Duqu Shoots, It Scores!

Duqu goes in where Stuxnet has been . . .

Iran claims defence computer systems hit by another ‘supervirus’

Anti-virus experts last month identified a virus called “Duqu” that they said shared properties with the now famous “Stuxnet” worm, which spread across the world but is thought to have been successfully targeted at the nuclear programme’s centrifuges, the devices that enrich uranium to create nuclear fuel.

It was not clear on Monday from the Iranian statement whether Duqu had also struck nuclear facilities, but it was the first admission of damage.

“We are in the initial phase of fighting the Duqu virus,” Gholamreza Jalali, the head of Iran’s civil defence programme, said. “The final report which says which organisations the virus has spread to and what its impacts are has not been completed yet.

See also:
Iran Working to Control Duqu Virus Attack
Iran detects Duqu virus in system
Duqu Virus Detected in Iran
Iran says has detected Duqu computer virus
Iran finds Duqu-infected systems
Duqu infiltrates Iranian networks
Iran admits Duqu attack; denies report its nukes are for war, not power
Iran detects Duqu infections
Iran wrestles Duqu malware infestation
Security researcher says Iran to blame for its own Duqu infections
Iran claims Duqu virus aimed at sabotaging its nuclear sites
‘Duqu virus aiming at Iran’s nuclear sites’
Iranians say nuke project hit by new computer virus
Iran produces antivirus software against new worm
Iran Develops Software to Thwart Duqu Virus Attack
‘Iran can thwart Duqu spyware’
Iran says Duqu malware under ‘control’
Iran says it has ‘controlled’ Duqu malware attack
Beyond Stuxnet

Duqu is the, arguably more sophisticated, follow on to Stuxnet, which took control of Iranian uranium enrichment centrifuges and spun them at speeds well beyond their design capability until they failed. Stuxnet was an offensive weapon. Unlike Stuxnet, Duqu is, at least so far, strictly a reconnaissance tool, gathering and reporting back information on systems related to Iran’s nuclear program, preparing the battlespace as a prelude to a future attack if you will. Whether the next attack will be another
Stuxnet like cyberstrike or physically digging in the Iranian dirt is a layman’s guess. One thing’s for sure, the next attack on Iran’s nuclear program is coming and Iran won’t be able to stop it.

Iran claims to have thwarted Duqu but, then again, they said the same thing about Stuxnet and Stuxnet blew out their centrifuges. Anyway, if Iran is just now admitting that they’ve been infected by Duqu, Duqu may have already accomplished its reconnaissance mission and gone dormant. Whatever information Iran releases publicly is pretty much a lie, propaganda, you can safely assume that whenever they acknowledge their nuclear program has been compromised, the damage is much worse than they’re letting on.

And remember, whether it’s another cyberattack or airstrikes against Iranian nuclear facilities, all it does is buy us time. Stuxnet set the Iranians back, but it didn’t deter them. Destroying some of their nuclear facilities won’t deter them either, in fact, it’ll probably make them even more defiant. The only endgame that will bring closure is regime change. And think about it, if we do that, we’ve just resolved 70+% of the world’s instability problems.

/my vote is for a comprehensive, all hands on deck, leave no stone unturned, decapitation campaign, Mullahs and the Republican Guard gots to live and work somewhere and I bet we have the GPS coordinates

Don’t Get Caught In The Crossfire

The Duqu virus is squarely aimed at Iran’s nuclear program. Unless you’re connected with Iran’s nuclear program, your chances of being directly targeted are extremely low. However, Microsoft was freaked out enough to issue a security bulletin for Windows users. So, better safe than sorry, protect yourself against the possibility of becoming collateral damage in an epic, upcoming attack.

Microsoft issues Duqu virus workaround for Windows

Microsoft has issued a temporary fix to the pernicious Duqu virus — also known as “Son of Stuxnet” — which could affect users of Windows XP, Vista, Windows 7 as well as Windows Server 2008.

The company promised the security update earlier this week as it races to deal with the virus, which targets victims via email with a Microsoft Word attachment. The virus is not in the email, but in the attachment itself. A Symantec researcher said if a user opens the Word document, the attacker could take control of the PC, and nose around in an organization’s network to look for data, and the virus could propagate itself.

See also:
Microsoft Security Advisory (2639658)
Microsoft software bug linked to ‘Duqu’ virus
Microsoft Provides Workaround Patch for Duqu Malware
Microsoft announces workaround for the Duqu exploit
Microsoft Issues Temporary Duqu Workaround, Plans 4 Patch Tuesday Fixes
Six Ways to Protect Yourself from Duqu
Microsoft Airs Temporary Fix to Defeat Duqu Worm
Microsoft Releases Temporary Plug For Duqu
Duqu exploits same Windows font engine patched last month, Microsoft confirms
5 Things To Do To Defend Against Duqu
Microsoft issues temporary ‘fix-it’ for Duqu zero-day
Patch Tuesday: Fix for ‘Duqu’ zero-day not likely this month

Is it just me or doesn’t it seem a bit more than odd that Microsoft, a company with close ties to and a past history of working with U.S. intelligence agencies, would publicly issue a workaround to defend against a specific piece of malware that, by many accounts, is being actively and currently used by U.S. intelligence agencies to set up and facilitate an upcoming attack, in cyberspace or otherwise, against Iran’s nuclear program? I mean, it’s not like the Iranians can’t read English, why help them defend against Duqu? Hmmm, something’s not quite right here.

/whatever’s going on, and something is going on, it’s way above my pay grade, but when the endgame comes, don’t forget to duck

Enriching Uranium Can Be Hazardous To Your Health

Someone’s sending a pretty clear message. Do you want to work on Iran’s nuclear program or do you want to live?

Analysts believe Iran scientist death was a foreign hit

Western security agencies were most likely behind the killing of an Iranian scientist in an operation that underlines the myriad complications in the conflict over Iran’s nuclear program, analysts say.

Darioush Rezaie, 35, a university lecturer, was shot dead by gunmen in eastern Tehran Saturday, the third murder of a scientist since 2009. One was killed in a car bomb, the second by a device detonated remotely.

See also:
Third Iranian nuclear scientist shot dead
Western intelligence killed Iran scientist: Analysts
Iranian Nuclear Scientist ‘Assassinated’
Iranian nuclear scientist killed
Iran blamed US, Israel for killing of scientist
Iran accuses U.S., Israel of being involved in assassinating academic
US rejects Iran accusations in scientist’s death
US denies killing scientist, presses Iran
‘West’s involvement in hit on scientist uncertain’
Report: Iran denies Darioush Rezaie was a nuclear scientist

Granted, killing Iran’s nuclear scientists isn’t the most effective or efficient way to stop Iran from developing nuclear weapons but, then again, it may be one of the only viable options left to the West at this point. That is, if Western intelligence agencies were responsible for the assassinations, which they deny.

/in any case, at least someone is doing something to try and hamstring Iran’s nefarious nuclear ambitions

How Are Those Sanctions Working Out?

Apparently, the West’s sanctions regime doesn’t seem to be slowing down North Korea’s nuclear program.

Why We’re Always Fooled by North Korea

According to Siegfried Hecker, the former director of the Los Alamos National Laboratory, North Korea is working on two new nuclear facilities, a light water power reactor in early stages of construction, and a “modern, clean centrifuge plant” for uranium enrichment. Mr. Hecker visited the facility over the weekend and says it appears nearly complete.

The centrifuge plant is particularly significant because it could produce more than enough highly enriched uranium to make a nuclear weapon every year—and it may not be the North’s only such facility. North Korea’s artillery bombardment of the South Korean island of Yeonpyeong on Tuesday makes it doubly clear that Pyongyang intends to leverage its new nuclear breakthrough for maximum concessions from the international community.

This nuclear revelation is not an intelligence failure. Over the past decade, intelligence analysts have consistently predicted North Korea’s path to nuclear weapons and noted the increasing evidence of its missile and nuclear proliferation. The failure has been that of policy makers and pundits who denigrated the analysis, ignored it, or clung to the fallacy that North Korea would abide by a denuclearization deal.

See also:
A Return Trip to North Korea’s Yongbyon Nuclear Complex
North Korean Uranium Plant Stokes Proliferation Worries
North Korea’s ‘Stunning’ Secret Nuclear Plant
Uranium Enrichment ‘Long Suspected’
N.Korea’s Uranium Enrichment Facility ‘a Ploy’
Pyongyang’s New Nuclear Facility Tests World Resolve
U.S. Calls North Korea’s Nuclear Revelation a ‘Publicity Stunt’
N. Korea uranium claim condemned
North Korean uranium enrichment no surprise (Rep. Pete Hoekstra)
U.S. scientist amazed by N. Korean nuclear facility
North Korea unveils sophisticated facility for enriching uranium

So, how are we responding to North Korea’s latest nuclear revelation? We’re not responding at all, as far as I can tell, not even a strongly worded letter.

/I guess we’re just going to let North Korea assemble all the nuclear weapons they want and hope they never use or sell them. not a particularly good strategy in my opinion