[STUXNET] do not fuck w nerds

the problem is that with the size of our government, somebody somewhere is not following the obviously necessary protocols. and somebody else trusts that person enough to give him or his network more access than it is deserving.
 
DMAUL said:
the problem is that with the size of our government, somebody somewhere is not following the obviously necessary protocols. and somebody else trusts that person enough to give him or his network more access than it is deserving.
Click to expand...

i could see that happening as the USA is not run like a bank or financial inst.
They have a high level of authority when it comes to tracking shit down but i trust their security and all departments that interlock are more lax.

As china gears up its "cyber warriors" and we gear up to defend against it one would tend to say...why dont we just turn off international connections. Well yeah they could do that. Business would suffer and banking and commerce would DIP so fucking hard you thought you were in the stone age again. thats what would happen. City scapes would change and times would be tough really. Commerce would be tightly regulated by government cyber defenders. I would be a new online cold war. People in the country wouldn't suffer as much and people in the cities would get back to the real things in life a bit. News would be more limited and TV channels would surge again along with OFFICIAL government sanctioned programs. Market news wouldn't be so immediate so the economy might pull up out of the shit hole! thats a plus. Spies would come from other nations to hack us from inside the network that is called the USANETCO. This is a good thing and a bad thing. The bad as i have mentioned above somewhat. The good is that we would be a more closed nation as we should its a country..not a place where people should be able to come and go as they please from the outside. This place is for U.S citizens not outsiders.
I could ramble on more about this.:50pages:
 
ZooL said:
its not that good because it was discovered.

Its not that good because it couldn't propagate on a mainframe

nothing gets ACF access unless an ACF admin give it the access on a mainframe and on a mainframe that matters the ACF team would have to be infiltrated PHYSICALLY by agents to allow such a thing through but then that would involve your transmissions teams and your NDM and sched teams and most importantly you MVS tech guys.
Just letting you guys know that your money is pretty safe guys.
Now if our government is that dumb enough to use open open systems such as as400 and unix machines and worse Windows systems then we get what we deserve.
God help us if our nuke plants are run by windows. I don't think they are i heard from a plant worker that i work with, he's retired. that they build their systems custom, meaning that the operating systems are complete custom works. but i dunno for sure.
I am biased because I am a mainframer and i hate unix!
(most modern networks/opsec departments block usb connections such as banks) and alerts go out flagging that user AT security. I know ours does.


EDIT: its fucking IRAN!...yeah pretty sure they dont know dick about running data centers or etch a sketches
Click to expand...

what the fuck are you blabbing about?

Mainframes suck, and are going away because they're so limited and upkeep is costly. There are plenty of alternatives to a mainframe that provide more benefites with less cost. Server/Network security holes are only as bad as the people maintaining and using them. Even with Windows (which everyone loves to hate), the newer versions of core w/o any GUI (imagine that, GUI objects are the cause of majority of the security holes found in windows) are much more secure.

All that aside....

What do you mean it didn't work? The first estimated attack of stuxnet on Iran was June 22, 2009. There was a second attack on July 7, 2009, and the third version of stuxnet started infecting machines in Iran in April of 2010.

There was no public news of the malware until July 15th, 2010. And the only reason there was any public knowledge of it, was because it found its way onto the internet and security bloggers/researchers found it. Thats when the public knowledge started, and began to grow on it.

The thing sat in Iran's facilities, went through 3 different version upgrades, the whole time things are leaking out that Iran is having serious issues with their nuclear plants. Iran denies them. They didn't finally admit any of it until November of 2010.

It sat quietly on their system, and fucked up their enrichment process just enough to blow through tons of money, materials, and more importantly precious time. They probably replaced more people and equipment than you can imagine trying to figure out why nothing was working the way they expected it.

Until it found it's way to the internet, and bloggers found out about it, everything was going according to plan for a little over a year.

I think it worked pretty goddamn well. It would have been better if they had programmed it to not go out to the internet. Without bloggers finding it and reporting it, who knows how long Iran would have spent facepalming watching test after test fail.

source: Stuxnet Timeline Shows Correlation Among Events | Threat Level | Wired.com
 
Last edited:
Crucially, Stuxnet was an intelligence goldmine. It dumped the majority of the contents of Iran's nuclear reactor and enrichment facilities to several command and control servers located throughout the world. Further it is possible that it actually physically damaged a number of centrifuges.

Coincidentally, a few weeks later you start seeing specific scientists that are assassinated and the talk about bombing runs cease (implying perhaps that they were less far along than previously believed).

Either way, it should be clear that they now know the extent and full details of just how close Iran is or is not.
 
BadMoFo said:
By the way, don't fool yourself into thinking that the Chinese and Russians do not innovate when it comes to malware, virus and APT creation. In fact I'd argue they are on the forefront of it. Simple analysis (ipgeolocation) show that a common source of advanced attacks are very often from China.

China has a "blue army" of hackers that are employed full time with the aim of stealing corporate secrets, obtaining classified information and the creation of malware and zero day exploits for use in these attacks.

Example: Aurora.
Click to expand...

wat kind of nmap scripts can we use 2 defend ourselevs?
 
Detox.enD said:
what the fuck are you blabbing about?

Mainframes suck, and are going away because they're so limited and upkeep is costly. There are plenty of alternatives to a mainframe that provide more benefites with less cost. Server/Network security holes are only as bad as the people maintaining and using them. Even with Windows (which everyone loves to hate), the newer versions of core w/o any GUI (imagine that, GUI objects are the cause of majority of the security holes found in windows) are much more secure.

All that aside....

What do you mean it didn't work? The first estimated attack of stuxnet on Iran was June 22, 2009. There was a second attack on July 7, 2009, and the third version of stuxnet started infecting machines in Iran in April of 2010.

There was no public news of the malware until July 15th, 2010. And the only reason there was any public knowledge of it, was because it found its way onto the internet and security bloggers/researchers found it. Thats when the public knowledge started, and began to grow on it.

The thing sat in Iran's facilities, went through 3 different version upgrades, the whole time things are leaking out that Iran is having serious issues with their nuclear plants. Iran denies them. They didn't finally admit any of it until November of 2010.

It sat quietly on their system, and fucked up their enrichment process just enough to blow through tons of money, materials, and more importantly precious time. They probably replaced more people and equipment than you can imagine trying to figure out why nothing was working the way they expected it.

Until it found it's way to the internet, and bloggers found out about it, everything was going according to plan for a little over a year.

I think it worked pretty goddamn well. It would have been better if they had programmed it to not go out to the internet. Without bloggers finding it and reporting it, who knows how long Iran would have spent facepalming watching test after test fail.

source: Stuxnet Timeline Shows Correlation Among Events | Threat Level | Wired.com
Click to expand...

i was talking about on a mainframe and the hypothetical of a mainframe.
I went off the direct topic of iran.

Lemme tell you how much is offshored dood and tell me about risk.....when its all in fucking india mang. PUNE to exact
 
Livingdeath said:
Crucially, Stuxnet was an intelligence goldmine. It dumped the majority of the contents of Iran's nuclear reactor and enrichment facilities to several command and control servers located throughout the world. Further it is possible that it actually physically damaged a number of centrifuges.

Coincidentally, a few weeks later you start seeing specific scientists that are assassinated and the talk about bombing runs cease (implying perhaps that they were less far along than previously believed).

Either way, it should be clear that they now know the extent and full details of just how close Iran is or is not.
Click to expand...
did you read anything about this at all? it's not a possibility that it damaged centrifuges, it DID damage them. centrifuges were getting replaced more often than usual and that's what alerted them to stuxnet.
 
I wonder if the US is using the drone that went down as an elaborate trojan horse to get into Irans internal networks...
 
I can imagine a scenario in which the loss of control that caused the drone to crash also prevented any theoretical self destruct thingy.
 
They can't rig all survillance drones with explosives to burn every piece of the craft. Imagine if they one goes down and hits a home with kids due to mechanical failure and every body dies. Bad press nono
 
Federere said:
They can't rig all survillance drones with explosives to burn every piece of the craft. Imagine if they one goes down and hits a home with kids due to mechanical failure and every body dies. Bad press nono
Click to expand...
well its probably not a self auto destruct

can see where it went down on satellite or another drone, then hit the boom button on demand
 
You must log in or register to reply here.
Back
Top