Incident Response, Network Security, TDR, Threat Management

Leading Stuxnet theory points toward sabotage and SCADA inside players

German IACS researcher Ralph Langner has stated that Stuxnet is a directed attack against a specific control system installation, with system fingerprinting behavior which would log and differentiate which SCADA system it had infected.

Because of the geopolitical circumstances surrounding the location where most attacks were recorded (Iran), the current hypothesis points toward Bushehr and other nuclear plants as the lead targets.

Look at the Iranian nuclear program. Strange – they are presently having some technical difficulties down there in Bushehr. There also seem to be indications that the people in Bushehr don't seem to be overly concerned about cybersecurity.

When I saw this screenshot last year I thought, these guys seem to be begging to be attacked.

If the picture is authentic, which I have no means of verifying, it suggests that approximately one-and-a-half years before scheduled going operational of a nuke plant, they're playing around with software that is not properly licensed and configured. I have never seen anything like that even in the smallest cookie plant.

The pure fact that the relevant authorities did not seem to make efforts to get this off the web suggests to me that they don't understand (and therefore don't worry about) the deeper message that this tells.

Ralph ends his summary with the following phrase:

Welcome to cyberwar.

I recently completed a series of articles detailing cyberwarfare. Additionally, SC Magazine has a category for cyberwar.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.