The right eloquence needs no bell to call the people together and no constable to keep them. ~ Emerson
Monday, October 11, 2010
So Much for the Hope of “Grass Roots” Conservative Governance
Raese decided to hit back by tying Manchin to President Obama, who is extremely unpopular in the state. The result was an ad appearing to feature three rural West Virginian voters sitting in a diner. The men agree Manchin did okay as Governor but needed to be kept home and away from Washington, so he will not succumb to Obama’s bad influence.
Raese’s problems began when Democrats learned the three natives depicted in the ad were not natives at all but professional actors. The ad’s true location was not in West Virginia but Philadelphia. The truly damning part, however, came from the wording used in the casting call. “We are going for a ‘Hicky’ blue collar look,” it read. “Think coal miner/trucker looks.”
Manchin was quick to jump on the blunder, calling on Raese to apologize. “John Raese and his special interest friends have insulted the people of West Virginia and need to immediately apologize,” he said in a statement. “Not only have they been spending millions to try and buy this election with lies and distortions, we can now see once and for all what he and his friends really think of West Virginia and our people.”
Both Raese and the National Republican Senatorial Committee (NRSC) reacted angrily, accusing Manchin of being far phonier in his stated political views than actors in a commercial. However, action often proves more telling than words and the NRSC has already pulled the ad.
The second embarrassment came in my home state of Ohio, where John Kasich, a former U.S. Representative and FOX News Channel commentator, had been enjoying a sizable lead as the Republican candidate for Governor over Democratic incumbent Ted Strickland. Kasich’s chief advantage has been Ohio’s dismal economy during Strickland’s four-year term, with unemployment above the national average.
|Ohio "Steelworker" in Kasich's|
Kasich retaliated by hitting Strickland once more over the economy and unemployment. His team created an ad featuring what appears to be an Ohio steelworker or blue collar factory worker of some type. The worker wears a plaid flannel work shirt and holds a hardhat in his hands. He appears to be standing in a dark, closed, and deserted factory. After noting the exodus of jobs during the past four years, the worker then charges, “Strickland destroyed Ohio jobs when he busted the budget and raised our taxes to help pay for his mistakes.”
The ad appeared effective at first glance but then it surfaced that, as in the West Virginia case, the spokesperson was not an actual Ohio blue collar worker but a Florida actor, named Chip Redden. Even worse, a normally right-leaning Ohio blog, operated by Matt Naugle, tore into Kasich because the actor in question had a “colorful” past, consisting of appearances in a Girls Gone Wild-style sex videotape and a string of felony and misdemeanor charges, including battery.
Thursday, October 7, 2010
Stuxnet Is the First Bullet in a Completely New Type of Cyber-Warfare
|The Stuxnet worm enters networks|
through an infected USB flash drive
The worm runs on the Microsoft Windows operating system. It enters a network from an infected USB flash drive connected to one of the system’s computers. It then uses four previously unknown flaws in the Microsoft code to propagate. Unlike other worms, it is highly selective, seeking out Siemens’s Simatic WinCC/PCS 7 Supervisory Control and Data Acquisition software – specialized code for running programmable logic controllers (PLCs) within factories. PLCs monitor, adjust, and run complicated machinery.
Stuxnet is even more discriminating, possessing the ability to identify which networks it infects with great precision. It appears to be looking for particular systems to destroy at specific times in specific ways. Once it infects a network, it performs a check every five seconds to determine if the system meets its parameters for launching an attack.
It embeds itself within the PLC software, reprograms it, and hides its changes, making it the first PLC rootkit ever developed. Stuxnet sets certain address in memory to specific values but the effect of such changes depends on the nature of the machinery controlled by the infected PLC. It might render the equipment in question non-functional but it also might force a kind of overload that would cause machine components to break down or even explode.
Stuxnet is both unusually large and complex for typical malware. Its ability to stay hidden for so long was due to its use of authentic cryptographic certification keys, stolen from the Taiwanese semiconductor manufacturers RealTek and JMicron, to validate itself within networks.
The Symantec researchers and other experts are convinced these factors point not to a lone hacker but a top-notch, well-funded team of programmers, sponsored by a national government. They are also convinced Iran’s burgeoning nuclear program was Stuxnet’s primary target, particularly the Bushehr Nuclear Power Plant or, most likely, the Natanz uranium enrichment facility.
Reports abound that Iran began having tremendous difficulty running their centrifuges at Natanz, causing a sudden fifteen percent reduction in production, about the time of Stuxnet’s activation. Other anonymous sources leaked word of a more serious nuclear accident at Natanz. Stuxnet could reprogram the PLCs running centrifuge arrays to exceed RPM safety limits or shut down lubrication or cooling systems. Centrifuges can easily explode if they become unstable.
Iran has over sixty percent of the worldwide documented Stuxnet infections. Even Iranian officials admit to thirty thousand infected computers. However, not everyone agrees with Iran as a primary target. Stuxnet showed up in India, Indonesia and Russia before reaching Iran. Eric Chien, technical director of Symantec Security Response, concedes the incidence of infection within Iran could merely indicate that country is less diligent about using security software to protect its systems.
The researchers are also convinced Israel’s Unit 8200 cyber-warfare operation is the source of Stuxnet. In addition to Iran as the target, they base this conclusion on a discovery recently reported in the New York Times. Myrtus, Latin for “myrtle” is the name of one of the files comprising the Stuxnet code. In the Old Testament Book of Esther, Queen Esther’s original Hebrew name was reportedly Hadassah, the Hebrew word for “myrtle.” The Book of Esther is the story how captive Jews in the Persian (i.e. Iranian) court used subterfuge to preempt a plot against the nation of Israel.
The theory of Israel as culprit gained endorsement from Yossi Melman, who covers intelligence for the Israeli newspaper Haaretz, as well as Richard Falkenrath, former Senior Director for Policy and Plans within the Office of Homeland Security.
Other experts disagree, citing the U.S. and NATO as more likely culprits. They dismiss the “myrtle” connection or label it a red herring, designed to lead researchers astray. John Pescatore, Vice-President for Internet Security at Gartner Group posits a large corporation or even citizens’ interest group could have funded Stuxnet to discredit Siemens’s software rather than attack specific governments. The Christian Science Monitor notes “myrtus” could simply be an acronym for something like “my remote terminal units.”
What everyone agrees upon is the seriousness of this software. An entire session, entitled Stuxnet – An In-Depth Look, headlined at the Virus Bulletin Conference in Vancouver Canada last week. European digital security company Kaspersky Labs released a statement describing Stuxnet as “a working and fearsome prototype of a cyber-weapon that will lead to the creation of a new arms race in the world.” Rodney Joffe, senior technologist at Neustar, calls Stuxnet a “precision guided cybermunition.”
“In the worst case, we would have seen power plants explode or dams burst,” said Derek Reveron, a technology specialist at the Naval War College. If a piece of software capable of turning any nuclear power station into Three Mile Island or Chernobyl is not worrisome enough, there is also the danger of blowback. Now that it is in the public domain, variants on Stuxnet could reappear in even more dangerous forms. Cyber-criminals typically do not worry about collateral damage from their attacks because only virtual harm results.
The ability of Stuxnet to affect physical equipment in the real world changes all that. Imagine the PLCs that drive ATMs re-programmed to distribute money to waiting criminals at certain places/times. Imagine a version of Stuxnet that controlled alarm systems, access controls, and doors, giving criminals egress to bank vaults or foreign spies seemingly valid admission to top-secret U.S. facilities. The F-Secure Corporation’s blog reports the BP Deepwater Horizon drilling platform in the Gulf of Mexico included some Siemens PLC systems. It is conceivable that a Stuxnet-infected controller rendered the supposedly infallible blowout preventer non-responsive, resulting in the fatal explosion and massive oil spill that followed.
Stuxnet is truly the first bullet in a completely new type of cyber-warfare. However, describing it as a mere “bullet” is like calling a nuclear warhead, “just another bomb” or the jetliners that brought down the Twin Towers, “just another couple of 747s.” Science fiction once again has become science fact. Stuxnet is big. It really does change everything about the potential of Internet terrorism.
Once you open a can of worms, the only way to re-can them is to use a larger can.
– Zymurgy's First Law of Evolving System Dynamics