Hackers release decrypted Stuxnet code -- but don't panic

Stuxnet code stolen from HBGary is less dangerous than versions of the worm that are already out there

With all the fuss out there about Stuxnet, a headline like "Anonymous hackers release Stuxnet worm online," as seen on Foxnews.com, is bound to stir up a little panic. The worm has been deemed a game-changer in the world of cyberwarfare, and experts have said it's caused more damage to Iran's nuclear facilities than a pinpoint missile attack could have.

Fortunately, the aforementioned hackers have not effectively handed the bad guys of the world the equivalent of a recipe for homemade anthrax or a do-it-yourself nuclear bomb. Rather, they've released a stolen decrypted version of Stuxnet that has academic value but, in and of itself, can't be used any time soon for malicious purposes. Tthe most damage Anonymous has caused here is to the reputation of U.S. security company HBGary, the victim of the theft.

A kinder, gentler Stuxnet
Evidently, HBGary got its hands on Stuxnet, then decrypted -- or translated -- it for closer study. Anonymous, which views HBGary as an enemy, managed to break into the company's databases on Sunday and snag the decrypted code; it has since made the code available to the public.

http://www.infoworld.com/t/malware/hackers-release-decrypted-stuxnet-code-dont-panic-685

This is not like the invention of the H-bomb or even C programming language.

The fix was no more complicated than swapping out some circuit boards. Cheez-itz, already. How much extra yardage do the Israelis think they'll get out of this old saw?

Could you kindly link a source? It's a topic I'm interested in, but my impression was that Stuxnet was ultimately designed to vary the load on motors and bearings by accelerating and decelerating rapidly, leading to damage beyond the controller.

These impurities would have been detectable after the first batch was altered by irregular motor speeds. Once they ruled out a problem with the motors and feed gas, the controllers would be the next thing to check. The solution to a bad controller is to swap out the programmable logic card. If the virus effected only the controller -- which is what was widely reported -- then that would take care of the problem.

The P-1 and P-2 design centrifuges used by Iran are not very sophisticated. They're based in 1940s and 1950s designs stolen by Pakistan and sold to Iran and several other countries by AQ Khan in the late 1980s. These are also not very reliable units, so the Iranians have plenty of experience detecting and solving problems with the Uranium Hexafloride (UF6) gas cycle, which they've been toying on and off with for more than two decades. The programmable industrial controllers that were reportedly infected are off-the-shelf units produced by Siemens or are knockoffs, probably Russian copies. They also are not particularly complex, and are designed to be easily programmed and tested. If there is a problem, the circuit boards quickly slide in and out for replacement.

I read up on the Iranian nuclear program a couple years ago, and if there is a specific assertion you need a citation for, I will try to find it for you.

I didn't fully understand that the damage Stuxnet does was likely so easily perceived and corrected though. Thanks!