Subscribe free to our newsletters via your
. Military Space News .

Cyber sleuths unravel Stuxnet mysteries
by Staff Writers
Beirut, Lebanon (UPI) Feb 28, 2013

China says US-based hackers attack its military websites
Beijing (AFP) Feb 28, 2013 - Hackers mainly based in the United States attacked two Chinese military websites including the Defence Ministry page an average of 144,000 times a month last year, the ministry said on Thursday.

China's first report of attacks on its websites steps up a war of words between the powers, after a US security company said last week that a Chinese military unit was behind a series of hacking attacks on US firms.

"The Defence Ministry and China Military Online websites were hacked from overseas on average 144,000 times a month in 2012," ministry spokesman Geng Yansheng said on the ministry's website.

China Military Online is a People's Liberation Army news website.

Some 62 percent of the attacks came from the United States, he said, adding that the number of hacking assaults on military websites "has risen steadily in recent years".

He did not specify any entities from which the alleged attacks originated.

A report from US security firm Mandiant said a unit of China's People's Liberation Army had stolen hundreds of terabytes of data from at least 141 organisations, mostly based in the United States.

China's defence ministry had said the report had "no factual basis".

Geng called on US officials to "explain and clarify" what he said were recent US media reports that Washington would carry out "pre-emptive" cyber attacks and expand its online warfare capabilities.

Such efforts are "not conducive to the joint efforts of the international community to enhance network security", he said.

Geng also said that while China's military forces were working hard to push ahead with what he called "informatisation", they still had some distance to go.

"There is still a certain gap between the building up of China's military informatisation and the advanced global military level," he said. "At present, China's military has no cyber warfare units."

Hacking accusations have strained ties between Washington and Beijing, with State Department spokeswoman Victoria Nuland saying this month that hacking comes up "in virtually every meeting we have with Chinese officials".

Last month the New York Times and other American media outlets reported they had come under hacking attacks from China, and a US congressional report last year named the country as "the most threatening actor in cyberspace".

China has called the charges groundless and state media have accused Washington of making China a scapegoat to deflect attention from US economic problems.

Cyber detectives unraveling mysteries surrounding the Stuxnet computer virus that infected Iran's nuclear program say the worm was active four years earlier than thought.

And the verdict appears to be that in a series of cyberattacks on Iran's uranium enrichment process, the vital element in producing weapons-grade material, the virus set Tehran's nuclear project back several years and likely averted threatened pre-emptive attacks by Israel.

Researchers at the leading security company Symantec say they've discovered an early version of Stuxnet, what they call a "missing link," that was active as early as 2005.

"The new finding ... resolves a number of long-standing mysteries around a part of the attack code that appeared in the 2009 and 2010 variants of Stuxnet, but was incomplete in those variants and had been disabled by the attackers," said Kim Zetter of the website that specializes in defense and security affairs.

The first the world heard of Stuxnet was in June 2009 after it destroyed around 1,000 centrifuges, machines used to enrich uranium, at the underground uranium enrichment facility at Natanz in central Iran.

There were further strikes against clusters of centrifuges by variants of Stuxnet in March and April 2010.

The June 2009 variant was labeled 1.001. The one used in March 2010 was tagged 1.100 and the April 2010 version was 1.101.

"The gaps in version numbers suggested that other versions of Stuxnet were developed, even if they were not released into the wild," Zetter wrote.

"That theory bore out when the researchers discovered the 2007 variant, which turned out to be version 0.5."

Symantec, which reverse-engineered the 2010 version of Stuxnet and uncovered the latest variant, discovered the 2007 version a few months ago during a routine search of its malware database while looking for files that matched patterns of known malware.

The company's report said the discoveries indicated that the developers of Stuxnet, generally believed to be the United States and Israel, had been working on the project as early as November 2005.

That meant the plan to sabotage Iran's nuclear program with a destructive computer virus had been hatched during the administration of U.S. President George W. Bush, rather than during President Barack Obama's first term as had been thought.

Stuxnet 0.5 could have been "in the wild ... as early as November 2005," Symantec observed, although it may not have been operational as a virus at that time.

As far as is known, centrifuge cascades weren't installed in Natanz until 2007.

"It's long been suspected by some experts that Stuxnet was already sabotaging cascades at Natanz sometime between late 2008 and mid-2009," Zetter said. "The new findings from Symantec support that theory."

Stuxnet 0.5, which perhaps "did not completely fulfill the attackers' goals," was programmed to stop working on a specific date in 2009 after which newer versions of the virus took over, Symantec said.

The 2009 and 2010 versions contained attack sequences that targeted the programmable logic control automation systems manufactured by Germany's Siemens -- the Siemens S7-316 and S7-417 models -- that ran the centrifuge cascades.

The 1.0 version of Stuxnet is believed to have penetrated Iranian computers after being copied onto USB sticks that were left in computers in India and Iran known to have been used by Iranian nuclear scientists and their associates.

The effects of the various Stuxnet variants used to disrupt the secret Iranian program caused immense damage at the Natanz facility.

"The success of Stuxnet -- in both forms -- is reckoned to have averted a planned military strike by Israel against Iran's reprocessing efforts in 2011," observed Charles Arthur, technology editor of the British daily the Guardian.

"During 2010 it had seemed increasingly likely that Israel might target the heavily armored plant to thwart Iran's nuclear ambitions.

"But the computer virus, one of the most visible forms of a cyberwar that is increasingly raging between nation states, made that unnecessary, and is reckoned to have put Iran's plans back for years."


Related Links
Cyberwar - Internet Security News - Systems and Policy Issues

Comment on this article via your Facebook, Yahoo, AOL, Hotmail login.

Share this article via these popular social media networks DiggDigg RedditReddit GoogleGoogle

Memory Foam Mattress Review
Newsletters :: SpaceDaily :: SpaceWar :: TerraDaily :: Energy Daily
XML Feeds :: Space News :: Earth News :: War News :: Solar Energy News

China says US-based hackers attack its military websites
Beijing (AFP) Feb 28, 2013
Hackers mainly based in the United States attacked two Chinese military websites including the Defence Ministry page an average of 144,000 times a month last year, the ministry said on Thursday. China's first report of attacks on its websites steps up a war of words between the powers, after a US security company said last week that a Chinese military unit was behind a series of hacking atta ... read more

US radar to boost missile defence in Japan

Israel tests Arrow but funding cuts loom

Israel tests new Arrow missile interceptor

JLENS demonstrates tactical ballistic missile defense capability

Syria missile strikes in Aleppo leave 58 dead: NGO

India wants to sell Russia BraMos missiles

Brazil to open talks on buying Russian missiles

JASSM Completes Lot 6 Reliability Assessment Program Testing

Better workstations for drone operators may reduce mishaps

Boeing Phantom Eye Completes Second Flight

US military may take over part of CIA drone war

First Flight of nEUROn UAV Demonstrator Conducted

Boeing Receives USAF Contract for Integrated C4ISR Targeting Solution

Air Operations Center Modernization Program PDR Completed

Advanced Communications Waveforms Ported To Navy Digital Modular Radios

Astrium tapped for communications network

Raytheon's new precision artillery ready for low-rate initial production

New clip-on Thermal Weapon Sight offers more accurate targeting

Caribbean security firms see niche market

Bolstering the Front Line of Biological Warfare Response

Britain's MoD under fire for 'wasting' billions

Greece and France to sign defence agreement: Le Drian

Pentagon to make 'quick decisions' on sequester cuts

India hikes defence spending by 21%

Outside View: Unintended consequences

Japan scrambles fighters to meet China plane

Japan PM quotes Britain's Iron Lady on island dispute

Commentary: Defense: Mutatis mutandis

Scientists delve deeper into carbon nanotubes

New taxonomy of platinum nanoclusters

Nano-machines for 'bionic proteins'

Forging a new periodic table using nanostructures

The content herein, unless otherwise known to be public domain, are Copyright 1995-2014 - Space Media Network. AFP, UPI and IANS news wire stories are copyright Agence France-Presse, United Press International and Indo-Asia News Service. ESA Portal Reports are copyright European Space Agency. All NASA sourced material is public domain. Additional copyrights may apply in whole or part to other bona fide parties. Advertising does not imply endorsement,agreement or approval of any opinions, statements or information provided by Space Media Network on any Web page published or hosted by Space Media Network. Privacy Statement