Year-end roundup

After the significant discoveries of the last days, let’s end the year with an up-to-date bottom line. 1. It is beyond reasonable doubt that Stuxnet was developed to delay the Iranian uranium enrichment program by physically damaging centrifuges. 2. The attack was not...
Stuxnet attack cluster configuration

Stuxnet attack cluster configuration

We do now have a good idea of how the different attack routines (315 & 417) fit together. In a nutshell, Stuxnet attacks its target (uranium enrichment centrifuges) from two vectors. It’s like an assassination with two shooters from different angles for a...
417 data structures = cascade structure = reported damage

417 data structures = cascade structure = reported damage

Here’s a closer look at the 417 data structures. If you follow this blog closely, you will remember that we posted details on the man in the middle on Nov 24. Go back to that post and have another look at FC 6069. FC 6069 stores 984 inputs in an array in DB...

Breaking news: 417 = centrifuge safety system

On Nov 13, we published that there are two potential targets for the 417 attack: A high level controller for the uranium enrichment centrifuges, or the steam turbine controller for Bushehr. When I was reading through ISIS‘ report on the centrifuges for the third or...

The short path from cyber missiles to dirty digital bombs

More and more details of the Stuxnet malware and its purpose become clear. Stuxnet appears to be the first real cyber warfare attack in history, with “real” meaning that the virus caused physical destruction of heavily fortified military targets, some of them buried...