Posted by |
|
|
|
|
|
Iran’s nuclear programme has been threatened by a powerful virus distributed through the internet. Richard Spencer reports on a new age of cyber warfare.
By Richard Spencer
Source:
4 October 2010
On a Vancouver stage last Thursday, a young Irish computing expert gave a filmed presentation showing how the world could end with the pop of a balloon. The presentational qualities are, well, geek-like, the sound quality poor, and the whole experiment has the air of a Year 7 science project. Nevertheless, the is spreading like wildfire from one software blog to the next.
In the past few days, the expert, Liam O Murchu, has become the new star of Geek Universe, quoted from PC World to the Washington Post. But unlike most such young men, his impenetrable analyses of computer coding have a frightening relevance to physical realities. Hence his experiment, performed at the Virus Bulletin 2010 conference in Canada.
O Murchu was demonstrating how a computer worm called Stuxnet had effects that went beyond blowing up your computer screen. It could blow up real things, too. Stuxnet has infected operating systems on equipment manufactured by the German industrial giant Siemens and has, as he puts it, “real-world implications beyond any threat we have seen in the past”. It could attack oil pipelines, power stations, even nuclear plants.
To prove the possibilities, O Murchu set up a basic air pump, controlled by a Siemens system, on the stage in front of him. The pump delivered a timed burst of air into a balloon, which inflated moderately. O Murchu then infected the system with Stuxnet, pressed a button, and hey presto! The pump pumped, but did not stop. The balloon went on inflating till it burst.
Imagine if the balloon were, in fact, an nuclear power station. For that, in essence, is the possibility that has brought O Murchu’s name to public attention.
Stuxnet has been around since last year and its workings were first described four months ago. But such was the size and complexity of its coding that only more recently has its true nature become fully clear. What scores of analysts like O Murchu, who works for the anti-virus firm Symantec, have found is that it targets the industrial infrastructure that underlies our everyday lives. They have also found that the country worst affected is Iran, which by last week had reported around three in every five infections worldwide.
It has not taken long for the implications to be spelt out. Ralf Langner, a German analyst with detailed knowledge of Siemens systems, had this to say on his personal blog: “Can we think of any reasonable target that would match the scenario? Yes, we can. Look at the Iranian nuclear programme. Strange – they are presently having some technical difficulties down there in Bushehr.”
Bushehr is a nuclear power station which has been built by Russia for Iran and which, within a fortnight of Mr Langner’s posting, confirmed that its opening had been delayed by two months, to January. Mr Langner even found a photograph taken inside the plant showing a computer screen – configured, he said, to run a Siemens operating system affected by Stuxnet and, moreover, configured wrongly so that it was vulnerable to bugs.
Iran has subsequently confirmed that computers run by Bushehr scientists have been infected, though it insists the plant itself is undamaged.
Another German analyst, Frank Rieger, went further. Bushehr is disliked by Iran’s enemies, but not nearly as much as its separate uranium enrichment programme, which the West believes is part of a nuclear weapons programme. Since last year, mystery has surrounded its main facility at a place called Natanz, where the number of working centrifuges, the main enrichment devices, suddenly fell by 15 per cent – at the very time Stuxnet is first thought to have hit Iran.
As analysts reverse-engineering the code commented to Mr Rieger: “This is what nation states build, if their only other option would be to go to war.”
Israeli officials, governed by security laws, rarely reveal military secrets but are skilled at alluding to them in veiled ways. In July last year, Mr Rieger noted, a few days before Natanz’s problems were leaked, a retired member of the Israeli security cabinet and a veteran of Shin Bet, the Israeli secret service, briefed the Reuters news agency on what an Israeli cyber-warfare attack might look like.
Following a security drill that had revealed how a hacker could explode an Israeli fuel depot, the Shin Bet veteran said, cyber-warfare teams set about developing technologies that could employ this knowledge.
The briefing made clear that they had succeeded. “In retrospect, the piece sounds like an indirect announcement of a covert victory to allies and enemies,” Mr Rieger said.
In the past week, attention has focused on O Murchu’s discovery of a trace of a keyword in Stuxnet’s instructions: Myrtus. Myrtus, or Myrtle, in Hebrew becomes Hadassah, and Hadassah was the birth-name of Esther, the Jewish biblical heroine married to a king of Persia. Esther discovered that a courtier was plotting the murder of all of Persia’s Jews, and persuaded her husband to allow them to rise up pre-emptively to slaughter their assailants.
Could this be a further clue as to Stuxnet’s origins? It is already thought that defective parts have been deliberately fed into Natanz through imports of “dual-use” technologies slipped past the international sanctions imposed on Iran.
“This is a technology war that has gravitated into a cyber attack,” says Theodore Karasik, research director at the Institute of Near East and Gulf Military Analysis. “It’s not new but it’s getting more ferocious.”
Some analysts poo-poo the theory. One commentator points out that Myrtus could simply stand for My Remote Terminal Units.
A blog on the website of Forbes magazine refers to the diplomatic struggle between China and India. In July a glitch on a satellite used by most of India’s satellite television stations blacked them out, forcing operators to turn to a Chinese competitor. The Indian space programme uses Siemens operating systems.
We may never know for sure. The odd thing is that Stuxnet, so far, hasn’t actually been proved to have done anything. Stuxnet contains a “switch” believed to target one very specific, tailored Siemens system – but no one knows which one, or what the switch is intended to do.
Stuxnet “master controllers” have been traced to computer servers in Malaysia and Denmark, and the two security certificates that allowed the worm to infect systems were stolen from Taiwan. Thereafter the trail goes cold.
Israel has little to gain from denying or confirming anything. It cannot own up to what some see as a monumental act of irresponsibility – the creation of a worm that could attack any sensitive system anywhere in the world. On the other hand, its struggle with Iran is also psychological, and it does it no harm to be thought capable of disarming a nuclear programme without launching a missile.
Truth is the first casualty of war, but in a real war, the battlefield can only be obscured for so long. In Second World War prisoner-of-war camps, inmates traced on hand-drawn maps the overwhelming victories claimed by Japanese radio broadcasts and watched gleefully how
the “victories” took place ever closer to the Japanese mainland.
In cold wars, the process of deduction runs in an opposite direction. Spy agencies reveal the failures – the defecting Philbys – and only when they become more insignificant do we know victory is approaching.
Who knows the names of the spies who triumphed? Iran will never admit, and Israel may never say, if it was Stuxnet that damaged Natanz. There is one further hint, though. When Stuxnet does triumph, it leaves a number imprinted on its new host: 19790509. That number, Mr O Murchu says, seems to be a date – May 9, 1979.
Many things could have happened on May 9, 1979: it may just be someone’s birthday. But newspaper archives also tell us it was the day Habib Elghanian died. Who was Mr Elghanian? He was the first Iranian Jew to be hanged for spying by the new Islamic Republic. And as we all know, revenge is a dish best served cold.
Since we’re talking history, we might as well save the first casuality of war – The Truth.
Iran is NOT a traditionally islamic country. Islam infected my poor country only a thousand years ago. These bastards forced my ancestors to ignore lovely Pars names and adopt horrible Arabic muslim names instead. The bloody muslims claim my ancestral knowledge to be their “Islamic science”.
the world does not know that Shiraz is in Iran, and we made the best wine in the world until the muslims screwed us up.
The world does not know that Benyamin Netanyahu is an Iranian by origin.
The world does not know that once, it was a single nation from the western border of Iraq to the eastern Island of Bali in Indonesia.
We were all Vedics (Zarathusht’s philosophies are all based on this ancient Bharathic testament)
Today, sadly enough, our culture is found more in countries like India (Real Name: Bhaaratha) and Cambodia.
We have de-evolved from Zarathushtrians to bloody muslims. Cry, my beloved land! For I cannot save you from the wrath of the bloody Muslims.
Thank you for your wonderful comment Mr. Ghazni. Very intelligent and sensitive.
It is so good to see some truth in the whole equation. I am a pure Iranian i.e. not mixed up with filthy Arabs etc.
I feel a lot for my land, and cannot understand how our people prefer to live with the Islamic regime rather than die.
My ancestors were driven off their land because they were pure Iranians – pure people of Pars.
Our neighbours were Bhakthiari and their house was taken over by a bastard muslim import from Lebanon (also known as a Bassiji).
If you’re muslim, you can simply take over a non-muslim’s land and house. Injustice at its best!!
Mr Ghazni is right – today, our ancient culture exists in some form only in The Subcontinent. At least those Indians kicked the muslims and the british out of their country. While the British didn’t quite manage to screw my land (though the curs stole whatever they could), my people have put up with this Islamic feces for too long, I feel.
When Nedha was shot, I wept. For my land, for my people, for my culture and its nearly-extinct heritage.
Let us kick out Islam and free our nation for good — Like neighbouring Bharath (India) and Khmer Kampuchea (the real name of Cambodia). At least the Cambodians still have their Kings/Princes.
Our Shah was an Islamic idiot who not only destroyed many good things but also handed my land over to the bloody muslims on a silver platter. Perhaps we can vote for a Native Pars King or Queen?
We were once a land of righteousness and a model for other societies.
Waht are you talking? Iran is a symbol of Islam. We Pakis are very proud to be your neighbour.
You are upholding holy Koran.
I am so glad to see these refreshing comments.
As a persian, never could digest Islamic @!!# ( please don’t get insulted, truth hurts) . How can we follow the religion that raped our nation and land?!
Aknowledging the truth is only cure for Islamic infection….
Hamid Bilwani, DO NOT FORGET that Iran is for Iranians and not for the pride of you Pakis! Your proud is not our concern.
Please Anoushiravan, do not generalize and insult Arabs. The Persian pride thing is wonderful but to disparage others is neither Persian (Cyrus the Great embraced everyone) and one cannot and should not in the name of decency disparage people of many different cultures because of the modus operandi of a religion that has oppressed the identities of those peoples.
This site is for dialogue and discussion and we in the editorial board who are all Iranian disparage all racial insults.
Wow. This is quite the discussion indeed.
Zand, totally understand that you wish to keep your standards on this website.
I will, however, agree with his Nationalistic view. My grandfather worked in Persia when the Shah was still around.
We had to leave Bharath because the Indira Gandhi regime and other supporters of Islam would’ve killed our family.
My family, to this day, holds documents that are nearly 6000 years old. These documents prove that monuments attributed to the Central Asian Muslims i.e. Mughals (who also raped Iran) never actually did anything except pillage and loot civil societies.
for instance, that famous Taj Mahal was a Vedic temple known as Tejo-Mahaleya, and those fanatics ‘converted’ it.
Anyway, what I’m saying is that I would agree with Anoushiravan in his view that tyrannical religion – be it Islam, Christianity, Judaism or Paganism must be kicked out of any country in order to build that nation.
I have to agree with the historic facts here – Arabs and Muslims in general, try to steal scientific credit for a LOT of ancient achievements that originate from Bharath (which included what was later famous as Pars) about 30000 years ago.
for instance, we all know that the ‘modern’ decimal number system comes from what is now (sadly) known as India. the Ancient Bharathas invented the Zero, Algebra, Trigonometry and Geometry, amongst other sciences.
Back then, these people (when I say Bharatha, I mean all the land from modern Iraq to modern Indonesia) could calculate the precession of the equinoxes to an accuracy several decimal points.
With modern computers, it takes us months!
And yes, my grandfather, a great scholar, had a lot of respect for the great people of Pars. He always said that it hurt him to see what was happening to an ancient land like Iran, and I think I know what he means.
He also used to say – the Pakis are essentially misguided Indians, but the Iranians are just being oppressed by Politico-Religious dictators.
Of cousre, he said those things a long time ago, and he’s dead now, but I guess we’re all witnessing the depth of what he said back then.
I am very proud of the ancient culture of Pars, and ties it has to the ancient Bharathic culture (it was all one nation back then, with several little kingdoms within) —- not just because the love of my life is a gorgeous Bhakthyari from Tehran, but also because I know that in spite of all media-gnerated separations, we are all still one nation with a remarkably similar culture (traditionally, anyway).
And in turn, she is proud of where I come from because in spite of Islamic oppression in India by the Mughals for hundreds of years, only 13% of the population is Muslim today.
My our cultures and rich heritages shine long and far! I pray that Mother Iran is freed from all kinds of animals and dictators.
First of all Nationalism always leads to fascism and intolerance; it’s not for nothing that the word NAZI was the Nationalist Socialist party. PATRIOTISM however is a different story and one must be HYPER vigilant about that. Anyone who claims to love their country and wishes to hold up the highest standards of righteousness in the name of their country, then lowers themselves by speaking hatefully of other nations and races. Frankly, I find insulting Arabs extremely low class and ‘un’Iranian as Cyrus the Great embraced one and all. AND THEN, Iranians who are hyper emotional do not seem to get it through their head that like Iran which is made up of various ethnicities, Arabs are also made up of various ethnic backgrounds as well…so to insult ALL who fall under the broad brush stroke of Arab is frankly not only disgusting, it’s downright backwards.
Before anyone judges me, I must say that I will die for my land.
History tells us that British and American oil interests lobbied to gain control of the oil drilling, production and distribution industries in Middle East Asia.
It was the British government’s execution of the creation of the state of Israel that finalised the everlasting legacy of political dissension in that area.
One must remember that until then, Philistine (or Palestine) existed only in religio-political accounts i.e. bible manuscripts etc.
It does make one wonder which nations or what governments must be taken to task for escalating the situation to what it is today…
Given that by ethnicity and origin, the original inhabitants of this area are very similar, it is a shame that the situation is maintained to the benefit of petro-dollar lobbies around the world.