Stuxnet Non-Proliferation Treaty rootkit Enforcer
It monitors reactor production and
radiation levels, gathers size, location
and other identifying and quantitative data
and periodical sends this data through one
of the backdoors thru a maze of IPs
till it delivers said data to a repository.
( To be clear, it is a bot, they talk to each
other P2P. G )
And the production of that reactor
is tracked in detail, and reports same.
Now even if the worm/rootkit is cut
off from the web it still operates.
With its own artificial intelligence it
tracks the data and if given limits are
crossed, production of weapon grade
material then the actions are tripped.
A big disaster would be if it caused
a Chernobyl, so it has been tested
and has paradigms to keep out
put as safe levels. It will take over
a out of control hot reactor and shut
it down if need be.
But its main defense against violations
of the non-proliferation treaty is to
corrupt the material rendering it incapable
of further processing. Destroy the product
for weapons but safely.
It in no way will damage a system,
as it is capable of taking over a reactor
and running it. Any civilian collateral
damage would be catastrophic for
the policy.
But it can on its own stop the violation.
In the case of a nuclear member, it
can just watch, with no interference.
Its artificial Intelligence working to
id the location and identifying data.
Of the 30,000 or 300,000 computers
it has penetrated in Iran it only has
to survive on 'one' to pick up new
instructions and or new infection
vectors to re infect Iran's entire net
work again.
How detailed and extensive is the
monitoring the worm does?
Here are some details.
http://www.symantec.com/connect/blogs/exploring-stuxnet-s-plc-infection-process
Very extensive monitoring and
control abilities. Plus an artificial Intelligence.
If it looses contact.
If Iran isn't sure of 100% eradication
then they might want to leave it connected.
I would prefer real humans to artificial Intelligence
running a reactor any time.
But all this depends on Iran's regime.
And Irans IT experts.
With a switch of pay loads this could
go after the banks or power plants,
manufacturing lots of options.
Iran may have been check mated here.
This one was easy to find.
Are there others Invisible persistent
Rootkits? also on those PCs?
I would be hard put to say no
with any assurance or certainty.