New York Times on Stuxnet

[Richard Clayton]

In article <20110117141350.GK82611 at nerds.org.uk>, Lee Brotherston
<lee at nerds.org.uk> writes

>Previously, when the originator of Stuxnet was assumed by many to be
>Israel.  

The Times blithely repeats the "myrtus" story (which links the malware
tangentially to the Book of Esther) rather than seeing it as "my RTU s"
(where RTUs are components of a SCADA system).

Also it is perhaps noteworthy that the stories today are almost entirely
concentrating on the payload (the code that messed with the industrial
control systems) rather than the distribution system -- which could have
come from an entirely different source (either written to order, or
indeed provided as COTS!)

>The certificates stolen from Realtek and JMicron used to sign
>rootkits have been linked together by the presence of both companies
>at Hsinchu Science Park in Taiwan.  Presumably inferring that either
>physical security head been breeched or that some sort of
>bribery/infiltration had taken place in those buildings.  

The off-the-record (sorry) information I have is that there wasn't all
that much physical security to breach, along with a very wide choice
indeed as to who to bribe.  viz: these certificates were apparently not
being treated with the respect they deserved :(

-- 
richard                     richard.clayton  @  h i g h w a y m a n . com

"Assembly of Japanese bicycle require great peace of mind" quoted in ZAMM
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 185 bytes
Desc: not available
URL: <http://www.chiark.greenend.org.uk/pipermail/ukcrypto/attachments/20110117/c10aef5a/attachment.pgp>