Cracking Stuxnet - A 21st-century cyber weapon against Iran - Ralph...
When first discovered in 2010, the Stuxnet computer worm posed a baffling puzzle. Beyond its unusually high level of sophistication loomed a more...
When first discovered in 2010, the Stuxnet computer worm posed a baffling puzzle. Beyond its unusually high level of sophistication loomed a more troubling mystery: its purpose. Ralph Langner and team helped crack the code that revealed this digital warhead's final target -- and its covert origins. In a fascinating look inside cyber-forensics, he explains how.
The idea behind the Stuxnet computer worm is actually quite simple. We don't want Iran to get the Bomb. Their major asset for developing nuclear weapons is the Natanz uranium enrichment facility. The gray boxes that you see, these are real-time control systems. Now if we manage to compromise these systems that control drive speeds and valves, we can actually cause a lot of problems with the centrifuge. The gray boxes don't run Windows software; they are a completely different technology. But if we manage to place a good Windows virus on a notebook that is used by a maintenance engineer to configure this gray box, then we are in business. And this is the plot behind Stuxnet.
So we start with a Windows dropper. The payload goes onto the gray box, damages the centrifuge, and the Iranian nuclear program is delayed -- mission accomplished. That's easy, huh? I want to tell you how we found that out. When we started our research on Stuxnet six months ago, it was completely unknown what the purpose of this thing was. The only thing that was known is very, very complex on the Windows part, the dropper part, used multiple zero-day vulnerabilities. And it seemed to want to do something with these gray boxes, these real-time control systems. So that got our attention, and we started a lab project where we infected our environment with Stuxnet and checked this thing out. And then some very funny things happened. Stuxnet behaved like a lab rat that didn't like our cheese -- sniffed, but didn't want to eat. Didn't make sense to me. And after we experimented with different flavors of cheese, I realized, well, this is a directed attack. It's completely directed. The dropper is prowling actively on the gray box if a specific configuration is found, and even if the actual program that it's trying to infect is actually running on that target. And if not, Stuxnet does nothing.
So that really got my attention, and we started to work on this nearly around the clock, because I thought, well, we don't know what the target is. It could be, let's say for example, a U.S. power plant, or a chemical plant in Germany. So we better find out what the target is soon. So we extracted and decompiled the attack code, and we discovered that it's structured in two digital bombs -- a smaller one and a bigger one. And we also saw that they are very professionally engineered by people who obviously had all insider information. They knew all the bits and bites that they had to attack. They probably even know the shoe size of the operator. So they know everything.
And if you have heard that the dropper of Stuxnet is complex and high-tech, let me tell you this: the payload is rocket science. It's way above everything that we have ever seen before. Here you see a sample of this actual attack code. We are talking about -- round about 15,000 lines of code. Looks pretty much like old-style assembly language. And I want to tell you how we were able to make sense out of this code. So what we were looking for is first of all is system function calls, because we know what they do.
And then we were looking for timers and data structures and trying to relate them to the real world -- to potential real world targets. So we do need target theories that we can prove or disprove. In order to get target theories, we remember that it's definitely hardcore sabotage, it must be a high-value target, and it is most likely located in Iran, because that's where most of the infections had been reported. Now you don't find several thousand targets in that area. It basically boils down to the Bushehr nuclear power plant and to the Natanz fuel enrichment plant.
So I told my assistant, "Get me a list of all centrifuge and power plant experts from our client base." And I phoned them up and picked their brain in an effort to match their expertise with what we found in code and data. And that worked pretty well. So we were able to associate the small digital warhead with the rotor control. The rotor is that moving part within the centrifuge, that black object that you see. And if you manipulate the speed of this rotor, you are actually able to crack the rotor and eventually even have the centrifuge explode. What we also saw is that the goal of the attack was really to do it slowly and creepy -- obviously in an effort to drive maintenance engineers crazy, that they would not be able to figure this out quickly.
The big digital warhead -- we had a shot at this by looking very closely at data and data structures. So for example, the number 164 really stands out in that code; you can't overlook it. I started to research scientific literature on how these centrifuges are actually built in Natanz and found they are structured in what is called a cascade, and each cascade holds 164 centrifuges. So that made sense, it was a match.
And it even got better. These centrifuges in Iran are subdivided into 15, what is called, stages. And guess what we found in the attack code? An almost identical structure. So again, that was a real good match. And this gave us very high confidence for what we were looking at. Now don't get me wrong here, it didn't go like this. These results have been obtained over several weeks of really hard labor. And we often went into just a dead-end and had to recover.
Anyway, so we figured out that both digital warheads were actually aiming at one and the same target, but from different angles. The small warhead is taking one cascade, and spinning up the rotors and slowing them down, and the big warhead is talking to six cascades and manipulating valves. So in all, we are very confident that we have actually determined what the target is. It is Natanz, and it is only Natanz. So we don't have to worry that other targets might be hit by Stuxnet.
Here's some very cool stuff that we saw -- really knocked my socks off. Down there is the gray box, and on the top you see the centrifuges. Now what this thing does is it intercepts the input values from sensors -- so for example, from pressure sensors and vibration sensors -- and it provides legitimate code, which is still running during the attack, with fake input data. And as a matter of fact, this fake input data is actually prerecorded by Stuxnet. So it's just like from the Hollywood movies where during the heist, the observation camera is fed with prerecorded video. That's cool, huh?
The idea here is obviously not only to fool the operators in the control room. It actually is much more dangerous and aggressive. The idea is to circumvent a digital safety system. We need digital safety systems where a human operator could not act quick enough. So for example, in a power plant, when your big steam turbine gets too over speed, you must open relief valves within a millisecond. Obviously, this cannot be done by a human operator. So this is where we need digital safety systems. And when they are compromised, then real bad things can happen. Your plant can blow up. And neither your operators nor your safety system will notice it. That's scary.
But it gets worse. And this is very important, what I'm going to say. Think about this. This attack is generic. It doesn't have anything to do, in specifics, with centrifuges, with uranium enrichment. So it would work as well, for example, in a power plant or in an automobile factory. It is generic. And you don't have -- as an attacker -- you don't have to deliver this payload by a USB stick, as we saw it in the case of Stuxnet. You could also use conventional worm technology for spreading. Just spread it as wide as possible. And if you do that, what you end up with is a cyber weapon of mass destruction. That's the consequence that we have to face. So unfortunately, the biggest number of targets for such attacks are not in the Middle East. They're in the United States and Europe and in Japan. So all of the green areas, these are your target-rich environments. We have to face the consequences, and we better start to prepare right now.
Thanks.
(Applause)
Chris Anderson: I've got a question. Ralph, it's been quite widely reported that people assume that Mossad is the main entity behind this. Is that your opinion?
Ralph Langner: Okay, you really want to hear that? Yeah. Okay. My opinion is that the Mossad is involved, but that the leading force is not Israel. So the leading force behind that is the cyber superpower. There is only one, and that's the United States -- fortunately, fortunately. Because otherwise, our problems would even be bigger.
CA: Thank you for scaring the living daylights out of us. Thank you Ralph.
(Applause)
10m:40s
9281
Money As Debt - Full Length Documentary - English
Money As Debt is a fast-paced and highly entertaining animated feature by artist & videographer, Paul Grignon. It explains today's magically...
Money As Debt is a fast-paced and highly entertaining animated feature by artist & videographer, Paul Grignon. It explains today's magically perverse DEBT-MONEY SYSTEM in terms that are easy to understand.
Check out his website: http://www.moneyasdebt.net/
Money is a new form of slavery, and distinguishable from the old simply by the fact that it is impersonal, there is no human relation between master and slave. Debt- government, corporate and household has reached astronomical proportions. Where does all this money come from? How could there BE that much money to lend? The answer is...there isn't. Today, MONEY IS DEBT. If there were NO DEBT there would be NO MONEY.
If this is puzzling to you, you are not alone. Very few people understand, even though all of us are affected.
46m:56s
6201
Dr. Burzynski Cancer Research Institute Threatens Big Pharma - English
Mike Adams from NaturalNews.com, reporting for Infowars.com visits the Burzynski research institute and speaks with Dr. Stanislaw Burzynski,...
Mike Adams from NaturalNews.com, reporting for Infowars.com visits the Burzynski research institute and speaks with Dr. Stanislaw Burzynski, founder of the research institute and clinic. Dr. Burzynski talks about how his invention of gene-targeted cancer medications called Antineoplastons has shown much greater success rates for ridding the body of cancer than any conventional method. Dr. Burzynski also explains that while his invention should be applauded by the medical industry as a whole, it actually made him a target of scrutiny and many indictments
11m:0s
5889
EPA agenda has nothing to do with reducing levels of mercury in the...
Congressman Ed Whitfield (R-KY) explains that the EPA agenda has nothing to do with reducing levels of mercury in the environment but is...
Congressman Ed Whitfield (R-KY) explains that the EPA agenda has nothing to do with reducing levels of mercury in the environment but is solely about closing coal plants. The mercury issue is a PR stunt to gain public support.
3m:40s
10685
Israel Wayne clip from Movie IndoctriNation - English
Israel Wayne explains why Christians need no more than the first few verses of Psalm 1 to see God's will for the education of their children.
Israel Wayne explains why Christians need no more than the first few verses of Psalm 1 to see God's will for the education of their children.
1m:37s
3146
National Socialism + ZIonism = NAZI - English
Eustace Mullins explains connection between the
NAtional socialists and ZIonists. The result is a NAZI Party
which rules the world today
Eustace Mullins explains connection between the
NAtional socialists and ZIonists. The result is a NAZI Party
which rules the world today
9m:59s
4213
Geithner Is A Criminal! So How Is It He COULD Face Criminal...
Judge Napolitano explains in simple terms how Geithner could be held criminally liable for his part in the AIG scandal in which he authorized...
Judge Napolitano explains in simple terms how Geithner could be held criminally liable for his part in the AIG scandal in which he authorized Goldman Sachs to receive 100 pennies on the dollar for its near worthless assets - paid by taxpayers.
4m:31s
4405
Al Jazeera Journalist Explains Resignation over Syria and Bahrain...
Ali Hashem: Al Jazeera has become a "media war machine" and is "committing journalistic suicide".
Ali Hashem is a television journalist who...
Ali Hashem: Al Jazeera has become a "media war machine" and is "committing journalistic suicide".
Ali Hashem is a television journalist who recently resigned from his post as a war reporter for Al Jazeera. While working for Al Jazeera, he covered the revolution in Libya, Lebanese politics, and tension related to the Syrian uprising on the Syrian Lebanese borders. He also worked for the BBC and led the production team at Manar TV
17m:45s
6240
*MUST WATCH* Crushing Bahrain Revolution crucial to war plans against...
Annexation - that's what tens of thousands of protesters in the Middle East are calling new Arab union plans. It comes after Saudi Arabia said it...
Annexation - that's what tens of thousands of protesters in the Middle East are calling new Arab union plans. It comes after Saudi Arabia said it wants to form an alliance with Bahrain, paving the way for an EU-style of integration. Independent political analyst Dan Glazebrook explains why he thinks the Bahraini government is so supportive of the plan.
5m:31s
5546
Syrian FSA - Tunisian Ex-Jihadist - Why he Stopped Fighting Alongside...
Tunisian Ex-Jihadist Tells Tunisian TV Why he Stopped Fighting Alongsid the FSA in Syria
This mini-report from Tunisian TV station, Delta TV,...
Tunisian Ex-Jihadist Tells Tunisian TV Why he Stopped Fighting Alongsid the FSA in Syria
This mini-report from Tunisian TV station, Delta TV, shows an interview with a 29-year old Tunisian man who traveled to Syria and fought alongside the \"Free Syrian Army\" (FSA) against the Syrian Army. He explains why he stayed there for slightly over a month and decided to return back to his home country instead of remaining there for Jihad, as is the case with other young Tunisians who were sent to Syria mainly by their imams (clerics).
The interview corroborates some of other eyewitness accounts that accuse the FSA of committing massacres in order to frame the Syrian Army. He also states that no medical treatment was given to any foreign (Arab) Jihadist, which meant that any injury could end up in death. He also acknowledges that these Jihadis are being used as cannon fodder to fight a war by proxy.
3m:17s
5643
Sayyed Nasrallah Clarifies Hezbollah\'s Position towards Situation in...
The Secretary General of Hezbollah, Sayyed Hassan Nasrallah (ha), explains the criteria which determines his party\\\\\\\'s position...
The Secretary General of Hezbollah, Sayyed Hassan Nasrallah (ha), explains the criteria which determines his party\\\\\\\'s position towards all the Arab revolutions and uprisings. In this video, Sayyed Nasrallah focuses on the protests in Syria, and responds to accusations of double standards against Hezbollah in this regard.
This was an excerpt from an interview of His eminence Sayyed Hassan Nasrallah (ha) by Al-Manar Tv on the 24th of October 2011.
14m:41s
14940
Kids Cartoon - PINGU - Pingu the Baker - All Languages
Pingu walks past a shop with a large cake on display, sees it is a bakery and decides to have a look. He looks in the keyhole in surprise, and sees...
Pingu walks past a shop with a large cake on display, sees it is a bakery and decides to have a look. He looks in the keyhole in surprise, and sees the baker mixing something in a bowl. There\\\'s a good smell in the shop. The baker goes to the oven, slides out some bread he\\\'s baking, and then returns it to cook some more. He sees Pingu and greets him. A table full of delicious looking cakes and other similar goodies then amazes Pingu. The baker shows Pingu how to make the baking mixture; while he\\\'s getting the yeast to put in Pingu can\\\'t resist sneaking a taste. The baker shows Pingu what to do with the yeast, and then takes the bread he\\\'s baked out of the oven. He presents Pingu with a baker\\\'s hat. Pingu is very excited, thanks the baker and rushes off home to do some baking himself. He gets all the ingredients out, and finds a bowl to mix them in. Pinga comes out of the bedroom, comes over and asks Pingu what he\\\'s doing. Pingu explains, settles down to do the mixing and then realises he needs a whisk to stir the mixture with. He asks Pinga to get it for him, which she does. Pingu starts to mix in the ingredients, but can\\\'t get much out of the first packet and throws it away in disgust. The packet hits the wall and the contents splatter. Pingu compensates by putting all the contents of the other packets he\\\'s got into the mixture, and stirs vigorously, spilling quite a lot of the mixture in the process. He then goes to add the yeast, can\\\'t remember how much, and ends up adding nearly all of it. The mixture gets another good stir, and he tries it. It\\\'s rather good! Pinga wants a taste as well, so he lets her have a lick off the whisk. Pingu puts the whisk in the mixture. It moves around, preventing Pingu from grabbing it, and then disappears under the surface. Pingu is annoyed and shouts at the bowl; the whisk shoots out and Pingu catches it. Pingu gets a pan, tips in the mixture, and puts the pan in the oven. He then notices the mess he\\\'s made and, with Pinga\\\'s help, clears up. They\\\'re then both a bit alarmed when the stove starts rattling, and the stove door bulges out, and take refuge in the toy box. Mother and Father arrive home on the motorised sled, and are puzzled by what the stove is doing when they walk in. Suddenly the stove door bangs open and the baked bread is thrown out. They all go over to inspect it, and rather enjoy the aroma being given off.
5m:15s
59427
Kids Cartoon - PINGU - Pingus Curling Game - All Languages
Robby, who has a proper curling stone, invites Pingu to have a game with him. Pingu doesn\'t have a curling stone, so he gets his hot water bottle...
Robby, who has a proper curling stone, invites Pingu to have a game with him. Pingu doesn\'t have a curling stone, so he gets his hot water bottle to use instead, which Mother is using while she is asleep, he sneaks up trying to not wake up Mother and gets the bottle successfully. On their first go, Robby gets his the farthest, on the second Robby again gets his the farthest, but both finish up near a neighbour who is sitting on an ice block reading, and he tells them to leave him alone. They swap stones, and play back the way they came. Robby wins this as well. Pingu is annoyed, and plays the stone as hard as he can. Unfortunately, it goes toward the neighbour who is reading and knocks the seat from under him, depositing him on the ice on his backside! Robby laughs; Pingu gets sympathic. He is understandably rather furious at this and goes to tell Pingu off, but Robby tries to pull him back. This annoys him even more and he follows Pingu home. Pingu goes indoors and hides inside his toy box, while Mother is ironing a towel, but she is not paying attention and burns it, much to her dismay. The neighbour bangs on the door and comes in. The neighbour explains to Pingu\'s Mother what happened, and Mother gets Pingu to apologize. Pingu is afraid to apologize because of how mean he is, however Mother comforts Pingu and Pingu apologizes to the neighbour, and he and Pingu make up and shake hands. The neighbour and Pingu then have a game. Pingu gets his the farthest because his jumps over the other!, much to the neighbour\'s annoyance
5m:16s
16040
Proper deit can stop cancer - Dr William Li - English
Dr. William Li explains that blood-vessel capillaries can grow in order to feed cancer tumors in their later stages. He says that this growth can...
Dr. William Li explains that blood-vessel capillaries can grow in order to feed cancer tumors in their later stages. He says that this growth can be prevented simply by altering one\'s diet. Studies have shown that common foods like tea, turmeric, red grapes, garlic, and others outperform cancer drugs in this mission. Stopping capillary growth will starve the cancer tumor
24m:10s
5886
What are the economics of debt - English
Economist Richard Douthwaite explains that our current economic system relies on debt for money supply. This means that our economic model requires...
Economist Richard Douthwaite explains that our current economic system relies on debt for money supply. This means that our economic model requires constant economic growth. He goes on to imagine what happen in a sustainable economic system
6m:1s
4498
Tthe latest chemical attack in Syria is false - Flag operation - English
James Corbett explains why the latest chemical attack in Syria, that may have killed up to 1300 people and which is being blamed on Assads army has...
James Corbett explains why the latest chemical attack in Syria, that may have killed up to 1300 people and which is being blamed on Assads army has all the earmarks of a false flag operation perpetrated by the Syrian rebels The rebels have a history of using chemical weapons and they would have much to gain if the attacks are blamed on the army Assad on the other hand would have much to lose by launching a chemical attack on its own citizens especially since it has been winning the conflict for the past several months
6m:14s
4818
[16 Jan 2014] Bandar bin Sultan mastermind, financier of Saudi terror...
Saudi Arabia is under fire in the region for its war-mongering foreign policies. In a recent article by professor James Petras from Binghamton...
Saudi Arabia is under fire in the region for its war-mongering foreign policies. In a recent article by professor James Petras from Binghamton University in New York, the role of a man on top of what he calls \"the Saudi terror network\" has been highlighted. The article explains how the Saudi spy chief, Bandar bin Bandar has financed and armed clandestine terror operations in Syria, Iraq, Afghanistan and elsewhere, by using al-Qaeda affiliates and the Saudi-controlled, radical Wahhabi sect. For more on the subject, we interviewed the author of the article: \"Global Terrorism and Saudi Arabia: Bandar\'s Terror Network\".
2m:23s
7509
US does not care whether you are Sunni or Shia Imam Khomeini - Arabic...
An Iraqi Leader explains his observations about US Politics and Politicians from 1979 Islamic revolution till today. \\\"US doesn\\\'t care...
An Iraqi Leader explains his observations about US Politics and Politicians from 1979 Islamic revolution till today. \\\"US doesn\\\'t care whether you\\\'re Sunni or Shia, but whether you obey it\\\" Iraqi Leader -
3m:43s
4708
The true meaning of Jihad - Farsi sub English
The true meaning of Jihad - Farsi sub English
The Leader, Ayatollah Sayyid Ali Khamenei, explains the true meaning of Jihad using the lives of...
The true meaning of Jihad - Farsi sub English
The Leader, Ayatollah Sayyid Ali Khamenei, explains the true meaning of Jihad using the lives of the infallible Imams (as).
Source: 8th summit of GA of IRTVU and 6th GA of Ahlulbayt World Assembly, dated 17 August 2015.
4m:35s
25666
Roaming around in markets at Hajj - Farsi sub English
Roaming around in markets at HAJJ
The Leader points out one of the common issues many pilgrims encounter. He explains the importance of availing...
Roaming around in markets at HAJJ
The Leader points out one of the common issues many pilgrims encounter. He explains the importance of availing the opportunity of Hajj in the best manner possible.
3m:26s
25529
Love Love Love... The tradition of Friendship - Farsi sub English
Love Love Love... The tradition of Friendship.
Agha Ali Raza Panahiyan highlighting the significance of friendship and love. He further explains...
Love Love Love... The tradition of Friendship.
Agha Ali Raza Panahiyan highlighting the significance of friendship and love. He further explains the effects of it on every believer\\\\\\\'s life.
Shiatv.net/user/PureStreamMedia
Telegram.me/PureStreamMedia
Fb.com/PureStreamMedia
4m:34s
17271
Negotiation with the Great Satan America is Forbidden - Farsi sub English
Negotiation with the Great Satan (America) is Forbidden
Some simple minded and naive people insist on negotiating with America. The Leader...
Negotiation with the Great Satan (America) is Forbidden
Some simple minded and naive people insist on negotiating with America. The Leader explains why all the sincere, intelligent, sane, and sincere Iranian nation is against negotiation with the great satan!
Shiatv.net/user/PureStreamMedia
Telegram.me/PureStreamMedia
Fb.com/PureStreamMedia
7m:28s
24960
Who is a Shia? | Rahimpour Azghadi | Farsi sub English
Who is a Shia? How do we define a Shia of Ahlulbayt (as)? Agha Rahimpour Azghadi explains it in the light of the teachings of Ahlulbayt...
Who is a Shia? How do we define a Shia of Ahlulbayt (as)? Agha Rahimpour Azghadi explains it in the light of the teachings of Ahlulbayt (as).
Duration: 3:48
3m:49s
16238
Where did it start? | Agha Panahian - Farsi Sub English
Agha Panahian explains the concept of the domino effect to us and where in history did the event of Karbala start.
Duration: 4:19
Follow us...
Agha Panahian explains the concept of the domino effect to us and where in history did the event of Karbala start.
Duration: 4:19
Follow us at :
Shiatv.net/user/PureStreamMedia
Telegram.me/PureStreamMedia
Fb.com/PureStreamMedia
4m:31s
17847
[MUST WATCH] What is the meaning of Global Arrogance...! | Farsi sub...
How do we define Global Arrogance (Istekbaar). A must watch clip with attractive graphics that explains the meaning of Global Arrogance....
How do we define Global Arrogance (Istekbaar). A must watch clip with attractive graphics that explains the meaning of Global Arrogance. Please share!
2m:19s
22370
Allah Loves You | Agha Alireza Panahian | Farsi sub English
Agha Panahian explains to us that some things can only be understood by the heart. Allah\\\\\\\'s love for us can only be understood by the heart....
Agha Panahian explains to us that some things can only be understood by the heart. Allah\\\\\\\'s love for us can only be understood by the heart. Even if we are drowned in sin, Allah waits for us to whisper to Him.
4m:11s
22122
Video Tags:
PureStream,Pure
Stream
Media,PureStreamMedia,Clip,Clips,Short
Clips,English
Subtiltes,Good
Advise,Advise,Muslims,Muslim
Ummah,Allah,God,Allah
Loves
You,Agha
Ali
Reza
Panahian,Panahian,Reza,Alireza,Islamic
Scholar,Scholar,Farsi,English,Farsi
sub
English,
Weekly Religious Gatherings | Agha Alireza Panahian | Farsi sub English
Weekly religious gatherings are a source of many blessings for the youths. What should be the objectives of such gatherings? Agha Panahian explains...
Weekly religious gatherings are a source of many blessings for the youths. What should be the objectives of such gatherings? Agha Panahian explains how we should commemorate these gatherings.
2m:58s
18765
Video Tags:
Pure,
Stream,
Media,
Islam,
Agha,
Ali,
Reza,
Panahian,
Weekly,
Week,
Religious,
Gatherings,
Blessings,
Bless,
Commemorate,
Gathering,