Not signed in (Sign In)
    •  
      CommentAuthorZeppelin
    • CommentTimeSep 23rd 2010
     (8959.1)
    I'm not sure if this works better on the 'internet' thread of the 'mad science' one, since as far as I'm concerned this is but a sick and twisted melding of the two, hooray to that.

    Anyway, here's a little titbit I came across, a great example of the awesomeness of science meeting geopolitical power struggles. Computer viruses created by nation states to specifically target certain infrastructure mainframes, with the effect of damaging them in the 'real' world by sabotaging them. Think of it as malware that can carry out pinpoint attacks on say the power grid or communications systems of countries prior to an attack. Similar to what the Russians did to Georgia before their invasion, but all done remotely, without the need of any human interaction at all. The virus is, as it were, intelligent.

    Cool, and more than a tad scary in a colourful SkyNet kind of way. So... what do we take out next? I'm voting for targeting NASA and holding them to ransom: You want your mainframe back? GIVE US BACK SPACE!
    • CommentAuthormbakunin
    • CommentTimeSep 23rd 2010
     (8959.2)
    I sincerely hope you're joking. And speaking for Entertainment Purposes Only.
  1.  (8959.3)
    Do we count the 4Chan DDoS attacks on RIAA/MPAA etc as part of this, or a mere annoyance?
  2.  (8959.4)
    NPR had a good segment on the laws in regards to potential Cyber War escalation today. Utterly frightening, but not to me in the way you're implying Zep. Other countries are claiming top concern as government infiltration, i.e. America is trying to subvert the world towards democracy because hey, we invented the internet. Iran claiming that Twitter is a fucking weapon, put in place by America to destroy them? Come on...

    The frightening thing about all this is there are plenty of people in office and in corporations looking for any reason to shut down the internet as we know it; Free for all of us to share what we damn well please. I honestly hold the belief the internet gives the populace the ability to usurp almost any traditional power structure society has known. Wikipedia and Wikileaks put the Fear into the Powers that Be. They are also fine examples of how Clay Shirky was absolutely right.
    •  
      CommentAuthorSlick
    • CommentTimeSep 23rd 2010
     (8959.5)
  3.  (8959.6)
    Think of it as malware that can carry out pinpoint attacks on say the power grid or communications systems of countries prior to an attack.

    This is exactly why power grids and communications systems are controlled by computers that have no physical connection to the internet. It’s why every intelligence agency and military division has its own networks that can only be accessed by connecting through proprietary switching systems kept in locked rooms. Actually being able to take these systems down over the internet is a fantasy cooked up by snake-oil security firms, lying politicians, and media hacks who don’t understand the technology they write about. Cyber-warfare is nothing more than an excuse to funnel loads of tax dollars down the gullets of crooked contractors, bureaucrats, and soldiers who take advantage of the general public’s willful ignorance of communication technology.
    • CommentAuthorFlabyo
    • CommentTimeSep 23rd 2010
     (8959.7)
    @James - this worm doesn't attack over the net. It sits hiding on a USB keyfob thingy and then infects once it's inserted. Good old fashioned social engineering.
  4.  (8959.8)
    @Flaybo

    I wonder how many people would just stick a USB flash drive they found laying around in their computer?
    • CommentAuthorG. Foyle
    • CommentTimeSep 23rd 2010
     (8959.9)
    @ Val-

    Scarily enough, it's been known to happen.
  5.  (8959.10)
    It sits hiding on a USB keyfob thingy and then infects once it's inserted…

    Again, this is fantasy. Critical infrastructure doesn’t operate on generic Windows machines that automatically execute code on anything someone plugs in. These systems are running hardened operating systems that dramatically limit the privileges of anyone other than the sysadmins. Most of the systems probably aren’t even running the same operating systems; they’re a mix of UNIX, Linux, Windows, and customized BSD UNIX operating systems, often running on RISC or ARM CPUs that can’t even execute the same binary programs desktop computers can. End users don’t even have physical access to plug in a flash drive; they access the systems through remote terminals while the servers are kept locked in steel server racks.

    When a worm on a Flash drive hits a military network it’s not taking down critical defense systems and the Pentagon’s private electrical grid. It’s knocking out interoffice email systems that are just as often down because there isn’t enough bandwidth to handle all the PowerPoint presentations flying around. And then everybody just switches to phone calls for a few hours and everything goes back to normal.

    The notion that critical systems can be knocked out with worms is no more believable than the ending of the movie Independence Day, where a virus written on a Macintosh wipes out an invading alien army.
    • CommentAuthorPedroM
    • CommentTimeSep 23rd 2010
     (8959.11)
    Computer viruses for mainframes?
    Yeah, right.
    • CommentAuthorFan
    • CommentTimeSep 23rd 2010
     (8959.12)
    > Critical infrastructure doesn’t operate on generic Windows machines that automatically execute code on anything someone plugs in.

    http://www.controlglobal.com/industrynews/2010/195.html?DCMP=rss says, "From mid-July to late August, a total of 15 cases were reported to Siemens where the Stuxnet virus was detected in various plants, roughly one- third of which were in Germany." ... confirmed by http://www.automation.siemens.com/mcms/automation/en/Pages/automation-technology.aspx

    http://www.bbc.co.uk/news/technology-11388018 said that it uses 4 zero-day exploits.
  6.  (8959.13)
    From the CSM story:

    “Siemens this month reported 14 affected control systems, mostly in processing plants and none in critical infrastructure.”

    The reason it’s not in any critical infrastructure is that the program isn’t actually targeting any. It specifically hits Windows computers running software that engineers use in automated manufacturing. It’s just messing with workstations in factories.
    • CommentAuthorFlabyo
    • CommentTimeSep 23rd 2010
     (8959.14)
    And a very particular kind of setup as well. It's interesting because it definitely does seem to be targetted at something specific, not because it's a partcularly heinous threat. That's why it caught my eye, as usually this sort of thing is just a blanket attack, but this is something new. Not apocalyptic like it's being reported in some places, just new. And new is always interesting in Comp Sci.

    The idea that it's target is Iran's nuclear program is just speculation based on the fact that the infection rate from it seems pretty high in Iran.

    It could just as easily have been put together by someone to fuck up the machines where he works to get an afternoon off.
    •  
      CommentAuthorZeppelin
    • CommentTimeSep 25th 2010
     (8959.15)
    @mbakunin, am I joking... yes... mostly.

    It obviously didn't come across well in my opening gambit, but my point was how fascinating that tools are now being developed (and not say, 'potentially' being made, as in some science fiction story, but actually available right here, right now). @Flabyo is correct, what is interesting is that this malware is targeted at something specific, and other than that is basically inert. It's an interesting new development in the online security/cyber warfare field. Most attacks are pretty random, created to generate chaos within a system, not to pick out one individual system and mess with that to the exclusion of any other. And of course it being targetted at Iran's nuclear program is pure speculation, admittedly one that ensures this story get some front-page coverage, but that's what makes it interesting... the 'possibilities' at play here, it's a storytellers wet dream; pure, unadulterated potential just waiting to be harnessed into something fun and at least partially new. So I agree entirely with @Flabyo that it's
    "Not apocalyptic like it's being reported in some places, just new. And new is always interesting in Comp Sci."

    In response to @Val A Lindsay II, you're right that most Governments have bigger problems than a possible malware attack, like problems of free speech, the use of online social tools to unite and organize, be it in support of labour laws, democratic insurrections, etc. Sweden just had it's election where the far right won an astonishing 5% of the vote, and within hours of the results being published the Swedish youth had organized protests using facebook and Twitter, much like in Madrid after the bombings. For many nations, Burma, North Korea, Iran, China, and countless others you might not expect like Italy or the US, this poses a greater problem to them than what @James Puckett calls some random threat "messing with workstations in factories." Seriously, who cares about a few workstations in comparison to social upheaval and the chaos that engenders.

    As far as people using this as an example of why the internet is 'dangerous', well they'll use anything as an example to say that. Imagine if the Whitechapel forum were an actual place where we'd all hang out and chat over a dram or two of fine Laphroaig in some old London dungeon, fun as that would be, we'd be rounded up in a matter of hours and incarcerated for immoral activities. The internet enables communication and free speech on a scale never before achieved in our sad species existence, and for that alone should be protected, and groups like WikiLeaks are critical to that effort. Only through greater transparency within corporate and government interactions are 'the people' safe. It's pointless to have a vote if we do not have access to the required information to make an educated choice. As it's been said before, democracies are dependent on an educated middle class.

    Hmmmmm... bit of an aside there from what I was aiming to say, but my point remains. This is an interesting development, and though you can argue that the most tempting systems to hit are isolated from the internet, it's really not that hard to get around that. The various ministries of the UK keep losing their laptops and USB keys, and the fact is that people don't protect their USB keys as well as they should. You don't need to wait for some idiot to plug in some random USB key into their mainframe system at their office, all you need is to add it to 'their own' USB key that they already use everyday. With a bit of practice it's not all that hard swipe something and get it back in its place before someone notices. HA! As for critical infrastructure running on UNIX, Linux, or customized BSD UNIX systems, with a programme like this, made to deal with a SPECIFIC computer or system, all you need to know is what your target is running, create your 'virus' or containment vessel with that in mind, and voila... it doesn't matter what your target runs on, you're creating your weapon with that in mind, and that also ensures that you limit collateral damage, thus lowering costs.

    What I love here is that it's so efficient, and thus, elegant. Not enough elegance in cyber attacks, and this achieves that. Would you call that beautiful?
  7.  (8959.16)
    …all you need to know is what your target is running, create your 'virus' or containment vessel with that in mind, and voila... it doesn't matter what your target runs on, you're creating your weapon with that in mind, and that also ensures that you limit collateral damage, thus lowering costs.

    It doesn’t work that way. The reason a Windows virus be stuck on a USB key is that Windows was designed to appeal to the lowest common denominator, putting ease of use before security. Operating systems running important stuff aren’t like that; they compartmentalize and restrict as much as possible to keep clueless users from blowing things up. When you insert a CD or attach an external disk like a Flash drive to most UNIX servers nothing happens. The sysadmin has to tell the computer to actually do something with the disk, and then any software on the disk has to be manually executed. And that program can’t touch anything critical; the OS just rejects any attempt by non-privileged users to do things like shut down servers or delete file systems. Sometimes bugs allow a user’s privileges to be escalated, but in server environments software can be locked into a “jail”, a sort of miniature computer that it can do anything in without effecting the rest of the computer. Getting around all this stuff requires paying off a human asset to manually install malware, in which case it’s easier to just pay him to sabotage the system without leaving a strange program around for someone else to find.

    The idea of digital warfare is not new. Computer networks were developed for military purposes. People started planning to prevent this stuff back in the 1960s. It’s sort of sad that in all the time the general public has remained so willfully ignorant of how computers really work that the media can run this kind of crap journalism about “cyber war” and people actually believe it.
    •  
      CommentAuthorZeppelin
    • CommentTimeSep 27th 2010
     (8959.17)
    @James Puckett... you seem determined to crush my nascent dreams... hmmmm... damn sys-admins and programmers for thinking of security. Oh well, back to the drawing board.

    ...

    But still, the desperately determined Puck within me rather still likes the idea. Off I go then a'hunting, surely if Stuxnet has infected some systems, there must be some way it can go on to be used for wonderfully nefarious purposes. Shall we say, for the sake of art? I can't help but feel there's a story brewing in here somewhere...