Stuxnet Non-Proliferation Treaty rootkit Enforcer
Stuxnet Maybe the first Non-Proliferation Treaty rootkit
Enforcer, not meant only for Iran either.
Hello N. Korea, Syria etc.
So far everything points to a universal
"Trust but verify, and turn it off if it violates
Non-Proliferation Treaty" rule set.
It monitors reactor production and
radiation levels, gathers size, location
and other identifying and quantitative data
and periodical sends this data through one
of the backdoors thru a maze of IPs
till it delivers said data to a repository.
( To be clear, it is a bot, they talk to each
other P2P. G )
And the production of that reactor
is tracked in detail, and reports same.
Now even if the worm/rootkit is cut
off from the web it still operates.
With its own artificial intelligence it
tracks the data and if given limits are
crossed, production of weapon grade
material then the actions are tripped.
A big disaster would be if it caused
a Chernobyl, so it has been tested
and has paradigms to keep out
put as safe levels. It will take over
a out of control hot reactor and shut
it down if need be.
But its main defense against violations
of the non-proliferation treaty is to
corrupt the material rendering it incapable
of further processing. Destroy the product
for weapons but safely.
It in no way will damage a system,
as it is capable of taking over a reactor
and running it. Any civilian collateral
damage would be catastrophic for
the policy.
But it can on its own stop the violation.
In the case of a nuclear member, it
can just watch, with no interference.
Its artificial Intelligence working to
id the location and identifying data.
Of the 30,000 or 300,000 computers
it has penetrated in Iran it only has
to survive on 'one' to pick up new
instructions and or new infection
vectors to re infect Iran's entire net
work again.
How detailed and extensive is the
monitoring the worm does?
Here are some details.
http://www.symantec.com/connect/blogs/exploring-stuxnet-s-plc-infection-process
Very extensive monitoring and
control abilities. Plus an artificial Intelligence.
If it looses contact.
If Iran isn't sure of 100% eradication
then they might want to leave it connected.
I would prefer real humans to artificial Intelligence
running a reactor any time.
But all this depends on Iran's regime.
And Irans IT experts.
With a switch of pay loads this could
go after the banks or power plants,
manufacturing lots of options.
Iran may have been check mated here.
This one was easy to find.
Are there others Invisible persistent
Rootkits? also on those PCs?
I would be hard put to say no
with any assurance or certainty.
It monitors reactor production and
radiation levels, gathers size, location
and other identifying and quantitative data
and periodical sends this data through one
of the backdoors thru a maze of IPs
till it delivers said data to a repository.
( To be clear, it is a bot, they talk to each
other P2P. G )
And the production of that reactor
is tracked in detail, and reports same.
Now even if the worm/rootkit is cut
off from the web it still operates.
With its own artificial intelligence it
tracks the data and if given limits are
crossed, production of weapon grade
material then the actions are tripped.
A big disaster would be if it caused
a Chernobyl, so it has been tested
and has paradigms to keep out
put as safe levels. It will take over
a out of control hot reactor and shut
it down if need be.
But its main defense against violations
of the non-proliferation treaty is to
corrupt the material rendering it incapable
of further processing. Destroy the product
for weapons but safely.
It in no way will damage a system,
as it is capable of taking over a reactor
and running it. Any civilian collateral
damage would be catastrophic for
the policy.
But it can on its own stop the violation.
In the case of a nuclear member, it
can just watch, with no interference.
Its artificial Intelligence working to
id the location and identifying data.
Of the 30,000 or 300,000 computers
it has penetrated in Iran it only has
to survive on 'one' to pick up new
instructions and or new infection
vectors to re infect Iran's entire net
work again.
How detailed and extensive is the
monitoring the worm does?
Here are some details.
http://www.symantec.com/connect/blogs/exploring-stuxnet-s-plc-infection-process
Very extensive monitoring and
control abilities. Plus an artificial Intelligence.
If it looses contact.
If Iran isn't sure of 100% eradication
then they might want to leave it connected.
I would prefer real humans to artificial Intelligence
running a reactor any time.
But all this depends on Iran's regime.
And Irans IT experts.
With a switch of pay loads this could
go after the banks or power plants,
manufacturing lots of options.
Iran may have been check mated here.
This one was easy to find.
Are there others Invisible persistent
Rootkits? also on those PCs?
I would be hard put to say no
with any assurance or certainty.
Remarkable concept.
Paradigm Intel says it has artificial Intelligence
craft, so it would know difference between China's
reactor and Iran's reactor.
This display will also serve as a big deterrent,
and warning shot to any other cyber Pirates.
Next demonstration maybe to take down
an entire bot net in seconds.
There is little doubt about who is behind
this, but there will be NO evidence either.
Lots of knowledge but no Proof.
And a very powerful deterrent against
cyber strikes on US.
Like when USA had the only nukes.
Then Russia got them.
Ok who is next to hit Iran, prove
they have the Cyber Power?
Gerald
Tactical Internet Systems analyst.
.
posted by gerald at
9/25/2010 11:31:00 PM
READ MORE
READ OR SUBSCRIBE, Our WAR OSINT on Twitter
Tweet
2 Comments:
Perhaps it is time for one of your Genius Readers Pie charts?
Thanks. 15% unknown? Does that mean they are using proxies or something?
You probably read this last year but a commenter at PJM linked this story http://www.ynetnews.com/articles/0,7340,L-3742960,00.html
Post a Comment
Subscribe to Post Comments [Atom]
<< Home