of defenses. Let’s take a quick dive into the exciting world of espionage, custom-written rootkits and professionally developed cyberweapons, so you can better protect your network.
...the entire whitepaper can be downloaded from here...
...highly recommended reading.
|This message has been edited by cwc.mgmt on Apr 25, 2012 4:27 PM|