Stuxnet

Stuxnet
Vol: 108 Issue: 27 Monday, September 27, 2010

In July, Microsoft released a Threat Research report on a new virus threat called “Stuxnet.” The virus, Microsoft says, uses a new method of propagation.

It transfers itself from a USB drive like a thumbdrive or an external hard drive automatically as soon as the drive is browsed by the operating system.

According to Microsoft, the Stuxnet began targeting machines specifically in Iran and Indonesia and had begun spreading slowly across the globe.

“In terms of numbers of attacks, the most reports are coming from the US, Indonesia, India, and Iran.  When you factor in the number of MMPC monitored machines along with the number that are reporting attacks, the US falls further down the list, giving way to Iran and Indonesia with attack attempts far higher than the global average.”

Stuxnet doesn’t target ordinary computer users.  It targets the types of industrial control systems built specifically by the German manufacturer Siemans.

Siemens was involved in the original design of the Bushehr reactor in the 1970s, when West Germany and France agreed to build the nuclear power station for the former Shah of Iran before he was overthrown by the 1979 Islamic revolution.

Stuxnet isn’t actually a virus, a distinction without a difference to most people, but actually two entirely different mechanisms.  Siemans says said the malware is a Trojan worm with tremendous destructive capabilities.  According to Symantec, the antivirus giant behind Norton Antivirus,

“By writing code to the PLC, Stuxnet can potentially control or alter how the system operates. A previous historic example includes a reported case of stolen code that impacted a pipeline.

Code was secretly “Trojanized” to function properly and only some time after installation instruct the host system to increase the pipeline’s pressure beyond its capacity. This resulted in a three kiloton explosion, about 1/5 the size of the Hiroshima bomb.”

Noted the Toronto Globe and Mail:

“Vice Admiral Bernard McCollough the head of the U.S. Navy’s Fleet Cyber Command, told Reuters on Thursday after testifying about cyber operations before a House of Representatives Armed Services subcommittee, that the worm “has some capabilities we haven’t seen before.”

On Wednesday, Army General Keith Alexander, head of the Pentagon’s new Cyber Command, said his forces regarded the virus as “very sophisticated.” 

The Israeli website Debkafile describes Stuxnet as “the most destructive virus ever devised” and says that among its functions was to periodically transfer classified information from the infected computer to computers abroad.   

“This was the first time an Iranian official has explained how the United States and Israel intelligence agencies have been able to keep pace step by step of progress made in Iran’s nuclear program. Until now, Tehran attributed the leaks to Western spies using Iranian double agents.”

A report  from Computerworld confirms the Debkafile’s assessment of the worm’s destructive capability under the ominous headline, “Iran nuke SCADAs saturated with Stuxnet infection.”

Stuxnet, “the most sophisticated malware ever,” has been found infesting Iran’s nuclear installations. Speculation continues that this was indeed the intended target of what the mainstream continues to call a “virus”.  

Stuxnet has been attacking SCADA systems in Iran and Russia since at least January 2010.

“According to the Tehran-based Mehr News Agency, Mahmoud Alyaie, an IT official with Iran’s industries and mines ministry, said that 30,000 IP addresses in the country had been infected with Stuxnet. Multiple computers can access the Internet via a single IP address, so the total number of infected Windows PCs may be considerably larger.”

No doubt.  And since the worm was no doubt introduced in Iran via an infected flash drive but has spread primarily across Indonesia, the world’s most populous Muslim nation, one wonders what we may be about to discover there.

Assessment:

Nobody is certain how Stuxnet was introduced into Iran’s system, but most probably it was introduced by a Russian technician using an infected flash drive.  

About the only thing upon which there is unanimity is that Stuxnet’s complexity “points to a state actor” – a code just as universally interpreted as meaning, “Israel.”   It included a timer that limited infection to three additional machines, suggesting Stuxnet was not intended to spread far beyond its intended target.

In one official report, Iran is confirming the infection claiming it has done little or no damage and that its “experts are systematically eliminating the virus.”   

According to the AFP/AP, Tehran is denying any infection of any of its critical computer systems at all, saying at worst some of the personal computers belonging  to members of the staff may have been infected. But other reports suggest that the worm has done more damage than Tehran wants to admit.

In other words, it is probably just as bad as the Western reports are suggesting – maybe worse.  Which may be great news for Israel and the West.   If true, it also helps supply another piece of the puzzle insofar as Iran’s role in Bible prophecy is concerned.

Current events make it almost a sure bet that any war between Israel and Lebanon, Syria or Hezbollah will also involve Iran.  Iran is backing Syria, supplying Hezbollah and controlling Lebanon.  But that scenario conflicts with Bible prophecy for the last days.

As we reported in February, the Bible outlines two major conflicts involving Israel in the last days. The first is the one outlined in Psalms 83 and Obadiah.   

Ishmael was the eponymous father of the Arabs, his brother Isaac being the father of the Jews.  The Ishmaelites most probably refers to the Saudis, but that identification is admittedly speculative.

 The Tents of Edom refers to the Palestinians of the West Bank and southern Jordan.  The Moabites refer to the Palestinians and central Jordanians.

 The Hagarites corresponds with Egypt, Gebal with Hezbollah and the Lebanese.  Ammon includes the Palestinians and northern Jordanians, Phillistia corresponds with Hamas and the Gaza Strip.

Last but not least are Assyria (Syria and Kurdish Iraq) and Tyre, (Hezbollah and South Lebanon).   

 Persia — modern Iran — doesn’t make the list.  Iran’s fingerprints are all over the battle plan, but the combatants are all Arabs.  Iranians are Persians, not Arabs.     The Gog-Magog Alliance does not include Syria or the rest of the Psalms 83 nations, and the Psalms 83 nations does not include any of the protagonists from Gog-Magog Alliance”

I confessed then that it was a puzzlement to me.  While the Psalms 83 War is depicted as being forced on Israel by repeated attacks, the Gog-Magog War takes place at a time when Israel is dwelling safely and at rest.  

They cannot be the same war.  It is for that reason that I questioned the probability of an Israeli military attack directly on Iran, since it would prompt an immediate response from both Iran and Russia. 

Something has to prevent Iran from going nuclear and keep Iran and Russia out of the current conflict — if the Iranians and Israelis are to survive to make their appointment to meet on the mountains of Israel  as outlined by Ezekiel. 

And something else has to happen first to eliminate the existential threat posed by Hamas and Hezbollah, by Damascus and Beirut . . .  before Israel can meet Ezekiel’s description of a land of unwalled villages dwelling in peace and safety.   

If Stuxnet meets its full potential, it won’t end the Iranian threat.  But it would contain it — without a shot being fired — by forcing Tehran back to the drawing board.   Exactly in keeping with the Bible’s outline for the last days. 

“Behold ye among the heathen, and regard, and wonder marvelously: for I will work a work in your days which ye will not believe, though it be told you.” (Habakkuk 1:5)

Exactly.

This entry was posted in Briefings by Pete Garcia. Bookmark the permalink.

About Pete Garcia

Christian, father, husband, veteran, pilot, and sinner saved by grace. I am a firm believer in, and follower of Jesus Christ. I am Pre-Trib, Dispensational, and Non-Denominational (but I lean Southern Baptist).

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s