Saturday, January 15, 2011

Wow! Who'd have figured the CIA was that clever?

...In early 2008 the German company Siemens cooperated with one of the United States’ premier national laboratories, in Idaho, to identify the vulnerabilities of computer controllers that the company sells to operate industrial machinery around the world — and that American intelligence agencies have identified as key equipment in Iran’s enrichment facilities.

Seimens says that program was part of routine efforts to secure its products against cyberattacks. Nonetheless, it gave the Idaho National Laboratory — which is part of the Energy Department, responsible for America’s nuclear arms — the chance to identify well-hidden holes in the Siemens systems that were exploited the next year by Stuxnet.

The worm itself now appears to have included two major components. One was designed to send Iran’s nuclear centrifuges spinning wildly out of control. Another seems right out of the movies: The computer program also secretly recorded what normal operations at the nuclear plant looked like, then played those readings back to plant operators, like a pre-recorded security tape in a bank heist, so that it would appear that everything was operating normally while the centrifuges were actually tearing themselves apart.

The attacks were not fully successful: Some parts of Iran’s operations ground to a halt, while others survived, according to the reports of international nuclear inspectors. Nor is it clear the attacks are over: Some experts who have examined the code believe it contains the seeds for yet more versions and assaults.
Read the rest here.

I have to admit, this is really damaging some long held prejudices of mine. Namely my hitherto firm belief that the government is too incompetent to pull of a James Bond kinda operation. Even so I really like it. We didn't have to bomb anyone, no one got killed (at least by us) and we managed to devastate Iran's efforts put an atom bomb in the hands of a certifiable maniac. All in all, I'm OK with that.

3 comments:

gdelassu said...

We didn't have to bomb anyone, no one got killed (at least by us) and we managed to devastate Iran's efforts put an atom bomb in the hands of a certifiable maniac. All in all, I'm OK with that.

Well said.

Anonymous said...

Just make sure that the certifiable maniacs in the U.S. don't have the opportunity.

Anonymous said...

US gov has led most of the foundational technical development of the last century. What is surprising is how inept the private sector is at developing fundamental technology.