Did The Stuxnet Worm Kill India's INSAT-4B Satellite?

[ajtr]

Alert India averted Stuxnet bug threat​

NEW DELHI: Much before the world got busy making guesses about the origins of the deadly Stuxnet internet worm, the Department of Information Technology's Computer Emergency Response Team (CERT-In ) averted a disaster in India's energy sector by detecting the threat as early as July and advising staterun firms on a workaround to prevent attacks on computer systems controlling their operations , called SCADA in industry parlance.

On July 24, CERT-In director general Gulshan Rai wrote to oil ministry director (vigilance) P K Singh and power ministry saying they had detected a malware that was exploiting a recently-disclosed zero-day vulnerability in Microsoft Windows Shell that was improperly handling shortcut files.

Singh warned that Stuxnet was targeting certain components of SCADA systems. The trojan, or a computer mole, installed by the malware detects SIMATIC WinCC and PCS 7 software programmes from Siemens , devised for SCADA systems, and makes queries to any discovered databases by leveraging default passwords.

In other words, the Stuxnet trojan takes over the password used by various components in a computer system for talking to each other. This is different from a user password for logging on. It can, thus, steal vital information from a computer system and change its functioning or even cripple it.

SCADA stands for supervisory control and data acquisition. It generally refers to computer systems that monitor and control industrial processes such as manufacturing, oil production and refining, power generation infrastructure or facility-based processes. Understandably, anyone who controls a malware that is able to bite into the system can play havoc and steal information to use it for programming attacks with more specific targets.

According to Singh, the malware spreads through USB drives and it can also attack via network shares and a set of extensions that allow users to edit and manage files on remote web servers called web-based distributed authoring and versioning (Web-DAV ) in industry parlance.

CERT-In also advised the ministries on workarounds and other counter-measures to mitigate the threat till such time that safe patches, or software upgrades, were available to block the Stuxnet malware completely. It was established in January 2004 with the mandate to respond to computer security incidents. It is now assigned the task of oversight of the Indian cyberspace for enhancing cyber protection.

'Worm not behind Insat-4 B snags'

Isro has ruled out the possibility of the deadly Stuxnet internet worm attacking Insat-4 B satellite on July 7, resulting in 12 of its 24 transponders shutting down. Speaking to TOI Isro officials said that the worm only strikes a satellite's programme logic controller (PLC). '' We can confirm that Insat-4 B doesn't have a PLC. So the chances of the Stuxnet worm attacking it appear remote. In PLC's place, Insat-4 B had its own indigenouslydesigned software which controlled the logic of the spacecraft,'' said a source.

 

[nimo_cn]

China hitting India via Net worm?

Read more: China hitting India via Net worm? - The Times of India China hitting India via Net worm? - The Times of India

What kind of media is ToI?

China is also a big victim of stuxnet.
Does ToI even bother to do some basic research before pulishing this shit?

 

[dove]

There's a very simple solution for any virus threat, STOP USING WINDOWS!!!!!

esp for mission critical stuff.

People think a computer virus is some intelligent biological entity like human virues. These are just some smart programs written by people that uses the vast amount of bugs present in the utter bullshit software called Microsoft Windows.

Using windows is like paying to be infected with AIDS. Once you get it, its open season for all viruses that cannot attack healthy people.

 

[SHASH2K2]

There's a very simple solution for any virus threat, STOP USING WINDOWS!!!!!

esp for mission critical stuff.

People think a computer virus is some intelligent biological entity like human virues. These are just some smart programs written by people that uses the vast amount of bugs present in the utter bullshit software called Microsoft Windows.

Using windows is like paying to be infected with AIDS. Once you get it, its open season for all viruses that cannot attack healthy people.

Its not that other operating systems are secure. Most of home users are using Windows operating system and thus tend to think that only Windows is prone to attack. as of now any system which is online will be prone to attack from tools that can be monitored remotely or guided remotely. If Linux become popular that will also be prone to attack. best option to secure a computer or machine is to make it offline but in today's net centric environments thats very very difficult.

 

[dove]

Its not that other operating systems are secure. Most of home users are using Windows operating system and thus tend to think that only Windows is prone to attack. as of now any system which is online will be prone to attack from tools that can be monitored remotely or guided remotely. If Linux become popular that will also be prone to attack. best option to secure a computer or machine is to make it offline but in today's net centric environments thats very very difficult.

That's an oft repeated assertion but not entirely true. While linux, Mac etc may have vulnerabilities they have some key aspects that make them extremely robust compared to windows.

For a 'virus' to attack Linux, Mac etc one of the users will have to take some explicit action to knowingly download and run programs without checking what they are. None of this 'click on this email and you are dead' stuff is possible. Also, one user's mistakes cannot affect other users due to access permissions implemented at every level. Due to the open code and clean modular architecture, any successful virus infection will be instantly fixed at a fundamental level, thus each 'infection' making the system stronger. In windows, you keep buying anti-virus which tries to clean up the virus code, instead of fixing the OS, because the OS is beyond anyone's ability to fix.

I don't want to get into a windows v/s mac v/s linux war - but I'm willing to put serious money on a wager that no one can infect a linux or mac computer other than serious and explicit user error, and even in such cases the damage will be limited to that one user in that one machine.

Like I said, there is a difference between a healthy human getting a cold sometimes and an AIDS patient.

Wikipedia page on linux viruses is a good read.
http://en.wikipedia.org/wiki/Linux_malware

 

[ajtr]

What kind of media is ToI?

China is also a big victim of stuxnet.
Does ToI even bother to do some basic research before pulishing this shit?

Times of India is --TOIlet paper.

 

[SHASH2K2]

but I'm willing to put serious money on a wager that no one can infect a linux or mac computer other than serious and explicit user error, and even in such cases the damage will be limited to that one user in that one machine.

You will definitely loose money . There are various means to infect or hack mac as well as Linux(susie , fedora or ubuntu) machines. People are not targetting as they are not in very widely use. What if you visit a site from MAC and it prompt to install a pluggin or addon pack? you cannot check whats running in background. I am saying this because i have hands on experience on almost all operating systems available for a general user .

For a moment lets assume that OS is very secure and cannot be breached. what about data transmission that takes place within the network or over the Internet. Packets can be easily sniffed and tracked. Now a days even most secured server are also accessed remotely , what is the guaranty that data transmitted over the internet or dedicated line cannot be hacked ?
Bottomline is that it doesnt matter if a person has AIDS or COLD he can be killed anytime of someone wants to .

 

[dove]

Boss, you are actually admitting that Linux/Mac systems have not faced virus issues like windows, but then guessing that could be because they are not as popular. But the fact that can be observed is that there have not been any harmful virus attacks on mac/linux, and very rarely worm attacks in which case the loopholes were quickly fixed in the OS itself with patching.

IN reality there is a large installation of linux and other unix variants running mission critical software, including mail/web servers, firewalls etc. One would think this presents a tempting target. However, successful virus attacks on such installations have been pretty much non-existant. I'm excluding DoS attacks which is a network based brute force method and not a vulnerability of the OS as such.

Most windows viruses are not spread by people knowingly installing plugins or programs, but either by downloading innocent looking documents, which are then mailed out to others automatically or through windows network sharing and network layer loopholes - such as backorifice. How would a downloaded plugin or program, then spread to another computer within an office in case of a linux/mac setup ? Will it put up its own website and then somehow tempt others to browse that site ?

There is a difference between being hacked and getting infected by a virus. Hacking is getting access to one computer by a hacker manually doing the break-in. Linux, mac etc can be hacked - little more difficult than windows in general, but they can be. However, a virus is by definition a malicious computer program that spreads on its own from computer to computer and causes widespread destruction or harm.

That is almost impossible to do on linux and mac. Even if one ever pops its head (as some 'worms' have in the past) the vulnerability is instantly closed at OS level. Not by making people buy the amazing con called anti-virus software.

I have in depth knowledge of all three, linux and mac at kernel level and also running secure systems with triple layer defenses. I have also written in the old times some stack overflow TCP/IP exploits for berkeley unix - before the loopholes were plugged. So I do have some idea of what I'm talking about.

Anyway, I have again included the link to the wiki page which is actually a good description of linux w.r.t malicious programs. Linux malware - Wikipedia, the free encyclopedia

No more arguing on this matter, but to any reader its my advice that except in situations where you absolutely have to use MS Office, avoid windows to avoid viruses. Its worked very well for me for many many years in my own company.

If you believe its OK to continue to use windows, knowing there is a huge virus threat, with the belief that linux, mac etc are also equally unsafe even though till now they have been far more secure in actual usage, well its your funeral.

As they say - what goes my father's ?

 

[Rebelkid]

What kind of media is ToI?

China is also a big victim of stuxnet.
Does ToI even bother to do some basic research before pulishing this shit?

TOI is indian version of rupee news, but thats my view

 

[peacecracker]

I always Hear from Microsoft Networking Experts that GNU/Linux and other Unixens are Weak and are as Vulnerable as a windows machine and GNU/Linux and other NIX are saved from viruses,trojens are just because they are not popular en masse.
This Link Will Serve :
But That's Just My Opinion. I Could Be Wrong.
__
INDIA Need not develop a New Operating System and I've Serious Doubt that Such a Big Project can be Made Possible Within Short Time.Basically, DRDO May Fork the GNU Utils,Linux Kernel or Even BSD Kernel to Start off.Compile for Custom Systems and Develop a New Private Custom OS for Defense.
India may be a Software Exporter;A Power in Software Expertise;Hardware Development and Expertise- India is Yet to Reach that.Cheena is the World's Manufacturer for Most Hardware Corporates as well as Cheaper Hardware too.I was Reading about "Manchurian" Chip Which China can Use to Spy Other Countries,Even Home Users..Ofcourse it's Way too Much to Imagine..Still