Beyond Stuxnet

Looks like someone, and I’m guessing it’s not the Anonymous script kiddies, is getting ready to open a serious can of cyberwarfare whoop ass on someone.

W32.Duqu: The Precursor to the Next Stuxnet

On October 14, 2011, a research lab with strong international connections alerted us to a sample that appeared to be very similar to Stuxnet. They named the threat “Duqu” [dyü-kyü] because it creates files with the file name prefix “~DQ”. The research lab provided us with samples recovered from computer systems located in Europe, as well as a detailed report with their initial findings, including analysis comparing the threat to Stuxnet, which we were able to confirm. Parts of Duqu are nearly identical to Stuxnet, but with a completely different purpose.

Duqu is essentially the precursor to a future Stuxnet-like attack. The threat was written by the same authors (or those that have access to the Stuxnet source code) and appears to have been created since the last Stuxnet file was recovered. Duqu’s purpose is to gather intelligence data and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party. The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility.

Duqu does not contain any code related to industrial control systems and is primarily a remote access Trojan (RAT). The threat does not self-replicate. Our telemetry shows the threat was highly targeted toward a limited number of organizations for their specific assets. However, it’s possible that other attacks are being conducted against other organizations in a similar manner with currently undetected variants.

See also:
Son of Stuxnet Found in the Wild on Systems in Europe
Duqu May Have Targeted Certificate Authorities for Encryption Keys
Stuxnet Clone ‘Duqu’: The Hydrogen Bomb of Cyberwarfare?
“Son of Stuxnet” Virus Uncovered
New virus a cyber ‘attack in the making’
Cyberattack forecast after spy virus found
Stuxnet successor on the loose?
Brace for “son of Stuxnet” — Duqu spies on SCADA
Duqu: Son of Stuxnet?
Symantec, McAfee differ on Duqu threat
Who’s behind worm Duqu, ‘son of Stuxnet’?
Stuxnet-based cyber espionage virus targets European firms
Key European Nuclear Firms Attacked By Variation On Stuxnet Virus

A couple of conclusions come to mind. First, the fact that Duqu is based on Stuxnet and the Stuxnet source code has never been released makes it a sure bet that the authors are one in the same, namely Israel and/or the United States, Second, the fact that Duqu is clandestinely collecting information from European manufacturers of industrial control system software, specifically software that controls nuclear facilities, strongly suggests that the eventual primary target of the apparent pending cyberattack will, once again, be Iran’s nuclear program.

/in other words, Duqu is setting up a cyberassault that will hopefully finish, once and for all, the job that Stuxnet so effectively started, halting Iran’s quest for a nuclear weapon in its tracks without having to bomb the [expletive deleted] out of their nuclear facilities

Advertisements

Partly Cloudy With A Chance Of Falling Satellites

Here we go again, this time it’s the German’s turn to randomly drop [expletive deleted] from orbit.

Falling German Satellite Poses 1-in-2,000 Risk of Striking Someone This Month

A big German satellite near the end of life is expected to plunge back to Earth this month, just weeks after a NASA satellite fell from orbit, and where this latest piece of space junk will hit is a mystery.

The 2.4-ton spacecraft, Germany’s Roentgen Satellite (ROSAT), is expected to fall Oct. 22 or 23.

The satellite will break up into fragments, some of which will disintegrate due to intense re-entry heat. But studies predict that about 1.6 tons of satellite leftovers could reach the Earth’s surface. That’s nearly half ROSAT’s entire mass.

There is a 1-in-2,000 chance that debris from the satellite could hit someone on Earth, though the likelihood of an injury is extremely remote, German space officials say. For German citizens, the risk of being struck is much lower, about 1 in 700,000.

All areas under the orbit of ROSAT, which extends to 53 degrees northern and southern latitude, could be in the strike zone of the satellite’s re-entry.

See also:
Falling ROSAT satellite to make reentry between Oct. 21 – 25
German satellite to plunge back to Earth
Huge German Space Junk Satellite To Fall To Earth Sooner Than Expected
Dead German satellite to fall on earth
Massive German satellite will fall to Earth this week
Duck and cover: ROSAT is the next re-entry
Reminder: ROSAT’s coming down soon
ROSAT expected to fall to Earth sometime this week, scientists say
German satellite set to fall to Earth
Not NASA but German Satellite will fall to Earth this weekend
Last chance to see doomed German satellite in night sky
Falling German Satellite Has a 1-in-2,000 Chance of Hitting Somebody
Track Germany’s Falling, 2.4-Ton Satellite in Real-Time
The ROSAT Mission
ROSAT

You’d think that by now, we’d have the technology to orbit powered drones with robotic arms that could guide these massive dead satellites into a controlled deorbit.

/joking about a 1 in 2000 chance of getting hit by tons of space junk moving at terminal velocity is all fun and games until someone actually gets hurt

Look Out Below!

As they say, what goes up, must come down. Round and round she goes, where she’ll hit, nobody knows.

Huge Defunct Satellite Falling to Earth Faster Than Expected, NASA Says

NASA space junk experts have refined the forecast for the anticipated death plunge of a giant satellite, with the U.S. space agency now predicting the 6 1/2-ton climate probe will plummet to Earth around Sept. 23, a day earlier than previously reported.

The defunct bus-size spacecraft is NASA’s Upper Atmospheric Research Satellite (UARS), which launched in 1991 and was shut down in 2005 after completing its mission. The satellite was expected to fall to Earth sometime this year, with experts initially pegging a weeks-long window between late September and early October, then narrowing it to the last week of this month.

. . .

NASA expects at least 26 large pieces of the massive satellite to survive the scorching temperatures of re-entry and reach Earth’s surface. Titanium pieces and onboard tanks could be among that debris, but the UARS satellite carries no toxic propellant (NASA used up all the fuel in 2005).

The debris is expected to fall over a swath of Earth about 500 miles (804 kilometers) long, NASA officials said.

There is a 1-in-3,200 chance of satellite debris hitting a person on the ground, odds that NASA says are extremely remote. Outside experts agree.

See also:
Dead NASA Satellite Falling From Space, But When & Where?
Space Satellite UARS Adrift and Heading for Earth
Nasa warns of fresh risk from £468m satellite falling from space
NASA Not Sure When, Where Falling Satellite Will Hit Earth
NASA Satellite Falling to Earth: Will You Be Hit?
Nasa satellite UARS nearing Earth ‘could land anywhere’
NASA is Deorbiting a Satellite, but They Don’t Know Exactly Where or When It’s Coming Down
The Sky is Falling As UARS Drops In
Keep Sept. 23 open: A satellite is heading our way
Six-ton NASA satellite to collide with Earth
NASA UARS satellite expected to crash to Earth

A 1 in 3,200 chance of a piece of debris hitting someone on the ground is extremely remote? Um, no, the chances of getting hit by lightening or winning the lottery are remote. 1 in 3,200 is like hey, don’t forget to duck.

/we have much larger satellites on orbit, let’s hope we never lose positive control of any of them, say as the result of a Chinese attack