Internet Anthropologist Think Tank: Stuxnet Non-Proliferation Treaty rootkit Enforcer

  • Search our BLOG


  • HOME
    Terrorist Names SEARCH:
    Loading

    Saturday, September 25, 2010

    Stuxnet Non-Proliferation Treaty rootkit Enforcer


    Stuxnet Maybe the first Non-Proliferation Treaty rootkit
    Enforcer, not meant only for Iran either.

    Hello N. Korea, Syria etc.

    So far everything points to a universal 
    "Trust but verify, and turn it off if it violates
    Non-Proliferation Treaty" rule set.

    It monitors reactor production and
    radiation levels, gathers size, location
    and other identifying and quantitative data
    and periodical sends this data through one
    of the backdoors thru a maze of IPs
    till it delivers said data to a repository.
    ( To be clear, it is a bot, they talk to each
    other P2P. G )

    And the production of that reactor
    is tracked in detail, and reports same.

    Now even if the worm/rootkit is cut
    off from the web it still operates.

    With its own artificial intelligence it
    tracks the data and if given limits are
    crossed, production of weapon grade
    material then the actions are tripped.

    A big disaster would be if it caused
    a Chernobyl, so it has been tested
    and has paradigms to keep out
    put as safe levels. It will take over
    a out of control hot reactor and shut
    it down if need be.

    But its main defense against violations
    of the non-proliferation treaty is to
    corrupt the material rendering it incapable
    of further processing. Destroy the product
    for weapons but safely.

    It in no way will damage a system,
    as it is capable of taking over a reactor
    and running it. Any civilian collateral
    damage would be catastrophic  for
    the policy.

    But it can on its own stop the violation.
    In the case of a nuclear member, it
    can just watch, with no interference.
    Its artificial Intelligence working to
    id the location and identifying data.

    Of the 30,000 or 300,000 computers
    it has penetrated in Iran it only has
    to survive  on 'one' to pick up new
    instructions and or new infection
    vectors to re infect Iran's entire net
    work again.

    How detailed and extensive is the
    monitoring the worm does?
    Here are some details.
    http://www.symantec.com/connect/blogs/exploring-stuxnet-s-plc-infection-process
    Very extensive monitoring and
    control abilities. Plus an artificial Intelligence.
    If it looses contact.
    If Iran isn't sure of 100% eradication
    then they might want to leave it connected.
    I would prefer real humans to artificial Intelligence
    running a reactor any time.

    But all this depends on Iran's regime.
    And Irans IT experts.
    With a switch of pay loads this could
    go after the banks or power plants,
    manufacturing lots of options.

    Iran may have been check mated here.
    This one was easy to find.
    Are there others Invisible persistent
    Rootkits? also on those PCs?

    I would be hard put to say no
    with any assurance or certainty.





    Remarkable concept.
    Paradigm Intel says it has artificial Intelligence
    craft, so it would know difference between China's
    reactor and Iran's reactor.

    This display will also serve as a big deterrent, 
    and warning shot to any other cyber Pirates.

    Next demonstration maybe to take down
    an entire bot net in seconds.

    There is little doubt about who is behind
    this, but there will be NO evidence either.
    Lots of knowledge but no Proof.

    And a very powerful deterrent against
    cyber strikes on US.

    Like when USA had the only nukes.
    Then Russia got them.

    Ok who is next to hit Iran, prove
    they have the Cyber Power?


    Gerald
    Tactical Internet Systems analyst.

    .

    2 Comments:

    Anonymous Anonymous said...

    Perhaps it is time for one of your Genius Readers Pie charts?

    4:21 PM  
    Anonymous Anonymous said...

    Thanks. 15% unknown? Does that mean they are using proxies or something?

    You probably read this last year but a commenter at PJM linked this story http://www.ynetnews.com/articles/0,7340,L-3742960,00.html

    10:54 PM  

    Post a Comment

    Subscribe to Post Comments [Atom]

    << Home