The Ethical Hacker Network - Stuxnet: Cyber Warfare or not?

Latest Additions

Who's Online

H1t M0nk3y

Hero Member

Offline

Posts: 864

Stuxnet: Cyber Warfare or not?

« on: October 06, 2010, 07:25:31 AM »

Here is an interesting article about Stuxnet, the worm who has, among other targets, infected Iran's nuclear facilities:

Quote

It's hard to think of a story in the last few years that has generated more hype, conjecture, posturing, hyperbole and misdirection than Stuxnet, with the possible exception of the Aurora attacks. The commentary and hype around Stuxnet has shifted and morphed over the last few months, and now it seems to have coalesced around the idea that the malware was the work of Israeli intelligence and targeted specifically at Iran's nuclear program. But this line of thinking fits together all too easily and has a number of inherent flaws.

http://threatpost.com/en_us/blogs/rethinking-stuxnet-100410

A very good article indeed.


	Logged

OSCP, GPEN, GWAPT, GSEC, CEH, CISSP

dante

Jr. Member

Offline

Posts: 58

Re: Stuxnet: Cyber Warfare or not?

« Reply #1 on: October 06, 2010, 09:22:02 AM »

Interesting read.. I might be wrong but media is entirely focusing on the theory that supports Iran vs Israel... Infact more machines in India and Indonesia have been affected... Why not Pakistan vs India? Is pakistan not capable of it? No.. Buying vulnerabilities and exploits has been going on for several years in the underground circle..
Check out this
http://blogs.forbes.com/firewall/2010/09/29/did-the-stuxnet-worm-kill-indias-insat-4b-satellite/

why it has to be even between countries? Why not between companies? Why are we speculating when we do not have enough facts? What we are trying to do is essentially taking a theory and trying to fit every known fact into the theory...

With four zero day vulnerabilities and usage of stolen certificates, I think the industry and media has never seen the likes of it before and responding in a way that is not completely rational ...

Here is a nice take...
http://blogs.forbes.com/firewall/2010/10/02/stuxnet-speculation-fuels-crackdown-by-iranian-intelligence/


« Last Edit: October 06, 2010, 09:57:54 AM by dante »	Logged

H1t M0nk3y

Hero Member

Offline

Posts: 864

Re: Stuxnet: Cyber Warfare or not?

« Reply #2 on: October 06, 2010, 12:14:48 PM »

Thanks dante for the links.

Quote

When subject matter experts mix authoritative research in their realm of expertise (malware analysis) with unsubstantiated speculation outside their expertise (intelligence analysis), and when the issue is as arcane as so-called “weaponized malware”, bad things can happen and innocent people suffer.

I couldn't agree more with this quote.

To me, this is like the security in the airplanes. Yes, security was too loose in 2001. But since then, security has been tighten and it is fine now. Why are they introducing their new scanners that can see through clothes? This to me is lobbying and propaganda...