back to article Iran: Our nuke facilities still under attack by US, Israelis 'and MI6'

The Iranian government has warned of yet another cyberattack against its nuclear facilities. Iranian state television reports that the discovery of the assault followed the breakdown on Tuesday of international talks related to Iran's controversial nuclear programme, which Western governments allege is aimed at manufacturing …

COMMENTS

This topic is closed for new posts.

Page:

Anonymous Coward

WAHH! PAY ATTENTION TO ME

Quick quiz:

"WAHHH! The world isn't paying enough attention to me! The US is attacking me! HELP HELP I'm being OPPRESSED!"

Who said this?

a) Iran

b) Julian Assange

Maybe Julian should have gone to the Iranian embassy - then would could have ignored two (loonie) birds at once!

10
30
Anonymous Coward

Umm

because the US have a spotless history when it comes to attacking other regimes and always have the other's best interests at heart.

Sure lets just ignore it and go along with everything the 'merkins tell us to. It's been working so well so far hasn't it?

Well apart from fucking the world economy with their subprime garbage - or arming and financially supporting dictators that then go around blowing up a things in places like NY, London and Madrid...

all little problems really, they've done a great job otherwise.

29
7
Thumb Down

Re: WAHH! PAY ATTENTION TO ME

Very very hard to go into the Iranian embassy - its closed and has been for a while

4
0
Anonymous Coward

Re: Umm

Didn't realize that my country was the only one doing this.

While I may give you a majority of arming certain idiots (Russia and China not-withstanding), the whole subprime/banking mess was wholly embraced by other greedy asses across the pond that were also intent upon making a quick and easy lump of money (this stuff really is a pyramid scheme of some sort as only a few can profit off of many without the system collapsing). Your laws have allowed this also. Why do business with these banks in the first place... because it's a hell of a lot easier than taking a world-wide alienating stand and saying 'no'?

1
2

This post has been deleted by its author

Anonymous Coward

Do I detect

A hint of paranoia here?

0
0
Anonymous Coward

Re: Umm

"Didn't realize that my country was the only one doing this."

An evil needs someone to start it, and the US have pretty much been cheerleading this, not exactly slowed down by rating agencies that helped to keep up the myth of financial responsibility. Thus, when the US regulatory system didn't interfere, others considered that unfair competition, as in "why should I have to comply with the law when US financial institutions clearly don't" and thus a global problem was born.

Add the enthusiasm to rapidly convert tax revenue into private equity (in common parlance called "waging war on all and sundry") and I think we can safely say that the US indeed started it all, not exactly slowed down by people on the other side of the pond who were equally keen to rob their nation blind in as fast a pace as they could get away with, the prime cheerleader getting so rich he had to establish a private bank to hold it all. And yet these people get to write memoirs instead of being locked up - they must have been laughing at the expense fiddlers because that was in comparison minute..

Meanwhile, the lives of ordinary people went to shit. So yes, your nation started it (and is still doing it as far as I can tell - I still see little legal challenge to illegal/invalid robo signed foreclosures), and no amount of badmouthing others can hide that. That others follow you into a store does not remove the guilt from you throwing the stone that broke the shop window in the first place.

So don't come to me with the "others did it too" argument.

5
2
JDX
Gold badge

Hey Iran...

...please unplug your nuclear plants from the internet, for your own security and everyone else's safety!

6
3
Silver badge

Re: Hey Iran...

And stop using those components that you have now verified are easily vulnerable to attack (e.g. those particular SCADA controls, Windows desktops, etc.)

It's a fecking nuclear plant, not a PC in a nursery. If you'd had any sort of IT security in place whatsoever, it wouldn't have happened in the first place. Complaining about a reoccurence is like the guy who says "Well, I didn't take a backup this time because I didn't think I'd lose my data TWICE in a year..."

That said, the US and Iran could have nothing to do with these things (which they have confirmed would be classed as acts of war if they were to happen on their own systems), but that doesn't mean they didn't do it. Without proof, it's all just posturing and big words, and we know what they normally precede on a Friday night down the pub.

8
3
Anonymous Coward

Re: Hey Iran...

A feature of Flame and Stuxnet is they don't need the Internet to spread. They use just about anything.. USB sticks being an oft quoted example.

http://www.networkworld.com/research/2012/061312-flame-elevates-security-threat-of-260129.html

6
0
Bronze badge

Re: Hey Iran...

Are you sure it was plugged at all?

2
0
Bronze badge
WTF?

Re: Hey Iran... @+++ath0

Any critical system should be locked down and should not have access to USB etc.

We look after several clients that have very tight security policies. You have to have a laptop built specifically for each client, which means some of us have 2 or more laptops. For one client, you can only use wired networks (all wireless is disabled), the connection is fully Firewalled, and if it doesn't recognise the network your plugged into, it disconnects you. We have specific desks that only work for specific clients. Pluggin in any USB devices, even a mouse, and the security locks the PC, and won't let you un-lock it until the USB device is removed. And there is no Internet access at all. If you want to check your emails, you have to use a different laptop on a different network. Even the SATA bay, where the DVDR would be plugged into, is disabled in the BIOS, (also locked) so pluging in a DVD drive also wouldn't work. (Plus of course the laptops are all encrypted).

A desktop would be even easier to lock down.

1
2
JDX
Gold badge

Re: Hey Iran...

I doubt it's the fault of Windows... you have to assume ANY system CAN be broken if an attacker has to access it. As well as semi-joking about internet access, it should be a fully closed system.

0
0
Anonymous Coward

Re: Hey Iran...

UUUmmmm. Maybe the US needs to take over Iran to clear up their problems with computer security, which poses a threat to the entire world!!!!!!!!!!

4
0
Happy

Re: Hey Iran...

Think they've tried turning it off and on again?

1
0
Silver badge

Re: Hey Iran...

"If you'd had any sort of IT security in place whatsoever, it wouldn't have happened in the first place"

£20 says that Mossad and the US government could penetrate any system you're responsible for...

10
0
Silver badge

Re: Hey Iran...

That's not the same as penetrating a system controlling a nuclear plant. I don't design the systems I'm responsible for to prevent loss of life and nuclear meltdown, or from the invasion of foreign agents. About the worst I design to deal with is an idiotic (but not malicious) user. That's like saying "I can jump the fence into the park, so I could walk into a nuclear power plant". Not quite the same thing. But ask me to put in a design for a nuclear power plant and would it include the Internet or a USB port? Come on! I've had to physically disable USB ports in a school, ffs, let alone a nuclear plant.

Disconnect from the Internet (why are you even connected to it?), unplug all your USB ports from the motherboard or - better yet - use computers that DO NOT HAVE EITHER CAPABILITY AT ALL (and basic system security means nobody should be able to approach your actual motherboard without a shed-load of alarms going off), problem solved.

I'm not saying they WOULDN'T get in but being infected this way is like saying that the space shuttle didn't launch because the controller was too busy upgrading his antivirus that popped up. There's failing to be impenetrable to a well-resourced and expert foreign agent with incentive, and there's leaving the doors to the reactor open, unsecured and unmonitored.

2
0
Bronze badge
Linux

Killing thousands of birds with a single stone

>>I doubt it's the fault of Windows... you have to assume ANY system CAN be broken if an attacker has to access it.

Why would we have to assume that? Yes, an outdated, poorly maintained system might be broken if there is a physical access to it in a single case.

To (ab)use the quantifier "ANY" though, you should produce at least one case within 2-10 years when a specially crafted program breaks many systems GNU/Linux or *BSD at once.

The patent and exclusive copyright on that is all Redmond's!

0
2
Silver badge

Re: Hey Iran...

SCADA

Not so much a component, more a shorthand way of describing the entire control system (thats what the C stands for) - technically a bloke watching a meter with his hand on a valve is SCADA.

So what you are saying is they should stop using supervisory (Scada) and control (sCada) systems, and don't do any data acquisition. (scaDA)

now, for a nuke processing plant, that doesn't sound too safe to me.

As for security.... well the systems are NOT online - hence using USB as the attack vector. by definition these boxes (and there are 100's of them scattered all over the shop) need to be reprogrammed - making things go bang on the scale they are attempting is not easy, thats why they/we need usb (security is why they/we don't use Ethernet)

this is going to bite us in the west so hard on the ass in years to come that well feel like a brain tumor is a fucking birthday present, so thanx washington neocon fuckwits for one again making the world a place to be scared of.

2
3
Silver badge
Facepalm

Re: Hey Iran... @+++ath0

But this is a PLC not a fucking computer so all your expertise is worthless - and any one of the security measures you speak of would render the system useless.

it's not a fucking bank moving zeros and ones round. it's a meat-space control system, that needs to operate around meat-space rules. this requires flexibility.

As a hairy arsed engineer it's ever so funny when programmer types encounter the real world. They have no fucking idea.

0
4
Silver badge

Re: Hey Iran...

DO NOT HAVE EITHER CAPABILITY AT ALL

so you propose reprogramming each box via a kbd while standing in front of it?

(you do know how many of these things are on site? yes? and you know a load of DE types who never make mistakes? yes?)

0
2
Bronze badge

@naughtyhorse

Just would like to remind you that it was a Windows operating system and a malware utilizing some of its vulnerabilities. A few infections were enough, since it could replicate and infect more machines on the RPC network.

0
0
Stop

Re: Hey Iran...

Probably also a good idea to have direct manufacturer's support for your SCADA system - a situation that is definitely not going to arise when the the system is bought through a 3rd country (due to sanctions) and components are possibly pirated.

0
0
Anonymous Coward

Re: Hey Iran...

Not to mention that they - MI6 and CIA - both insert themselves into the optics as they leave the country and get around privacy laws by tapping eachothers' traffic.

End result is:

CIA - we don't tap our citizens traffic

MI6 - nor do we

We just send eachother a copy.

0
0
Pint

Glad to see MI6 involved

Well who better to make the tea??

Whoops, I hope I don't end up dead and shoved in a holdall for comments like that.

9
0
Anonymous Coward

Re: Glad to see MI6 involved

On the plus side, you'll probably get a last cuppa.

0
0
Bronze badge

"Windows 7 was my idea"

First time I approve of someone using Windows.

1
1
JDX
Gold badge

Re: "Windows 7 was my idea"

You're keen on a nuclear accident?

0
0
Silver badge
FAIL

Re: "Windows 7 was my idea"

"You're keen on a nuclear accident?" The attack was designed to destabilise the centrifuges being used for Uranium enrichment, not cause a nuke meltdown in the reactors. Try reading instead of being spoonfed.

1
1

Operation Olymic Games

I would expect so see some cease and desist letters from the Locog and IOC lawyers to Israel and the US for using this copyrighted and trademarked name for the 4 yearly corporate sponsorship jamboree which has a couple of sporting things attached to it...

3
0
Rob
Coat

Re: Operation Olymic Games

lol do you honestly think Locog is that organised.

0
2
Trollface

Re: Operation Olymic Games

They'll be fine as long as they don't put a poster in the window

0
0
Anonymous Coward

Act of war?

Wasn't it the US that made it clear that state sponsored "cyber attacks" count as an act of war, and can be met with physical retaliation?

17
2
Bronze badge

Re: Act of war?

Yes, it's called double standards. Nevertheless, I'd much better enjoy thousands of Windows machines being compromised and U enrichment got screwed up than thousands (or more) of lives being lost.

2
5
Mushroom

Re: Act of war?

Last I checked, storming your embassy, taking your diplomatic employees hostage, and killing both diplomatic employees (who have diplomatic immunity) and US Marines was an act of war.

Pretty sure peace was never declared......so they're pretty much an open target!

6
3

Re: Act of war?

Don't forget their efforts in Iraq and Afgan.

1
2
Bronze badge

Downvoting and approving of bloodshed ?

Did not realize bloodshed is so popular among Elreg readers! Or is it just vindicating MS fanboys?

2
2
Anonymous Coward

Re: Act of war?

Actually the pentagon said that it would consider a cyber-attack -that threatens mass civilian casualties- as an act of war.

2
2
Bronze badge

Re: Act of war?

I likewise enjoy it, when 5-gon learns its while stupidly using M$ insecure systems.

0
1
Silver badge

Brilliant move by the Iranians

keep some computers attached to the internet that the ameraelis will attack with stuxnet et al.

Copy, change IP addresses, attach to picture of Bin Laden being shot, release in US say goodbye to internet.

0
8
Pint

What Iran needs is some of those science girls from here: http://www.theregister.co.uk/2012/06/22/women_in_science_eu_campaign/

That way, the Internets will be concentrating on them instead of trying to bring down a rogue states nuclear war wagon.

Or, they could invent the Iranian equivalent of Chuck Norris. That statement needs no further explanation.

0
0
Megaphone

Are they, or aren't they?

As much as I'm not a massive fan of the way Iran is run (probably because I don't understand the culture), the question really is, does their nuclear programme include 'weapons of mass destruction' or not?

The reality is, whilst Iran seems abhorrent to someone who has grown up with ... choosing my words carefully here ... the relative 'freedoms' of the west, are their methodologies not just a different way of running society?

Take a look at the wikipedia entry for Iran - http://en.wikipedia.org/wiki/Iran

You'd be hard pressed to see it as a particularly oppressive society, except when looking at it with Western bias.

If you look at it from a historical perspective, it reads a damn side cleaner than Western Europe or the USA in terms of morals and actions. The very heart of civilisation lies in it's history, as clear as day.

See, this is where I get somewhat confused. Whilst we are offered the promise of democracy, are taught that we are progressive, civilised and humanitarian, the reality just doesn't add up in any shape nor form.

Iran is being painted as an enemy - it's really as simple as that.

It's the next target for Western 'democracies', the next to be demonised and probably the next to be invaded.

Not so very long ago - 500 hundred years? - the area was a hotbed of civilised progressiveness. The powers that are now the 'Western world' were barbaric by comparison.

We have to tread carefully here, both in our comparison of Iran with ourselves and in how we deal with them as a global player.

The UK, the USA and much of Western Europe have a *great* deal of blood on their hands. You *cannot* dispute that fact, unless your a moron (alas, many people are)

We really have to look internally at ourselves before judging. We have to look deeply at our so called freedoms, at the actions of our governments and the results of that (global recession) before pointing any fingers at a regime that we would call oppressive.

Iranians, by all accounts, are a highly educated, civilised nation. They have different beliefs and a very different culture to our own.

Watch our leaders closely, folks, there's clearly an agenda here which just doesn't add up in terms of morals, human rights and fairness.

13
3
Bronze badge
Angel

Re: Are they, or aren't they?

Well, there's this:

http://www.economist.com/blogs/newsbook/2012/06/iran-1988

Make of it what you will.

0
0
Silver badge
FAIL

Re: Are they, or aren't they?

"....If you look at it from a historical perspective...." Nice cheerleader routine! Except for the simple fact that the Shia fundamentalism that drives Iran today is an imported theology from what we now call Saudi Arabia, derived from early Islam. It has absolutlely nothing to do with historic Persia.

"....Not so very long ago - 500 hundred years? - the area was a hotbed of civilised progressiveness....." Built on the back of ancient Persian, Greek and Roman teachings and education, all dolled up since by revisionists as some great Islamic science project. The Turkish Ottoman Empire that came to power over the area was largely dependent on Jewish civil servants because the "culture" of Islam was making the locals too ill-educated. Modern day Iran is also good at bragging about how it "develops" technologies when all it is doing is reverse engineering sixties and seventies Russian and American tech. Even their much hyped nuke program was built on Chinese, Russian and Pakistani efforts.

I suggest you do a lot more reading rather than relying on Wikipedia.

0
3
Facepalm

Re: Are they, or aren't they?

"...unless your a moron..." —Classic!

[Pity. I was quite in agreement with you, otherwise]

0
0

As the Zionists motto says: בתחבולות תעשה לך מלחמה

"By Way Of Deception, Thou Shalt Do War."

4
1
Silver badge
Facepalm

Re: Richard Cartledge

".....Thou Shalt Do War." I'm guessing that you're another one of those blinkered idealists that fails to note that, every time the UN gets too interested in Iran, Hamas or Hezbullah start shooting rockets at Israeli civillians. Nothing distracts you lot more than when Israel hits back.

2
5
Silver badge
Go

Operation Olympic Games?

Somebody in London must be involved!!

So if the intelligence community decides they need to spy on the homosexual community, they are going to call it "Gay Olympics"?

0
0

Pretty sure

I'm pretty sure that British intelligence was not involved.

Had it been, the original delivery date for the virus would have to have been 1996 for it to arrive this year. Also, it would have been put onto a CD and lost en route and the second copy would have been delivered, by hand, by an employee of an IT contractor who would then have asked the Iranians for a job - rather than go back to London to be made redundant.

On top of all that, the virus itself wouldn't have done any damage.

8
0
Boffin

expert opinions

Interesting how "expert opinions" voiced in this topic all based their judgments on very cursory reports from newspapers. In fact there's not that much to go on.

Control systems for centrifuges were purchased from Siemens including Windows based terminals. It's not some "choice" made by Iranian security to have it that way. Did Siemens do its job when delivering the default configuration?

The USB stick infection and other reported attacks appear to have involved a high degree of social engineering, which would mean from the inside out (not just Iran but think also suppliers). This goes way beyond "partitioning networks" and such rather naive security.

The reason this is often suggested to be a state-sponsored attack is the level of access to various people or devices needed to even get it going. There are enough reports suggesting how it could have been so successful: it was a "controlled" infection. Good luck protecting your gear against such effort!

1
0

Page:

This topic is closed for new posts.

Forums