Nagoya、Kobe、Himeji、Gifu、Awaji yumebutai

2012年6月3日 星期日

電腦蠕蟲「Stuxnet」

中國時報【潘勛/綜合報導】

美國前任及現任官員一日承認,二○一○年十一月讓伊朗將近一千部濃縮鈾核子離心機癱瘓的電腦蠕蟲「Stuxnet」,的確是美國及以色列專家所設計,且經歐巴馬總統祕密下令動用,目的是拖延伊朗研發核子武器的進程。

防毒軟體專家前年不經意發現該病毒,並取名為Stuxnet,對其始作俑者爭辯頗多,但大多數認定可能是美國及以色列合作的成果。《紐約時報》一日報導,要求匿名的美國前任、現任官員終於證實,Stuxnet確係美、以兩國專家研發的網路武器;自小布希政府 便開始研發,其機密代號為「奧運遊戲」(Olympic Games)。

該病毒係美國「國家安全局」(NSA)在以色列襄助下研發而成,目的是要逐步破壞伊朗的核子能力,同時在伊朗科學家當中散布疑惑,讓他們搞不懂核電廠出錯的原因。

在防毒軟體公司發現Stuxnet之後,歐巴馬總統仍祕密下令繼續散播Stuxnet,同時授權動用好幾種Stuxnet病毒的變種。整體而言,Stuxnet病毒共摧毀伊朗六千部濃縮鈾核子離心機中的將近一千部。
http://n.yam.com/chinatimes/international/201206/20120603089781.html

な~にがオリンピック作戦だ!
オバマはサイバー戦争の怖さがわかってないんだよ!
...と、さっそくセキュリティの専門家からは非難轟々です。

オバマが大統領就任1ヶ月目からイラン核濃縮施設のシステムにサイバー攻撃を仕掛けるよう極秘に命じていたことがニューヨークタイムズの調べで分かりました。

2010年6月にベラルーシのセキュリティ会社「ウィルスブロッカーダ(VirusBlokAda)」が初報告し、あまりの高度さに宇宙起源とまで囁かれたStuxnetウイルスもやはりUS(+イスラエル)起源。政府高官が認めたので、これで確定です。

ということは2011年9月に発見されたStuxnetの進化形のトロイの木馬「Duqu」も、2012年4月に原油輸出機能をマヒさせたウイルスも、もしかして元を質せばオバマ...ということになりますかね...恐るべしオバマ。

でもまさか2010年夏にStuxnetが野に放たれようとは、オバマも思ってなかったようですよ?
http://www.gizmodo.jp/2012/06/stuxnet_2.html

Obama Order Sped Up Wave of Cyberattacks Against Iran

WASHINGTON — From his first months in office, President Obama secretly ordered increasingly sophisticated attacks on the computer systems that run Iran’s main nuclear enrichment facilities, significantly expanding America’s first sustained use of cyberweapons, according to participants in the program.

Mr. Obama decided to accelerate the attacks — begun in the Bush administration and code-named Olympic Games — even after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran’s Natanz plant and sent it around the world on the Internet. Computer security experts who began studying the worm, which had been developed by the United States and Israel, gave it a name: Stuxnet.

At a tense meeting in the White House Situation Room within days of the worm’s “escape,” Mr. Obama, Vice President Joseph R. Biden Jr. and the director of the Central Intelligence Agency at the time, Leon E. Panetta, considered whether America’s most ambitious attempt to slow the progress of Iran’s nuclear efforts had been fatally compromised.

“Should we shut this thing down?” Mr. Obama asked, according to members of the president’s national security team who were in the room.

Told it was unclear how much the Iranians knew about the code, and offered evidence that it was still causing havoc, Mr. Obama decided that the cyberattacks should proceed. In the following weeks, the Natanz plant was hit by a newer version of the computer worm, and then another after that. The last of that series of attacks, a few weeks after Stuxnet was detected around the world, temporarily took out nearly 1,000 of the 5,000 centrifuges Iran had spinning at the time to purify uranium.

This account of the American and Israeli effort to undermine the Iranian nuclear program is based on interviews over the past 18 months with current and former American, European and Israeli officials involved in the program, as well as a range of outside experts. None would allow their names to be used because the effort remains highly classified, and parts of it continue to this day.

These officials gave differing assessments of how successful the sabotage program was in slowing Iran’s progress toward developing the ability to build nuclear weapons. Internal Obama administration estimates say the effort was set back by 18 months to two years, but some experts inside and outside the government are more skeptical, noting that Iran’s enrichment levels have steadily recovered, giving the country enough fuel today for five or more weapons, with additional enrichment.

Whether Iran is still trying to design and build a weapon is in dispute. The most recent United States intelligence estimate concludes that Iran suspended major parts of its weaponization effort after 2003, though there is evidence that some remnants of it continue.

Iran initially denied that its enrichment facilities had been hit by Stuxnet, then said it had found the worm and contained it. Last year, the nation announced that it had begun its own military cyberunit, and Brig. Gen. Gholamreza Jalali, the head of Iran’s Passive Defense Organization, said that the Iranian military was prepared “to fight our enemies” in “cyberspace and Internet warfare.” But there has been scant evidence that it has begun to strike back.

The United States government only recently acknowledged developing cyberweapons, and it has never admitted using them. There have been reports of one-time attacks against personal computers used by members of Al Qaeda, and of contemplated attacks against the computers that run air defense systems, including during the NATO-led air attack on Libya last year. But Olympic Games was of an entirely different type and sophistication.

It appears to be the first time the United States has repeatedly used cyberweapons to cripple another country’s infrastructure, achieving, with computer code, what until then could be accomplished only by bombing a country or sending in agents to plant explosives. The code itself is 50 times as big as the typical computer worm, Carey Nachenberg, a vice president of Symantec, one of the many groups that have dissected the code, said at a symposium at Stanford University in April. Those forensic investigations into the inner workings of the code, while picking apart how it worked, came to no conclusions about who was responsible.

A similar process is now under way to figure out the origins of another cyberweapon called Flame that was recently discovered to have attacked the computers of Iranian officials, sweeping up information from those machines. But the computer code appears to be at least five years old, and American officials say that it was not part of Olympic Games. They have declined to say whether the United States was responsible for the Flame attack.

http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html

沒有留言:

##HIDEME##