Subj : Was attacking Iran's computers a good idea? To : ALL From : BOB KLAHN Date : Mon Jan 17 2011 21:47:28 Well, it's out, the worm that attacks industrial controls was, supposedly, developed by the US and Israel to damage Iran's nuke program. The former head of the Mossad said Iran's program has been set back maybe 4 years. Though he did not mention the worm. Ok is this a good idea? Last I heard the US intel agencies said Iran does not have a nuke weapon program. Has that changed? If not, why is the US believing foreign sources, and not the US sources? Why is the US taking risks like that for Israel, and Saudi Arabia, and other Arab, actually Sunni, countries? And the risks may well be greater than realized. I first heard of the Stuxnet worm on NPR, some weeks back. Then it was just speculation that Israel had developed it, low level speculation. The real issue was, it was turning up in industrial systems. See, the worm attacks industrial controls made by Siemans corp. Siemans is a German company that makes a wide variety of products, but is big in industrial controls. There are two general types of industrial controls. One is a control that is designed solely for industrial operations, and has little similarity to any computer that you would have contact with. That is the kind I am mostly familiar with. The other is a PC with softward and interfaces for industrial operations. It is typically run with some form of Windows. Now, I do not know which they are using for those centrifuges. If they are the PC controlers, then the worm is very likely a complex version of the typical computer malware. Since it was said to be spread through flash drives I suspect that is what they are dealing with. If it's the pure industrial type, it is unlikely the worm is in the controller itself, but in the computer that programs the controller. That would take a truly high level worm. Which may be why the Stuxnet is considered so complex. The programming computer would have an altered program it would feed into the controller, and that is how it would do the damage. Either way, once the worm is discovered, I doubt it will take much to alter it to attack controls for systems other than nuclear related. What would be the effect if factories all over the country, all over the world, suddenly started haveing breakdowns due to an altered version of the worm? If I were asked to create one, I would probably just have a time delay after it's inserted, to create difficulty in tracking it down. Then I might just have it freeze all the control outputs on at one time. If a machine is running, and suddenly the controls freeze up with the machine in motion, the results can be disasterous. Things don't move out of the way when they should, don't detect positions right, don't stop when things go wrong. I would freeze them on because turning them off might stop the machine, which could prevent or lessen the damage. With the PC type control the hacker has more flexibility. He can put in options to seek out the best way to do damage. If it's on the web he can even have it send back I/O info to find the best way to do the most damage. Now, this worm is out there, and not just in Iran. So, how long till hackers get hold of it. Wanna bet they don't already have it? And if Iran wants revenge, how many hackers can they buy for maybe a few million dollars? Maybe $20 Mill? On top of that, we have justified Chinese cyber attacks on our systems. We did it, why can't they? Cyberwarfare may well have begun, and we are the aggressors. Now as to the motives, that's another message. BOB KLAHN bob.klahn@sev.org http://home.toltbbs.com/bobklahn .... There is a current shortage of plowshares and a vast surplus of swords. --- Via Silver Xpress V4.5/P [Reg] * Origin: Doc's Place BBS Fido Since 1991 docsplace.tzo.com (1:123/140) .