1969912 0 #1 November 26, 2010 More information is coming out on this thing. Fascinating stuff. So who did it? http://www.foxnews.com/scitech/2010/11/26/secret-agent-crippled-irans-nuclear-ambitions/ "Once we got to the point where twenty/something's needed a place on the corner that changed the oil in their cars we were doomed . . ." -NickDG Quote Share this post Link to post Share on other sites
kawisixer01 0 #2 November 27, 2010 CIA most likely. Possibly with the co-operation of Siemans themselves or some people very well versed in the industrial automation sector. It's kinda neat but kinda scary. I work in industrial automation and feel that for far too long security was never really taken seriously in this niche market of networking. In my company we take securing our operations networks very seriously, but alot of companies do not. Although this seems to be limited to Siemans controllers, Allen Bradley has similar vulnerabilities. In the US Allen Bradley is more typically used than Siemans but they both can be taken advantage of. This is kind of neat for me because more poeple ask me questions about industrial control than ever used to. I don't think that the general public has any idea how networked and how complicated industrial control has become. All of our new machinery talks to eachother through some kind of network protocol, and everything can be viewed and modified by corporate over the net. I'm sure that in this instance they had a similar set up running with V-lans and such, so someone with the proper knowledge was able to easily infiltrate. I'm honestly surprised that the "great and almighty" Iran even acknowledged that there was ever an issue. They seem to be in complete denial about everything else. Quote Share this post Link to post Share on other sites
Skyrad 0 #3 November 29, 2010 MossadWhen an author is too meticulous about his style, you may presume that his mind is frivolous and his content flimsy. Lucius Annaeus Seneca Quote Share this post Link to post Share on other sites
Guest #4 November 29, 2010 Inquiring minds would ask why Siemens AG made their SCADA applications to run on the most vulnerable of operating systems - Windows, fer cryin' out loud. Anyone with brains would have set it up for Unix. mh ."The mouse does not know life until it is in the mouth of the cat." Quote Share this post Link to post Share on other sites
Guest #5 November 29, 2010 OMG that is awesome! Great story, and it couldn't have happened to a nicer bunch of people mh . "The mouse does not know life until it is in the mouth of the cat." Quote Share this post Link to post Share on other sites
kelpdiver 2 #6 November 29, 2010 QuoteInquiring minds would ask why Siemens AG made their SCADA applications to run on the most vulnerable of operating systems - Windows, fer cryin' out loud. I wrote this part off as questionable - the release of windows 7 was a bit too recent to seem plausible for the timelines, nevermind the technology. Quote Share this post Link to post Share on other sites
okalb 78 #7 November 30, 2010 QuoteI wrote this part off as questionable - the release of windows 7 was a bit too recent to seem plausible for the timelines, nevermind the technology. I question this part as well "During this time the worms reported back to two servers that had to be run by intelligence agencies, one in Denmark and one in Malaysia. The servers monitored the worms and were shut down once the worm had infiltrated Natanz. " I thought these systems were on isolated networks which is why they couldn't get to them directly in the first place. If the networks are isolated, how did the worms report back to the servers?Time flies like an arrow....fruit flies like a banana Quote Share this post Link to post Share on other sites
jakee 1,254 #8 November 30, 2010 QuoteQuoteI wrote this part off as questionable - the release of windows 7 was a bit too recent to seem plausible for the timelines, nevermind the technology. I question this part as well "During this time the worms reported back to two servers that had to be run by intelligence agencies, one in Denmark and one in Malaysia. The servers monitored the worms and were shut down once the worm had infiltrated Natanz. " I thought these systems were on isolated networks which is why they couldn't get to them directly in the first place. If the networks are isolated, how did the worms report back to the servers? And even if they did, how does Fox news know all this? The article is a great read, and extremely interesting if even half of it is true, but the level of detail in several areas doesn't ring true.Do you want to have an ideagasm? Quote Share this post Link to post Share on other sites
PhreeZone 15 #9 December 2, 2010 Frequently SCADA networks that are to be air gapped and not accessible really are via some back channel item. Welcome to the human factor that its easier to do this if I just open up a port here or miswired something there.Yesterday is history And tomorrow is a mystery Parachutemanuals.com Quote Share this post Link to post Share on other sites
Skyrad 0 #10 December 2, 2010 QuoteQuoteI wrote this part off as questionable - the release of windows 7 was a bit too recent to seem plausible for the timelines, nevermind the technology. I question this part as well "During this time the worms reported back to two servers that had to be run by intelligence agencies, one in Denmark and one in Malaysia. The servers monitored the worms and were shut down once the worm had infiltrated Natanz. " I thought these systems were on isolated networks which is why they couldn't get to them directly in the first place. If the networks are isolated, how did the worms report back to the servers? The most insecure part of any secure system are the people who use it, don't underestimate the pull of the internet for bored physicists sitting at work, I've seen it before.When an author is too meticulous about his style, you may presume that his mind is frivolous and his content flimsy. Lucius Annaeus Seneca Quote Share this post Link to post Share on other sites
Skyrad 0 #11 December 2, 2010 Bang on.When an author is too meticulous about his style, you may presume that his mind is frivolous and his content flimsy. Lucius Annaeus Seneca Quote Share this post Link to post Share on other sites