Category Archives: Miscellaneous

Stuxnet Worm: Is it a real cyber war?

A lot of people in the Middle East have heard of the Stuxnet worm in newspapers, TV, and on the Internet. Many experts and security professionals are still writing their thoughts and analysis about this type of worm. But Frank Rieger, a German security expert believes that this worm is not something normal. He stated that “This is a game for nation state-sized entities, only two handful of governments and maybe as many very large corporate entities could manage and sustain such an effort to the achievement level needed to build Stuxnet”.

Many experts believe that this worm is built specifically to target the SCADA systems of either Bushehr reactor or the Uranium enrichment plant in Natanz and both in Iran. But is anyone able to determine the true target of this worm? Let’s see few facts about this worm and then we can answer such question.

This report revealed important information about the worm and how it exploits the Zero-Day vulnerabilities of Microsoft Windows Operating system.

The worm specifically targets vulnerabilities in Siemens WinCC which is part of the SCADA system. This system is so called “Human Machine Interface” or HMI. The system is running on Windows OS. Siemens announced on its website “Siemens is taking all precautions to alert its customers to the potential risks of this virus. We have reached out to our sales team and will also speak directly to our customers to explain the circumstances. We are urging customers to carry out an active check of their computer systems with WinCC installations.

“There are already three virus scan programs recommended for Siemens systems from Trend Micro, McAfee and Symantec, the latest versions of which can detect the Trojan. The effect of deploying these programs on the Runtime environment is currently being analyzed and an approval will be issued shortly”. The problem with this worm is that it is designed to infect the vulnerable OS using flash USB sticks. Once you insert the USB Stick and start browsing, it is triggered! Even disabling the Autorun feature in Windows OS will not help at all! Being a worm it can be propagated easily using networks and the Internet from one infected PC to another.

A Canadian security expert published a whitepaper that summarizes the information about the worm and how to avoid the infection on SCADA system. Siemens also published this information which means that this is a real and serious problem!

Symantec which is the one of the giant security firms revealed in this report that Iran has the most infections! While Microsoft also revealed that 45,000 Computers around the world is infected by this worm!

Many speculations say that this worm is mainly targeting Iran and especially Bushehr reactor. But theoretically and practically, this worm is designed to infect SCADA systems at large. Reactors are using SCADA systems for sure but there is no evidence that this worm is specifically designed to target the Bushehr reactor. According to Iranian officials there are at least 30,000 computers infected with the worm. However other Iranian officials stated that Bushehr reactor is not using SCADA systems from Siemens!!! It looks that the worm is exploiting both Windows and Siemens SCADA systems…

Other Iranian officials said that “Iran is under Cyber-Attack”

Although many experts believe that this worm is supported by USA, Israel, or NATO. There is no evidence until now that this worm is designed there or even that it was designed to target Iranian critical infrastructure!

I believe that more information will be revealed soon when this Worm is analyzed. And we might see that USA or Israel is truly involved. In the other hand, we can’t neglect the conspiracy theory, Iranian or Western propaganda, or even real cyber attack!

In the world of politics we can expect anything! Don’t forget the problems between Iran and the Western countries. However there are always underground information, relations, covert channels, or scenarios!

The problem with this type of worm if security professionals are able to reverse engineer it, we will face new generation of worms or malware. This worm might find its way to the hands of cyber-criminals, cyber terrorists, or even script kiddies. In addition that PLCs or programmable logic controllers are widely used in everything from cars up to nuclear reactors. In this case we will be facing new generation of “Cyber Terrorism”.

Robots are guilty!

Scientists revealed that we might soon see new wave of crimes committed with robots!

It is not really a new Sci-Fi movie but I believe in this research. If you think of the early Internet as a military tool, you might not imagine what we are doing now. Inventions have always two sides. Good one that could be used by good people to do good things and advance the humanity. But we will have also the other side, the bad one! Think of chemistry, you can use the same materials to develop medicine and also explosive materials with little variation. It is the true story of science. This is why we should be ready with expanding our knowledge. Even computers are now used in good things such as industries, development, education, and invading the space. And at the same time can be used to commit a crime! It’s never been easier to commit a crime with computers and technology. Hobbyists and script kiddies can conduct a sophisticated cyber attack that cost millions of dollars with just few clicks! As long as it is easy to use technology in this act, there is nothing to prevent the bad guys from using robots. Everything is being circulated on the internet. You can buy anything online and you can learn how to put the parts together. You don’t need to be an engineer. Search on Youtube.com and you will find lots of videos that will teach you how to do anything! We need to think again. We need to find new methods to raise the awareness of our governments! Yes, government officials need to understand the true story and the risk. If those people are not aware of the problem, nothing will be done. Unfortunately, they think that we are talking about things from outer space. But it’s worst! Governments are implementing technologies everywhere with nothing in mind but the profit. Think of advanced devices in army, military agencies, government and critical infrastructure. As long as you are using other’s technology, you will not be safe! Do you remember Kill-Switch technology?

It will not be far until we see robots smuggling illicit drugs and conducting lots of high-tech crimes.

 Are we ready to deal with this new wave of crimes?

How could we investigate these crimes?

The robot itself is not guilty, how could we find the relation with the criminal?