Beyond Stuxnet

Looks like someone, and I’m guessing it’s not the Anonymous script kiddies, is getting ready to open a serious can of cyberwarfare whoop ass on someone.

W32.Duqu: The Precursor to the Next Stuxnet

On October 14, 2011, a research lab with strong international connections alerted us to a sample that appeared to be very similar to Stuxnet. They named the threat “Duqu” [dyü-kyü] because it creates files with the file name prefix “~DQ”. The research lab provided us with samples recovered from computer systems located in Europe, as well as a detailed report with their initial findings, including analysis comparing the threat to Stuxnet, which we were able to confirm. Parts of Duqu are nearly identical to Stuxnet, but with a completely different purpose.

Duqu is essentially the precursor to a future Stuxnet-like attack. The threat was written by the same authors (or those that have access to the Stuxnet source code) and appears to have been created since the last Stuxnet file was recovered. Duqu’s purpose is to gather intelligence data and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party. The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility.

Duqu does not contain any code related to industrial control systems and is primarily a remote access Trojan (RAT). The threat does not self-replicate. Our telemetry shows the threat was highly targeted toward a limited number of organizations for their specific assets. However, it’s possible that other attacks are being conducted against other organizations in a similar manner with currently undetected variants.

See also:
Son of Stuxnet Found in the Wild on Systems in Europe
Duqu May Have Targeted Certificate Authorities for Encryption Keys
Stuxnet Clone ‘Duqu’: The Hydrogen Bomb of Cyberwarfare?
“Son of Stuxnet” Virus Uncovered
New virus a cyber ‘attack in the making’
Cyberattack forecast after spy virus found
Stuxnet successor on the loose?
Brace for “son of Stuxnet” — Duqu spies on SCADA
Duqu: Son of Stuxnet?
Symantec, McAfee differ on Duqu threat
Who’s behind worm Duqu, ‘son of Stuxnet’?
Stuxnet-based cyber espionage virus targets European firms
Key European Nuclear Firms Attacked By Variation On Stuxnet Virus

A couple of conclusions come to mind. First, the fact that Duqu is based on Stuxnet and the Stuxnet source code has never been released makes it a sure bet that the authors are one in the same, namely Israel and/or the United States, Second, the fact that Duqu is clandestinely collecting information from European manufacturers of industrial control system software, specifically software that controls nuclear facilities, strongly suggests that the eventual primary target of the apparent pending cyberattack will, once again, be Iran’s nuclear program.

/in other words, Duqu is setting up a cyberassault that will hopefully finish, once and for all, the job that Stuxnet so effectively started, halting Iran’s quest for a nuclear weapon in its tracks without having to bomb the [expletive deleted] out of their nuclear facilities

Advertisements

Another Muslim Traitor In The Ranks Unmasked

He took the oath to defend the United States, but his murderous, Muslim heart belongs to Allah . . . and child pornography.

Soldier suspected of planning Ft. Hood attack

A possible terrorist plot against military personnel at Ft. Hood in Texas was disrupted with the arrest of an Army private who had purchased ammunition and bomb-making materials in preparation for such an attack, law enforcement officials said Thursday.

Pfc. Naser Jason Abdo, a 21-year-old Texas native who had successfully argued that he was a conscientious objector whose Muslim faith would not allow him to deploy to Afghanistan, was arrested at a motel Wednesday by Killeen, Texas, police after his purchase of gunpowder at a local gun store aroused employees’ suspicion. Abdo, who had been charged this year with possession of child pornography, had been absent without leave since early July.

Authorities suspect that Abdo, who was assigned to the 101st Airborne Division at Ft. Campbell in Kentucky, was planning to construct bombs and detonate them at a restaurant popular with Ft. Hood personnel, according to a U.S. official who has been briefed on the case. Abdo intended to gun down survivors after the bombs went off, said the official, who asked not to be named because he is not in law enforcement.

See also:
AWOL soldier suspected in Killeen bomb plot
Army: AWOL soldier admits to Fort Hood attack plan
AWOL soldier accused of plotting Fort Hood attack
AWOL soldier admits to planning attack on Texas post
Official: Soldier said he wanted to attack Fort Hood troops
Store owner’s tip led to capture of suspect in alleged Fort Hood attack plot
Did an alert retired cop just thwart another Fort Hood massacre?
Officials: Soldier admits planning attack outside Ford Hood
AWOL soldier reportedly in possession of bomb-making materials
Federal bomb-making charges pending against AWOL soldier
Soldier Admits to Ft. Hood Attack Plot
Fort Hood Suspect May be a Violent Muslim Conscientious Objector Pedophile

How many more of these stealth jihadis is it going to take before the government realizes that devout Muslims, whose sole allegiance is to Islam, and the U.s. military don’t mix?

/these jihadis in the military have already killed dozens of their unsuspecting, defenseless, infidel fellow soldiers, only a tip from an alert citizen may have saved the death toll from rising even higher

Meanwhile, Back At The Nuclear Clown Rodeo

The IAEA sends Iran a strongly worded letter and, predictably, like clockwork, Iran tells the IAEA to shove their letter up their collective ass.

Iran to move its most sensitive nuclear equipment to bunker

Iran is moving production of higher enriched uranium to a mountain bunker where it aims to triple output by using more advanced centrifuges, state television reported Wednesday.

Iran says the announcement is a response to a letter by Yukiya Amano, the director-general of the International Atomic Energy Agency on Friday, which reiterated “concerns about the possible military dimensions” of the Islamic Republic’s nuclear energy program.

“Our answer is increased work in the sphere of nuclear technology and know-how,” Iran’s nuclear chief Fereydoon Abbasi-Davani told reporters after a cabinet meeting.

See also:
Iran to Triple Higher-Enriched Uranium Production
Iran To Enrich Triple Uranium Enrichment Capacity
Defiant Iran plans big rise in nuclear enrichment
IAEA should end political disputes over Iran’s nuclear program: Soltanieh
Iran Said to Plan Nuclear Fuel Production Increase
Iran’s Nuclear Program, Charging Ahead
Goodspeed: Iran may be two months from bomb, two new studies say
RAND: Deterring Iran unlikely, but opportunities exist
France labels Iran’s further uranium enrichment “provocation”
Iran Swiftly Dismissed Amano’s Latest Whistle Blowing Report
Iran urges IAEA to meet commitments

Okay, we’ve waited and waited and waited and done nothing concrete or effective to stop Iran’s nuclear program and now it’s too late. At this point, not even military action can likely stop Iran from developing nuclear weapons.

/Obama was too busy golfing and couldn’t be reached for comment