The Stuxnet Computer Virus Has Infected The International Space Station

space_stationWell, we’ve even ruined outer space. io9 writes:

The problem with creating Stuxnet, the world’s most sophisticated malware worm, is that it could eventually go rogue. Which is precisely what has happened. The virus has spread to a Russian nuclear plant — and even the International Space Station.

Stuxnet is an incredibly powerful computer worm that was created by the United States and Israel to attack Iran’s nuclear facilities. It initially spreads through Microsoft Windows and targets Siemens industrial control systems. It’s considered the first malware that both spies and subverts industrial systems. It’s even got a programmable logic controller rootkit for the automation of electromechanical processes.

Let that last point sink in for just a second. This thing, with a little bit of coaxing, can actually control the operation of machines and computers it infects.

Apparently, the virus spread to the International Space Station on an infected USB stick that was transported by Russian cosmonauts.

, , , , ,

  • Russell Scott Day

    Why am I not surprised.

  • Simon Valentine

    and when answered yes he did confess and yet he did not admit
    for what decision problem were was hyped upon a flare
    and the bastardized buddy system lies in wait
    much like as if it were its own Stuxnet
    a self-impression kind of cult
    such false opportunity
    blind lack of truth
    no, not justice
    empty faith
    liars’ loss
    unified
    states
    rape
    the
    US
    A

    • Liam_McGonagle

      “AFAMASBNELUSRTUA”

      Very clever. An acrostic of the ancient Babylonian Farting Curse. As well as:

      “ASEESDSHEHYTTTET”

      A reverse acrostic for the modern Melanysian Incontinence Curse.

      You really have all your occult bases covered.

      • Calypso_1

        If you add the cross acrostic numerical substitution differentials you get:
        121
        11X11
        Considered a representation of the name of god in persian mysticism.

        • Simon Valentine

          “It’s even got a programmable logic controller rootkit for the automation of electromechanical processes.”

          is actually the (no longer so) disembodied Friedrich Nietzsche reciting Thus Spoke Zarathustra in the third tenor of the first post-quintic dimension of Hebazoidal emanations (the stuff that comes off all those statues that Ishtar passes?)

          • Calypso_1

            I thought that would be badBIOS.

          • Simon Valentine

            hmm, it is Windows…
            so bullshit in bullshit out seems about right, yes, yes good call

          • Calypso_1

            Considering it’s impressive disembodied feat of jumping the air gap it seemed apropos.

  • Liam_McGonagle

    This is why we can’t have nice things.

  • Rhoid Rager

    They should be using Linux.

    • Anarchy Pony

      The blood chemistry analyzer at the clinic I work at runs on Linux.

      • Rhoid Rager

        nice. how bout your puter?

        • Anarchy Pony

          Naw, it’s just a 7 or 8 year old desktop on windows xp. It plugs along well enough. Just barely.

          • Rhoid Rager

            You might be surprised how Fedora or Ubuntu can up the performance. If you have 1G of RAM, it might be worth the change over.

          • Anarchy Pony

            I doubt I’m really savvy enough to manage the change over.

          • Calypso_1

            I doubt I’m really savvy enough to manage the change over.

            IMPEDIMENT OVERWRITTEN

          • Anarchy Pony

            A brilliant effort.

          • alizardx

            Try a downloading a Kubuntu bootable LiveCD from http://www.kubuntu.org and see if it runs on your machine, try some apps. Or better yet, find instructions for installing to thumb drive from Windows.

            I specify Kubuntu because mainline Ubuntu made the Microsoft mistake of trying to create a UI which would run equally well on smartphone and largescreen productivity desktop. Kubuntu UI looks a lot like Win7 – I use it

            If you like it, back your computer up completely first and click on the “install” icon.

          • Rhoid Rager

            It’s dead easy, mate.

            In addition to alizardx’ suggestion, you could also burn a LiveCD with Mint’s (www dot linuxmint dot com/download dot php) installation iso file. And, like he said, back up ALL the files you want to keep. Then reboot your puter with the CD in and hit F12 to choose what media to boot from. It’s all graphical interface, and no need to work in the command line prompt (unless you want to). There’s tons of support online, so you can type in newb questions into your search engine of choice and come up with a FAQ for everything from how to run your fav programmes on your new Linux system to troubleshooting any device compatibility issues. There’s also plenty of how-to videos on Youtube. Once you ditch windows and make the switch, you’ll wonder where your patience came from during all those years of dealing with windows’ hissy fits and temper tantrums.

          • Rhoid Rager

            en-courage (transitive verb) in-ˈkər-ij: to inspire with courage, spirit or hope.

    • alizardx

      The ISS is running Linux now.

      • Rhoid Rager

        did they announce that recently, or are you there?

        • alizardx

          sorry about that, it is (was) the ISS SCADAs that are running Linux based on the IBD article – see my long comment above. Apparently, ISS laptops still running Winblows – convenience vs security; if brains of Winblows machines running email or websurfing or experiments get scrambled, astronauts get to keep on breathing.

          • Rhoid Rager

            I saw the long comment after I posted. thanx. Not quite sure why convenience comes into play there…it takes 20 minutes to install Ubuntu, Fedora or Mint from a LiveCD, and all of those distros have all the convenience and more of Winblows, not to mention they are hella more stable. People say that Linux-GNU would be more of a target for viruses if it were to supplant Winblows, but I have my doubts about that. How many malware programmers out there write these programmes because Microsoft is proprietary, in addition to having backdoor weaknesses? Open source has more meaning to humanity than closed software.

          • alizardx

            Most commercial software for scientists is written for Windows. Most scientists are typical end users. I know of one who just lost a chapter of her PhD thesis (which was supposed to be defended today) to an unbacked up Winblows box.

          • Rhoid Rager

            When I was writing my dissertation (social sciences), I would back up what I wrote every hour on a thumb drive and carry it around in my breast pocket like it was a piece of gold to barter with.

          • alizardx

            I’m not quite that paranoid. :-) I back up to a mirror drive in a mobile rack 3x a week, then physically remove it.

            Since I have a SSD / + conventional HD /home and the mirror drive contains / + /home partitions, had to write a custom rsync backup script which runs on a thumb drive.

          • emperorreagan

            I am still finding backup copies of my master’s thesis 6 years later spread among a dozen email addresses and an equal number of portable devices.

            Stumbling across a copy to delete is fairly satisfying these days.

          • Rhoid Rager

            Redundancy, redundancy, redundancy!

          • alizardx

            I like to back up to Blu-Ray every few months as well as regular mirror drive

  • http://hormeticminds.blogspot.com/ Chaorder Gradient

    guess we’re all gunna have to switch to linux

    • alizardx

      Public pressure needs to be put on the owners of the physical infrastructure facilities (nuclear/conventional power plants, hospitals, government agencies, factories) to dump Windows-based SCADAs with Linux SCADAs developed with security in mind from the ground up. While apparently, Linux SCADAs exist, while they’re inherently more secure than Winblows-based systems, they need security analysis, paid for by public funds if need be,.

      • Simon Valentine

        i r in tharge
        i r toopid
        *mockingly commits intimidation*

        • alizardx

          Imagine the Mayo Clinic or other hospital that treats the wealthy with infrastructure taken down during major surgical procedures by Stuxnet.

          This is a specific version of the general case where elite-controlled organizations are shitting in everyone’s nests including their own and think themselves personally immune from the consequences because they live in an elite bubble. The disasters they create don’t care about wealth or privilege or “good families”.

          • Simon Valentine

            there’s a version of such person (and ‘clique’, really) nearer too me (in terms of job) than i would like. i’ve always wondered if an effort would ever emerge to provide relief to people suffering from elite stupidity. i guess that’s kind of like wondering whether global warming will be comprehended or if it’ll just end everyone. somehow there’s a miley cyrus ref in there… anyway, there’s only so much i’ve done in the way of relief. far far more’s needed. the funny thing is, what you just said and what i hear at work more than once a week could each be lifted and then we would be left to wonder if it weren’t the same data. so many fucking same patterns are emerging and people are doing the “The Core” “zomfgs check the variables to see if they point to that the planet core stopped rotating gogogowin”

            hospitals could actually diagnose psychosis
            courts could actually judge according to law

            instead it’s subject to economic buck futting and superstition, which is currently in a pseudo-chaotic phase of Oh, That Escalated Quickly mode

            …it’s unbelievable that so many jobs could actually be done

            “ask how what you can do for your country and what your country can do for you are identical” said no dime ever

            i’m going to eat my friggn … eats and shattup for a bit. but i’ll be wondering about a reboot (haha, get it?) of the movie The Core starring Miley Cyrus. kinda. maybe. *i give up*

          • alizardx

            Actually, in some ways the most logical people to start an insurgency against elite rule are the trust fund babies who have been told that they will inherit the world, but who possibly themselves and practically certainly their kids are most likely going to inherit bad cases of dead.

            If they want the problems fixed well enough so they’ll be able to continue living in luxury, they’re going to have to throw the family wealth their parents bought government to extract from us at the problems. Otherwise, they or at best, their own kids, will be lucky to be able to stay alive at the cost of hard physical labor done with their own soft hands.

            Though they’re likely to be the last people involved in die-off as their remote compounds run out of food or the high-tech parts needed to keep them running, once the vendor chains break down and suddenly, there’s no Fry’s Electronics to buy stuff from. Variations on the theme of “elite killed people and themselves, the elite are the better dressed corpses archeologists found’ are in Jared Diamond’s “Collapse” and in lots of other books.

            Trust fund babies believe what their parents paid their soothsayers, I mean academic experts with PhDs (this has been going on for a very long time) told them to say and are too busy partying to look at the world outside their bubble.

          • Simon Valentine

            hmm i’m seeing some multiplicative interference here. i see that pattern (partying baby brats) like a suit in a deck, to put it simply. i’ll see them and their tech and raise them a “P = NP = NP-Complete = PSPACE”, and see if they come see ‘my’ Terminator movies. in Soviet Russia.

            *win*

            edit
            i’ll even make use of their belief from those auspicious seers of theirs. “NP-Hard” “The Stories New Moral”

  • alizardx

    Sloppy reporting from io9. Here is a better article, though I have yet to see one from anyone who truly understands the issues. Maybe Bruce Schneier will write one.

    http://www.ibtimes.co.uk/articles/521246/20131111/international-space-station-infected-malware-russian-astronaut.htm

    1. Stuxnet is a virus specific to SCADA (supervisory control and data acquisition) systems used to control complex electro-mechanical infrastructures in real-time. It is believed that it was developed by the NSA to target Iranian centrifuges used in their nuclear program. Unfortunately, that doesn’t make SCADA an Iran-specific problem. Computer viruses mutate in the wild. Also, while it took millions of dollars worth of work to develop the code, once developed, it can be modified by free-enterprise or government hackers for any other infrastructure target running the Siemens SCADA software. This could be a nuclear power plant, conventional electric generator plants, power grid control, hospitals, factories, many other places.

    2. Based on Kaspersky’s reports that everyone is referencing, Stuxnet has not infected the ISS . What Kaspersky reported is a common, garden variety Winblows virus. Trojan-GameThief.Win32.Magania – “This Trojan belongs to the family of Trojans that steals passwords from online gaming user account records.” https://www.securelist.com/en/descriptions/7986399/Trojan-GameThief.Win32.Magania.dlip

    3. Stuxnet DID infect a RU nuclear reactor SCADA. This is what should cause public concern. I wouldn’t be surprised if the unexplained electrical fires at the new NSA facility in Utah were caused by Stuxnet, has anyone looked? Once crap like this is released into the wild, it can go anywhere. That’s why biological viruses as weapons of war are unfashionable. People don’t want to fund plagues they might personally get. Does anyone think having the power plant one gets power from or the hospital one is in getting taken down by malware is a good idea? This crap is dangerous to everybody

    4. The IBD article mentions Linux SCADA on the ISS. Linux SCADA is completely immune to Stuxnet. What’s weird about this is that I researched Linux SCADA a few years back and couldn’t find any active programs. Not to say Linux SCADA is immune to malware, but one can’t run Winblows viruses on a Linux-only box. Though Linux is comparatively immune to malware, fewer users make it a lower-priority target, and the internals of Linux make it harder to create usable malware.

    5. The malware environment now is increasingly driven by spook shop money, subsiziding the development of hazards to everyone’s public safety. Thanks to Snowden, we know major spook shops are largely driving the growing market for zero-day vulns.

    6. Public funds should be devoted to suppression of malware and malware developers in the interests of public safety for everyone.

    • emperorreagan

      It’s incredible that the US would release something like this when its industry automates everything – from the air conditioner running in a data closet to nuclear power plants; from waste water treatment to production of dangerous chemicals. And for what? US/Israeli paranoia about the intent of Iran’s nuclear program (classic projection from nations that preemptively strike unconfirmed targets and a nation that dropped nuclear bombs to try to improve its negotiating position with the Soviets)… Why not just give everyone the framework to fuck everything over?

      So the Iranian attack forced centrifuges to spin out of control. You could conceivably adapt that to a wide variety of things – you could drive pump speeds to zero or drive them to overload; you could drive automated valves to a position: open a valve and “relieve” toxic gas or release untreated waste water, or close a valve and cause pressure to build or starve something of cooling water. You could just screw with sensor readings and let the system to react – inverse a temperature or RPM reading, for instance.

      • Liam_McGonagle

        If you believe in both free will and the inevitability of biological death, then every death is a suicide.

      • alizardx

        Think of this as full employment for infosec and chip designers in a few years. When hospitals that cheaped out on infosec in favor of luxury accommodations lose VIPs when power goes down during operation, or corporations lose serious $ over factory shutdowns, or a regional grid goes down, elite panic will follow.

      • tesmith47

        we give israel nuclear weapons but complain when anyone non white gets nukes. will god never stop this hypocrisy?

  • tesmith47

    israel and america the two biggest terrorist in the world, now first with computer terrorism. they should get sued at least!!!

21
More in Computer Virus, Computers, International Space Station, Outer Space, Science & Technology
Motorola Patents Neck Tattoo That Acts As Device-Connected Microphone

Ever wish that everything you ever said could be recorded? Me neither. Discovery notes: According to a patent application filed with the US Patent and Trademark Office, Motorola has a...

Close