Stuxnet: The Cyber Weapon That Destroyed Iran's Nuclear Program
ฝัง
- เผยแพร่เมื่อ 12 พ.ค. 2024
- Delve into the shadowy world of international espionage with Warographics as we uncover the gripping tale of STUXNET. From its covert inception in 2007 to its explosive revelation and the unsolvable mysteries it left behind.
→ Subscribe for new videos at least twice a week!
th-cam.com/users/biographics...
Love content? Check out Simon's other TH-cam Channels:
MegaProjects: / @megaprojects9649
SideProjects: / @sideprojects
Casual Criminalist: / @thecasualcriminalist
Today I Found Out: / todayifoundout
Highlight History: / @highlighthistory
XPLRD: / @xplrd
Brain Blaze: / @brainblaze6526
Places: / @places302
Astrographics: / @astrographics-ve4yq
Simon's Social Media:
Twitter: / simonwhistler
Instagram: / simonwhistler
Been studying cybersecurity for several years and working as a Security Analyst some of that time as well, so I'm all too familiar with Stuxnet, but I will never get tired of hearing this story. Stuxnet was truly a monumental achievement (for someone at least) and a total game changer in terms of how offensive cyber operations were viewed. One of my favorite case studies that I constantly return to in my career, I still gain new insights every time I do so. Happy to say that Warographics did the story justice! And the crazy part is this video is just the tip of the "Stuxnet lore" iceberg.🤯
Have you heard the podcast from Jack Rhysider called "Darknet Diaries"?
I assume you likely have, but that's a good one on it too if you haven't had a listen. (Good podcast in general too, IMO)
@@goosenotmaverick1156 That was pretty much the spark for why I got into cybersecurity, Stuxnet was the first episode I listened to after the Silk Road ones. After that it was set in stone. I owe a lot to Jack Rhysider for giving us Darknet Diaries 🙂
Hes a topguy, thanks for reminding me abt him @@goosenotmaverick1156
You misspelled "Israeli counter intelligence in conjunction with a joint NSA-CIA team".
only one joint?
@@mastpg
As a computer science student, this stuff is fascinating to me. I found a video about Stuxnet recently and had been wanting a video from you breaking it down ever since!
Watch, Zero Days.
I learned about Stuxnet back in 2011 when I was taking a Cybercrimes course in Ireland. I remember being blown away by how smart of a program it was.
In 2011 that's when Israelis used Stuxnet on Fukushima plant.
@@jochn919no
Took less than 20 people too
@@jochn919 Did you miss the part of history when a god damn earthquake and tsunami hit Japan?
@@Frost640 ...He doesn't care about facts or the truth...Just a typical troll.
Countdown to zero day is a great book about Stuxnet.
This.
@@remember2023 They are all targets
Literally finished listening to the audiobook about 2 days ago, and now this video comes out! "get out of my head simon!"
But fully agree, a really good and interesting book
There's also a documentary called, Zero Days.
You probably think your picture is funny. But the fact is, your kind can't compete against us where it counts. We have it on lock and don't have to resort to gutter pfps.
1:45 - Chapter 1 - The timeline
18:55 - Chapter 2 - The unsolvable equation ; fanny , flame & flowershop
22:00 - Chapter 3 - The future
I think $300M/year of delay is actually decent. In comparison to a "new bomb" which would need its own research and development and a bespoke production line for a limited number of bombs and it looks like maybe a wash.
Exactly my thoughts, conventional weapons always cost significantly more in R&D (not to mention the cost of physical resources as well)
I remember being told about this as a cautionary tale of the dangers of picking up random USB sticks
I found one in a parking lot a few days ago.....I sandboxxed the hell out of it and found......porn
The virus didn't just require a USB stick, it could embed itself on devices that used the USB port. Seriously one of the smartest weapons I've ever seen.
Used on the Fukushima nuclear plant as well.
@@theredbonekingsource ? 🤔
@@freedombro6502 FUKUSHIMA: 10 reasons our planet is doomed (2018)
@@freedombro6502 #8
Number eight on the list.
The script is usually very tight on here.
'An existential crisis to their existence'
The exception that proves the rule.
British V sauce man never stops bringing the content
lol .. he wishes he was VSauce
I cannot unsee it.
@@THE-X-Forceyou wish you had a fraction of either men's influence
Vsauce is awesome!
@@Callingoutrtards lol .. I'm not the one who brought it up and believe me .. I'm perfectly fine with who and what I am. I don't want anything that I do not have.
For the ones asking. Stuxnet dit copy itself on usb drives. Once the plc are updated, the virus send files to the drive, and if that drive is connected to a computer that is connected to the internet it sends data back. No plant is compledley airgapped. Just the most importand machines
A very reasonable explanation thanks 👍🍻
I remember when this happened. I also vividly remember, how at the time, my work place was full of PLC's. I was very tech minded and a lot of access to things that I probably shouldn't have. Stuxnet was some scary stuff, for the potential havoc it could wreak on just about any company, anywhere with a PLC. It just made me realize how exposed we are when it comes to hardware security.
Especially since it was (and often still is) rare for companies to take PLC security that seriously.
It's also frustrating that many PLC manufacturers like to hid behind obscurity as security rather than keep information out in the open so it can be properly audited by people who actually care about security.
I had to write a report on this when I was taking cybersecurity classes. Definition of a watershed moment.
@@rosem7889
wa·ter·shed
/ˈwôdərˌSHed,ˈwädərˌSHed/
noun
noun: watershed; plural noun: watersheds
1.
an area or ridge of land that separates waters flowing to different rivers, basins, or seas.
an area or region drained by a river, river system, or other body of water.
2.
an event or period marking a turning point in a course of action or state of affairs.
"these works mark a watershed in the history of music"
Thanks, Google!
Watershed is (and I start with this as I find it interesting) the catchment area of rivers, streams, lakes. The line between each catchment area is rather definitive, hence its use.
A watershed moment refers to a deep change in thinking, approach, direction, of how one thinks about something.
Hope the above helps ❤
@@rosem7889 watershed moment means an important point in history that would change the future
@@harku123I wonder if the first watershed moment was the flood after the ice age?
I'd heard part of this before, but this video put it all together. Good job.
Has this ever been made into a movie? Because it should be.
It has. Check out Zero Days.
@@dat_asian_dude Sweet .. thank you!
@@THE-X-Force anytime dude! Easiest way to watch it is on Max but I think youtube has it for like 5 bucks
Fascinating video. Please do more on cybersecurity
So I have watched a few of your videos, and while I have liked them, I also didn’t really know the subject matter. This one I did, and out of curiosity, I looked and noticed you followed the Wikipedia page on this subject pretty closely/exactly. You have good presentation, and for those unfamiliar with the various subjects you cover, these are great videos. It would be cool to see deeper dives with some independent research, alternate sources, etc.
Yes thank you was watching old video on this the other day
Thanks for sharing.
Amazing Episode Simon 👏
TIL "specialisms" is a word. Excellent writing and presentation as always!
I absolutely love how Simon uses his voice to keep everyone on the edge of their seat.
I remember all the talk about Russia's cyber warfare capabilities on the lead up to its invasion of Ukraine. Ended up falling flat. As much as the complexity of viruses are growing, it seems our capabilities in fighting them are as well. Or, Russia just sucks at cyber warfare.
I haven't kept up with it, but they did a lot in the early days. News reporters were struggling to do their job as any PC connected to Ukrainian internet got hacked. Many of them ended up sharing a single laptop with a satellite connection.
don't you hear on the news everyday how china has already stolen even IP or data in the US that can be reached digitally? And russia don't steal as much but they are widely suspected to be the ones behind the shadow broker group, as their cyber capabilities are second only to the US.
And Russia has prioritized going after the weakest part of every computer on Earth...the user.
I assume to some degree they don't want to take everything down but rather use it to spy. If nothing works it won't get new input which could be strategically useful information
Yes...they hacked the Clinton Campaign with a regular old gmail password reset phishing link @@user-tm9qs7jo9j
Fantastic job
Keep up with these informative and entertaining videos.
Not to be confused with Suxnet, the.... other way to make things blow.
😂😂😂
rofl
@@rjhabib3678 What is that PFP? Igor
Can I purchase this software for my wife?
You win the internet for the day. Congratulations.
I remember when news of Stuxnet first appeared. I was studying IT at the time and didn't really grasp the enormous possible consequences. Some people I studied with, and who had a lot more experience, were terrified. Some thought it might spell the end of the internet.
Cool stuff Simon
aaaaah I love the 80's action movie one liners at the end of your videos.
What a throwback! Clicked as soon as i saw that name!!!
Love the content.. always!
But give me longer to sit up and like the video/check that I have when it finishes!!! ahah
If Natanz was truly airgap, how could the virus send information back to the US?
There are ways an app can use any piece of wire as a transmitter same as how phones use headphone jack as radio antennas and there are many more ways
Exactly what I was thinking...!
@@night_light2867 This crucial piece of information should've been addressed in the video in depth because without a way to transmit information, it's useless.
Do y'all have any video recs on the topic, did a quick search but found nothing :(
OTHER computers that were infected sent information back. Not the air-gapped ones.
Worth noting that we actually don't know just how effective the Stuxnet development was, since it's possible that many techniques and maybe other zero-days are still in use in other attacks around the world.
We don’t “know” nearly as much as this video suggests… it relies pretty heavily on one questionable article as its “source”
The Stuxnet operation crosses the line into art. So elegant and clever.
Simon, you're an incredibly great presenter! While watching this video I thought of the work and dedication of the author/writer!
You have a great staff! They deserve more attention! Thank you for your great work!
These videos are top notch
Stuxnet is gonna need a sequel soon.
And it would be used on apartheid state of Israel
It's called Pegasus
@@mcboat3467lol keep dreaming
Israel is NOT an apartheid state.
South africa has no moral ground to stand on @mcboat3467
@@freedombro6502 Lot of people are blind to the complete insanity which is going on South Africa. They kill tens of thousands in violent activities even though they don't have an active war in a tiny region constraining 2 millions to the size of Las Vegas to worry about. There are a lot of terrible things going on there and Gazan needs more help than ever. I just wonder where had been these outcries and protests when other countries used poison gas against minorities, interred an entire population into rape camps or stole all children to re-educate them to another culture. It's easy to blame a minority culture which has good standing with the West and is put against a billion Arabs. It is apparently much harder to actually call out evil deeds done by the side which keeps funneling them all the money to embezzle...
I feel like Simon & Team is fast becoming my Walter Cronkite
He (and co) and Beau of the Fifth Column are my go-tos.
Low key reassurance in regards to thier current situation
Wow. I had no idea about any of this. Neat.
Look up the virus known as Pegasus (It's very very scary"
Usually a religious Warographics listener, but rolled my eyes on the release of this stuxnet episode. So didn't listen to it immediately but I'm grateful for "the algorithm" sneaking it into the autoplay-list.
I thought I already knew everything there was to know but then Mr. Whistler's team goes and unearthed the Dutch connection.
Well done, well done
👏
Zero Days is a nice documentary about this. Some NSA whistleblowers say their part too, undercover ofc. Strongly recommend it.
Love the glasses Simon 😎
The most scary part, most maleare is sitting dormant waiting for an action command to start attacking. We haven't even had the first real spark yet.
I do wonder if this fact is something that is stopping nuclear war. Because all sides are now scared that their own weapons are compimised and an attack might backfire.
@@scheikundeiscool4086Given that the average programmer on Stuxnet wasn’t better than the average consultant (the only genius was bought by the mass of developers working on it), I can’t imagine what a missile infested with viruses from all nations would look like. Indeed, no one would be able to launch it.
What makes you think that “most malware” is like this..?
I'm wondering how much of this type of malware like Stuxnet is out there that is already doing its work but doing it so slowly that it doesn't get detected. Like imagine attacking a company or a whole country in a way that they become just slightly too inefficient to still run profitable/having GDP growth. Kinda like killing someone with a slow acting poison so it looks they just died of an illness
Man couldn't even spell 'malware' properly with the help of spellcheck and cut and paste, it's likely just some edgy teen on his family computer
I live 45min from INL (Idaho National Labs) had zero clue they were involved in this operation. That is pretty neat, I'll have to let a friend of mine who works there know.
INL was behind a lot of cyber research in the 2000s. Go on TH-cam and lookup INL diesel generator experiment
Much as there was once an age of pike and shot, we are now in the age of drones and hackers. It would be wise to be the first to adopt them skillfully.
Cyber commands already exist.
Except the CIA didn't use it wisely and aside from attacking a country the western powers always like to paint as an aggressor, Stuxnet threatened a lot of computer services globally including the British NHS at the time.
@@jaybee9269 yeah dude is a good 20-30 years behind
Your voice has way too much reverb on it. Love your content!
Simon you are a master of speech delivery and hats off to your deserved success! I have started noticing something that troubles me though... In the "early" days your speech was bright and crisp! These days I'm picking up something slightly more slurred. I pray that your health is good but if this is news to you please have it checked out.
Darknet Diaries covered this one I think, due to it being about hacking and what not. Good episode.
I've seen a few videos about stuxnet and I can tell you this is by far the one with the most work put in. Great job researchers.
If that's the case... you haven't seen enough.
@@fautedemieux21 Do you have any suggestions?
One thing I don’t understand: you said the computer system was air gapped (no internet connection) but later the work was able to get updates remotely, how if there’s no internet connection?
I could study this for years!
i would love to work with those guys some day. the equation group is such an awesome name too.
Beware of the USB stick in the parking lot.
I actually requested a deep dive into this on Simons reddit. I'm so happy someone took it up!!! I was thinking Casual Criminalist or Dark Shadows, but it actually makes more sense in Warographics. It is truly shocking to me how little people know about this, much less how under reported it was. I feel like cyber warfare took such a huge leap forward from this event, and I can only find a little content related to it. It's shocking. Scary. The future of cyber warfare is terrifying to me. Hope this video helps to spread awareness. I would have liked to hear this in a free format though. Still, awesome video. Great content!!!!!!!!!!!
Simonverse spy stories continue 🎉🎉🎉
That was the best video I’ve ever seen on TH-cam. Absolutely fascinating.
This man has like 1 million channels and is pumping out videos on all of them almost everyday. He is everywhere
Shadow brokers....a Sci Fi nerd reference to the Mass Effect games I believe 😀😃
One thing that was touched on really needs emphasis: The Iranian nuclear program managers had wisely adopted one of the most effective defenses against cyberattack: Their systems were not connected to the Internet, and it required what is effectively inside assistance to even begin to attack that system. Whenever I read about a security breach of any system, my first question is always, "Why was this connected to the Internet at all?" Many compromised systems did not require Internet connectivity in order to accomplish their official purposes.
A+ video.
"An existential threat to its existence"
I see 😅
IIRC it was also Dutch nuclear technology that was stolen by AQ Kahn, the world's most prolific illegal nuclear proliferator and guy who gave Pakistan the bomb.
Check out Zero Days. It's a documentary style movie about Stuxnet. And there is also a book: Countdown to Zero Day
There's a great documentary by Alex Gibney called "Zero Days" about it, that looks at it more as the story of discovery and reverse engineering what it actually does. This was a wild time blowing everyones minds about what is really out there. Also, te fact that they found and essentially burned 4 Windows zero days is wild, a no interaction Windows zero day is incredibly hard to find, and worth millions on the open market for these kind of things. Though it probably helped that Windows licensing deals for the military and the likes have included access to the source code for years.
Watch the movie "Zero Days" years ago, and definitely got intrigue about this one.
I highly recomment reading "To kill a centrifuge" by Langner, it is their version of the Stuxnet analysis and covers the whole operation in a lot of detail.
Wasn't just Stuxnet, a whole slew of malware based on the Tilded platform , include Duqu and the star of the show, Stuxnet.
The story I had originally heard about how Stuxnet infiltrated the facility was a usb drive dropped in the parking lot. Had no idea it was a long-term program with two-way communication rather than a single attack destroying the centrifuges. The description I was aware of had claimed that the worm cloned parts of itself onto more usb drives to carry it back out of the facility in order to reach an internet-connected device it could deliver a "job complete" message through, but if it was able to receive updates regularly, there was clearly a more reliable communication method established that breached the air-gapped nature of the network.
I believe there is still a classified part of HUMINT work on the background.
I've always wondered if the high rate of the centerfuges caused vibrations that could be felt outside somehow and those vibrations were the transmission?
@@ftffighterwhat is the receiver in this case?
😂 🆒 interesting...
What an incredible story.
I've always wondered if the high rate of the centerfuges caused vibrations that could be felt outside somehow and those vibrations were the transmission?
10:50 how the heck did the program contact it's creators if the facility's system was totally isolated? If it broadcasted a signal, how come the Iranians didn't pick up on it?
It didn't. Airgapped. Was exfiltrated from site.
@@CarlTSpeak Excuse my ignorance but I still don't understand. At 10:57 he says stuxnet "would send this map back to the programmers". What method of data transfer did stuxnet use to communicate that information?
@@petertimowreef9085 As I understand it, if a copy of a virus escaped the site with information (infected a device inside and got carried away to another with internet access) it will connect to the programers and then an updated virus could then again infect the facility
@@Arcomist Right, so the virus left the nuclear complex in a physical sense, on a thumb-drive or something?
Cool story. What took you so long. I heard about this 10 years ago. Very cool.
You should watch Alex Gibneys Zero Days documentary.
Stuxnet = High-Tier
Pegasus = Ultra-High-Tier
Operation Triangulation = God tier
@warographics please do a video on the UC nuclear umbrella countries.
Nice introduction... and an informative work.......How many years required Iran population stepping back to the Medevil period ( under the Islamic Iran 🇮🇷 regime...that regime donated by CIA-1979 to its friendship Iranian people's)
Do pegasus next :-)
"Destroyed" is a big word. It certainly slowed them down and broke a number of very expensive machines.
It was at the time, about the most sophisticated cyber-weapon anybody had found and publicly released.
Everyone likes to think only China or Russia has high quality hackers, the truth is the US has the best hackers in the world(TOA)... to go along with the best military equipment in the world
The reason we don't hear about it is because...
1. We aren't trying to mess with the common company or citizenry in those countries.
2. The best attacks are the ones they don't know about.
3. If those countries know they got hit, they aren't telling that they got hit.
Our equipment is overpriced and over sophisticated - it relies too heavily on technology, which is highly prone to electronic warfare/ jamming, as seen in Ukraine
Edit: some of our equipment, I should clarify; systems like HIMARS and Javelin, for example, have proven highly effective
@@DanSoloha Ovepriced sure, over sophisticated fuck no. Literally non of the high end equipement has been given to ukraine so I don't know what you are yapping about with elecotrninc warfare.
@@DanSolohaThe things Russia has jammed only partially jammed it. A lot of them have back ups like interial navigation which has improved. Remember we give them hand me downs.
Or could be taken out quickly when used with weapons the US has but Ukraine does not in great numbers. Like aircraft and harm missiles.
Those bombs and shells were less accurate, but still much more accurate than dumb fire munitions.
@DanSoloha oh look, one of the "Reformers." We've been hearing this since the F-16 and it proved you guys wrong hard. Go play with rocks, luddite.
anyone who is already familiar with s-net, @13:33 he 'ACCLERATED' it, s-net slowed it down 🤣
11:00 I don't quite get that. If the network was airgapped, how would the virus exfiltrate information to the US or get updates?
You can send data through power outlets or maybe use some piece of equipment to generate radio waves. I’ll bet the facility had phones or fax or something that wasn’t for the internet but did allow communication to the outside world. If you had something consistent like power line voltage or water pressure you could use changes in that as binary. Basically stuxnet could control some secondary system as communication if something simple like phone lines or RF wasn’t available. Heck let’s get crazy. It could hijack an exterior camera and watch for smoke signals sent by a spy elsewhere in the country and could hijack a lamp post to flicker on and off to transmit. The possibilities are endless if you are creative enough and the virus has control of enough systems.
how can they update the virus if the facility and its infrastructure was airgapped from the internet? did the worm magically assemble a wifi chip also? it sounds like something was missing here. or was the facility not truly airgapped but configured to null route internet traffic thus being connected to the internet and not fully airgapped?
Pay attention to the airgap
Ig I'll watch yet another stuxnet doc. What else can be said about a subject we've known alot about for idk a decade
It's always wild watching Simon talk about your work years after you did it.
Incredible nerve.
If the facility was air gapped, how did they get data and updates back and forth? Your explanation is critically flawed.
There are some inconsistencies in what is being told here, specially the air gap argument and the program being able to communicate back with its creators.
There is a 2016 documentary called Zero Days, produced by Alex Gibney that goes deep into Stuxnet, although it is interesting that the Dutch engineer is not mentioned in it.
10:58 wait wait wait, how did this virus send the map of operations back us/israel if this plant was in isolation from world internet?
It was elegant
I didn't realize how little I knew about this.
It was such a BRILLIANT invention 👌🏽😘 chefs kiss
The rotor speed attack doesn't damage the motors, it damages the rotors. Any digital masking of the rotor speed attack would have been foolish because rotors spinning out of whack were easily detected by ear.
lawrence of arabia might have been bumped off too riding his motorbike ... just syaing
I'm curious how a network connection was established once stuxnet was installed., if the facility was air gapped. Even if it was I'm surprised none of the IT staff noticed a connection and traffic flowing outbound
Yes
We the team we the gang of history and knowledge❤❤🎉🎉🎉😅
How many channels do you have, man?
The Spider-Man blame game meme - everyone with a usb type device 🤣
If it was air gapped and someone had to physically introduce Stuxnet , after the 11 min mark you talk about Stuxnet sending back facility design and layout as well as then being able to updated Stuexnet remotely. You can't have both an Air gapped system and remote update capabilities.