Beyond Stuxnet

Looks like someone, and I’m guessing it’s not the Anonymous script kiddies, is getting ready to open a serious can of cyberwarfare whoop ass on someone.

W32.Duqu: The Precursor to the Next Stuxnet

On October 14, 2011, a research lab with strong international connections alerted us to a sample that appeared to be very similar to Stuxnet. They named the threat “Duqu” [dyü-kyü] because it creates files with the file name prefix “~DQ”. The research lab provided us with samples recovered from computer systems located in Europe, as well as a detailed report with their initial findings, including analysis comparing the threat to Stuxnet, which we were able to confirm. Parts of Duqu are nearly identical to Stuxnet, but with a completely different purpose.

Duqu is essentially the precursor to a future Stuxnet-like attack. The threat was written by the same authors (or those that have access to the Stuxnet source code) and appears to have been created since the last Stuxnet file was recovered. Duqu’s purpose is to gather intelligence data and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party. The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility.

Duqu does not contain any code related to industrial control systems and is primarily a remote access Trojan (RAT). The threat does not self-replicate. Our telemetry shows the threat was highly targeted toward a limited number of organizations for their specific assets. However, it’s possible that other attacks are being conducted against other organizations in a similar manner with currently undetected variants.

See also:
Son of Stuxnet Found in the Wild on Systems in Europe
Duqu May Have Targeted Certificate Authorities for Encryption Keys
Stuxnet Clone ‘Duqu’: The Hydrogen Bomb of Cyberwarfare?
“Son of Stuxnet” Virus Uncovered
New virus a cyber ‘attack in the making’
Cyberattack forecast after spy virus found
Stuxnet successor on the loose?
Brace for “son of Stuxnet” — Duqu spies on SCADA
Duqu: Son of Stuxnet?
Symantec, McAfee differ on Duqu threat
Who’s behind worm Duqu, ‘son of Stuxnet’?
Stuxnet-based cyber espionage virus targets European firms
Key European Nuclear Firms Attacked By Variation On Stuxnet Virus

A couple of conclusions come to mind. First, the fact that Duqu is based on Stuxnet and the Stuxnet source code has never been released makes it a sure bet that the authors are one in the same, namely Israel and/or the United States, Second, the fact that Duqu is clandestinely collecting information from European manufacturers of industrial control system software, specifically software that controls nuclear facilities, strongly suggests that the eventual primary target of the apparent pending cyberattack will, once again, be Iran’s nuclear program.

/in other words, Duqu is setting up a cyberassault that will hopefully finish, once and for all, the job that Stuxnet so effectively started, halting Iran’s quest for a nuclear weapon in its tracks without having to bomb the [expletive deleted] out of their nuclear facilities

Advertisements

Back In The Soyuz Again?

The good news is that we probably won’t have to abandon the International Space Station after all. The bad news is that we’re still dependent on the Russians to get our astronauts there.

NASA Confirms Russian Soyuz Failure Findings

An independent NASA panel reviewing data related to the Aug. 24 failure of the Russian Soyuz rocket transporting cargo to the International Space Station has confirmed that the Russian space agency correctly identified the cause of the problem and is taking appropriate steps to resolve it before the rocket’s next launch scheduled for Oct. 30, said William H. Gerstenmaier, associate administrator for NASA’s Human Exploration and Operations Mission Directorate.

The Russian space agency, Roscosmos, determined that the most likely cause of the failure was contamination in the rocket’s fuel lines or stabilizer valve, which caused low fuel supply to the gas generator, Gerstenmaier told lawmakers Oct. 12 during a hearing of the House Science, Space and Technology Committee’s space and aeronautics panel.

See also:
NASA review clears way for manned Soyuz flights
Russian Soyuz Recovery Strategy Endorsed
NASA ‘confident’ Russia’s Soyuz rocket safe
NASA says Soyuz rockets safe for American astronauts
Russian Rocket Failure Shouldn’t Force Space Station Evacuation, NASA Tells Lawmakers
NASA Gives Blessing for Soyuz Rocket, Which is Ready for Takeoff [PHOTOS]
August’s Russian rocket failure is unlikely to force evacuation of the International Space Station
NASA Says Russian Soyuz Flight Risk Low
NASA offers Congress assurances over space station

Hopefully, the Russians have come to the correct conclusion as to what the glitch was on last August’s failed resupply flight and have taken the proper actions to fix the problem.

/although I’d feel a whole lot better if the next Soyuz flight, the first since the August crash, wasn’t manned, just in case the Russians still have it wrong

What Was The [Expletive Deleted] Point?

First they promised to cut $100 billion, then said what they really meant was that they’d hold out indefinitely for $60 billion, then they totally caved in to the Democrats, compromising on $38 billion, and in the end all we got was a lousy $352 million in cuts. What a gyp, shame on the spineless Republicans.

Budget deal: CBO analysis shows initial spending cuts less than expected

A federal budget compromise that was hailed as historic for proposing to cut about $38 billion would reduce federal spending by only $352 million this fiscal year, less than 1 percent of the bill’s advertised amount, according to the Congressional Budget Office.

Although that analysis dampened enthusiasm for the deal among many Republicans on Thursday, the House and the Senate approved the measure with bipartisan support. President Obama is expected to sign the bill Friday, officially ending the prospect of a government shutdown.

The findings from the budget office warned that the deal may never come close to delivering on its promises. The analysis found that $13 billion to $18 billion of the cuts involve money that existed only on paper and was unlikely to ever be tapped.

See also:
U.S. Budget Analysis Shows Smaller Savings
CBO Says Budget Deal Will Cut Spending by Only $352 Million This Year
Forget $38B: Budget only cuts $352 million this year
Deal Approved but Debate Continues Over Actual Extent of Spending Cuts
Budget cuts too small for many conservatives
Spending cuts fall short of $38 billion: CBO
How Washington Turned $38 Billion Into $352 Million
CBO: 2011 Budget Cuts Far Less Than Promised
Editorial: Washington’s $38 Bil In ‘Cuts’ Are Bogus

This is insane, the United States is $14 trillion in debt, the world bond markets could decide to cut up our national credit card at any given moment, the laws of mathematics dictate that the American economy will completely collapse by 2037, and these congressional buffoons spent the entire last month arguing over cutting $352 million?

The 2012 elections can’t come fast enough. We need to start with a new President and Republicans taking control of the Senate and keeping control of the House. It’s apparent that one party rule, with a party that’s serious about restoring fiscal sanity (and that ain’t the Democrats), is going to be required to stop this country from careening off the cliff of financial ruin.

/and, if that doesn’t work, we’ll have to get us some new Republicans starting in 2014

St. Patrick’s Day Mercury

A week from today, the MESSENGER will be checking out the first rock from the Sun. Remember to hoist a green beer or two to NASA.

MESSENGER Spacecraft to Swing Into Orbit Around Mercury

Scientists are excited about solving some of the mysteries surrounding our smallest and hottest planet. The findings are expected to broaden our understanding of rocky planets, more and more of which are being discovered in other solar systems.

At about 8:45 pm Eastern Daylight Time on March 17, the MESSENGER spacecraft will execute a 15-minute maneuver that will place it into orbit around Mercury, making it the first craft ever to do so, and initiating a one-year science campaign to understand the innermost planet.

See also:
At last! Messenger craft poised to orbit Mercury
MESSENGER poised for Mercury orbit insertion
MESSENGER Poised For Mercury Orbit Insertion
NASA’s Messenger Spacecraft Gears Up to Orbit Mercury
Next Week Messenger Probe Will Become First Craft To Orbit Mercury
When Messenger Arrives in Orbit: Q&A With Sean Solomon, NASA’s Mercury Boss
Planet Mercury in the news next week
NASA – MESSENGER – Unlocking the Secrets of Mercury
MESSENGER

I’m sure the scientists will find this interesting although, as far as planets go, Mercury is pretty much worthless. It doesn’t have an atmosphere and it’s way too hot.

/that said, it was launched seven years ago and it’s not costing us much extra at this point, so go MESSENGER, send us back some good data

If It Weren’t For Bad Luck . . .

. . . the HMS Astute wouldn’t have any luck at all. Remember when she ran aground two weeks ago? Well, apparently the grounding wasn’t the worst part of ordeal.

HMS Hapless: submarine in crash No2 with tug

An investigation was already being held into the grounding of HMS Astute on a shingle bank off Skye last month after the £1 billion vessel, whose key attribute is stealth, was turned into a tourist attraction.

Now a new inquiry is underway after it was revealed that having survived the incident relatively unscathed, the submarine was damaged in a collision with the tug boat hired to free it.

The Anglian Prince was contracted by the navy to help pull the sub to safety.

But during the operation the towing rope became caught in the tug’s propeller and pulled the vessels together, damaging the Astute’s starboard foreplane.

A navy spokesman said the sub will be repaired at Faslane and trials will resume in due course.

He added: “The inquiry into the damage sustained by Astute is now complete, although the findings have still to be released to naval officers.”

The Anglian Prince, based in Stornoway, is normally under contract to the Maritime and Coastguard Agency, but the Ministry of Defence took over its operation temporarily to help Astute.

It was undamaged despite the tangle with a nuclear submarine and is back in Stornoway, having since helped a cargo boat which got into difficulty off Rum this week.

See also:
Stricken Sub Astute Damaged By Rescue Tug
U.K.’s Stricken Nuclear Submarine HMS Astute Collided With Rescue Vessel
Revealed: Rescue tug crashed into stranded submarine HMS Astute causing millions of pounds of damage
Tug damaged HMS Astute while freeing it
Astute damaged in tug collision
HMS Astute submarine damaged by towboat
Stranded British submarine damaged in tug collision: navy
Call for debate on scrap-threat coastguard tug
Not So Astute

Thirty year old tugboat 1, brand new, multi-billion dollar nuclear submarine 0, talk about adding insult to injury, what an indignity. The Astute seems to be jinxed.

/maybe they should just scrap the Astute and put the Anglian Prince into active naval service, the tugboat has a better anti-submarine warfare record