You have commented 358 times on Rantburg.

Your Name
Your e-mail (optional)
Website (optional)
My Original Nic        Pic-a-Nic        Sorry. Comments have been closed on this article.
Bold Italic Underline Strike Bullet Blockquote Small Big Link Squish Foto Photo
Submit your comments on this article
Syria-Lebanon-Iran
Experts say Iran has "neutralized" Stuxnet virus
2012-02-15
We'll be the judge of that...
Iranian engineers have succeeded in neutralizing and purging the computer virus known as Stuxnet from their country's nuclear machinery, European and U.S. officials and private experts have told Reuters.
For now...
What about the four or five similar viruses they recently discovered had been floating around for a while? Have those also been neutralized and purged? Have they yet determined how the darned things got in to secure, hidden facilities?
The malicious code, whose precise origin and authorship remain unconfirmed, made its way as early as 2009 into equipment controlling centrifuges Iran is using to enrich uranium, dealing a significant but perhaps temporary setback to Iran's suspected nuclear weapons work.

Many experts believe that Israel, possibly with assistance from the United States, was responsible for creating and deploying Stuxnet. But no authoritative account of who invented Stuxnet or how it got into Iran's centrifuge control equipment has surfaced.

U.S. and European officials, who insisted on anonymity when discussing a highly sensitive subject, said their governments' experts agreed that the Iranians had succeeded in disabling Stuxnet and getting it out of their machinery.
How can that be determined without examining every single machine, access to which the US and European experts most certainly did not get?
The officials declined to provide any details on how their governments verified that the Iranians had ultimately defeated the virus. It was not clear when it occurred but secrecy on the subject has been so tight that news is only now emerging.
They don't know who created it or how it got into Iranian equipment, but they're certain the Iranians have fixed it. Right...
Some officials said they believe that the Iranians were helped in their efforts by Western cybersecurity experts, whose detailed technical analyses of Stuxnet's computer code have circulated widely on the Internet. Once the Iranians became aware that their equipment had been infected by the virus, experts said it would only have been a matter of time before they would have been able to figure out a way of shutting down the malicious code and getting it out of their systems.

"If Iran would not have gotten rid of Stuxnet by now (or even months ago), that would indicate that they were complete idiots," said German computer security consultant Ralph Langner. Langner is regarded as the first Western expert to identify the ultra-complex worm and conclude that it was specifically targeted toward equipment controlling Iranian nuclear centrifuges.

Peter Sommer, a computer security expert based in Britain, said that once Iran had detected the presence of the worm and figured out how it worked, it shouldn't have been too hard for them to disable it. "Once you know that it's there it's not that difficult to reverse engineer... Neutralization of Stuxnet, once its operation is understood, would not be that difficult as it was precisely engineered to disrupt a specific item of machinery.

"Once Stuxnet's signature is identified it can be eliminated from a system," Sommer added.

Private experts say that however well-crafted the original Stuxnet was, whoever created it probably would have to be even more clever if they want to try to supplant it with new cyber-weapons directed at Iran's nuclear program.

"Aspects of Stuxnet could be re-used, but it is important to understand that its success depended not only on 'clever coding' but also required a great deal of specific intelligence and testing. It was the first known highly-targeted cyber-weapon, as opposed to more usual cyber weapons which are more diffuse in their targeting," Sommer said.

David Albright, a former United Nations weapons inspector who has extensively investigated Iran's nuclear program for the private Institute for Science and International Security, which he leads, said that spy agencies would have to go back to the drawing board if they're intent on continuing to try to hobble Iran's nuclear program via cyber-warfare.

"I would assume that once Iran learned of Stuxnet, then intelligence agencies looked at this method of cyber attack as compromised regardless of how long it has taken Iran to neutralize it. It is a cat and mouse game."

But Albright added that "intelligence agencies have likely been looking at more advanced forms of attack for a couple of years that they hope will catch the Iranians unprepared."
Posted by:Steve White

#13  That explains Microsoft Bob...
Posted by: Raj   2012-02-15 19:24  

#12  It's interesting that the closest humans have come to creating life is computer viruses and they all seem to be destructive.
Posted by: Deacon Blues   2012-02-15 17:33  

#11  Of course they did.... wink wink.... nudge nudge....

Maybe it's waiting for a nuclear warhead and Dinnerjacket (and/or the mullah's) to be in close proximity to each other...
Posted by: CrazyFool   2012-02-15 14:55  

#10  No doubt, Bangkok Billy's comment had me in stitches.
Posted by: Jefferson   2012-02-15 14:55  

#9  Stuxnet virus was built to be a modular component of several building blocks that could be mixed and matched to attack machinery in several different ways.

Interesting. Kinda like real viruses. Those little modular components are what makes flu immunization such a bitch.

Computer viruses are like having chipmunks in your house. Once you are infested, you might as well burn the house down along with everything in it. It's the only way to be sure you got them all.

As for the thread itself, Bangkok Billy is in the lead with #7.
Posted by: SteveS   2012-02-15 14:41  

#8  It's just hiding, Stuxnet will jump back out at any time. Preferably when Dinnerjacket is nearby.
Posted by: Charles   2012-02-15 13:40  

#7  These guys can't neutralize their own BO. Good luck with Stuxnet.
Posted by: Bangkok Billy   2012-02-15 13:30  

#6  Stuxnet did it's job. The one after it collected information and sent it all back.

The NEXT one will be a doozy:)
Posted by: newc   2012-02-15 12:46  

#5  Plenty more where this one came from.

There was a article recently that said the Stuxnet virus was built to be a modular component of several building blocks that could be mixed and matched to attack machinery in several different ways.

The fact that they have neutralized virus A tells you nothing about viruses B, C, and D. They probably have not even detected all the viruses floating around in their system.
Posted by: Frozen Al   2012-02-15 09:46  

#4  Not "than", "where"
Posted by: g(r)omgoru   2012-02-15 05:28  

#3  Plenty more than this one came from.
Posted by: g(r)omgoru   2012-02-15 05:20  

#2  Computer experts say that if they haven't managed to remove it by now, they are complete idiots. Their claim is actually fairly hollow, it basically says "we aren't total dumbasses".
Posted by: crosspatch   2012-02-15 03:42  

#1  "How can that be determined without examining every single machine, access to which the US and European experts most certainly did not get?"

Don't give them any ideas.

Seriously, this exactly what we'd want them to say.
Posted by: Unish Henbane5214   2012-02-15 01:16  

00:00