On 9/17/19 5:00 AM, Thiago Macieira wrote:
It's believed the Stuxnet attack
against Iran's nuclear energy labs was started by dropping USB flash drives in
the parking lot.
While there are hacker groups who operate that way, I'm not buying the
story. Mainly I don't buy it because the "security videos" or whatever
they were called put out as part of the propaganda for the facility
showed everyone wearing the white bunny suits. Getting a flash drive
through the airgap inspection barrier would require someone to palm it
rather skillfully (assuming those really are the one piece bunny suits
without pockets.)
https://www.wsj.com/video/opinion-iran-uranium-enrichment-is-a-step-towards-nuclear-weapons/9D7ACDE8-7AAA-4DA9-A8A2-E3C5177DCD7F.html
A much more plausible story was put out by a retired U-2 pilot in "A
Dangerous Element."
https://www.barnesandnoble.com/w/a-dangerous-element-gregory-s-lamb/1117800520
It was an "activity tracker" watch. Been a while since I read the book,
but I believe the story relied on bluetooth security (non-existent in
early bluetooth products) ala "Person of Interest" phone cloning.
https://en.wikipedia.org/wiki/Activity_tracker
https://www.imdb.com/title/tt1839578/?ref_=nv_sr_1?ref_=nv_sr_1
The book is a good read and activity trackers fit the time frame too.
The long sleeved bunny suit would have easily covered up a watch if
security was even considering a watch a threat back then. The story,
according to the book, about how it "got out" was that he kept the watch
on all of the time even when using his home computer.
I know Wikipedia is pushing the flash drive story but the story in that
book is much more believable.
Adding insult to injury is a medical device manufacturer I've dealt with
has for _years_ had computers which not only shut down if a flash drive
is plugged in, they will not reboot. You have to take them into
security, undergo and interrogation and most likely be escorted from the
property. The last time I talked with them I was told they wanted me to
replace someone who had just discovered that particular mystery of life.
That place makes infusion pumps for cancer patients. They don't refine
radioactive material or do anything clandestine. They all looked like
ordinary Dell laptops to me.
Personally I just find it incredible that a facility engaged in
enrichment would allow USB ports to be both exposed and unsecured.
--
Roland Hughes, President
Logikal Solutions
(630)-205-1593
http://www.theminimumyouneedtoknow.com
http://www.infiniteexposure.net
http://www.johnsmith-book.com
http://www.logikalblog.com
http://www.interestingauthors.com/blog
_______________________________________________
Interest mailing list
Interest@qt-project.org
https://lists.qt-project.org/listinfo/interest
