05.30.15

The Lessons of Stuxnet: Never Use Microsoft Windows

Posted in Microsoft, Security, Windows at 4:26 pm by Dr. Roy Schestowitz

The NSA is playing with nukes

Missiles

Summary: Windows is sufficiently ‘NSA-compatible’ for remote compromise and physical damage (sabotage) to highly sensitive, high-risk equipment

MANY news reports from around Friday [1-13] made it abundantly clear that Stuxnet, an Israel- and US-made virus that targets Microsoft Windows, was deployed not only in Iran (which uses Windows and Microsoft Linux) but also deployed (albeit unsuccessfully) in North Korea.

It is worth noting that Stuxnet was developed not only in the US but also in Israel and much of Microsoft’s software development for ‘security’ is also done in Israel, so it might not detect Stuxnet (by design).

“Imagine the media reaction if some nation’s government tried to install viruses in nuclear facilities in the US…”News from North Korea should remind any nation with military facilities (that’s about every nation on Earth) to dodge Microsoft Windows. Turkey, for instance, reportedly moved its army to GNU/Linux and several other nations make similar moves for security reasons. In order to explain North Korea’s resistance to the infection some corporation media likes to highlight “near-complete isolation” (see below) rather than reliance on GNU/Linux. The ToryGraph (see below) calls Stuxnet a “computer virus” even through it is uniquely a Microsoft Windows virus. Imagine the media reaction if some nation’s government tried to install viruses in nuclear facilities in the US…

This is by no means defence of North Korea; it’s just that the story makes is abundantly clear that, Microsoft’s special relationship with the NSA aside, Windows is a target. Even Western governments target it. The NSA habitually said that it worried about attacks on its electric grid while hypocritically enough it is attacking nuclear facilities in other countries, never mind the risk of “blowback” or the “fallout” (pun intended) such aggressive actions may consequently bring. Pentagon would label this an “act of [cyber] war”.

Related/contextual items from the news:

  1. NSA eggheads tried to bork Nork nukes with Stuxnet. It failed – report

    The NSA tried to wreck North Korea’s nuclear weapons lab using the centrifuge-knackering malware Stuxnet, and ultimately failed, multiple intelligence sources claim.

  2. Pyongyang 1, NSA 0: U.S. Tried and Failed to Hack North Korea’s Nuclear Infrastructure

    By almost completely shutting itself off from the rest of the world, the North Korean government has denied its people and society access to the fruits of the digital communications revolution. It has also reportedly helped stymie a U.S. cyberattack on the country’s nuclear infrastructure modeled on the so-called Stuxnet virus the United States and Israel used against Iranian centrifuges.

  3. The NSA reportedly tried — but failed — to use a Stuxnet variant against North Korea

    Right around the time that the Stuxnet attack so famously sabotaged Iran’s nuclear program in 2009 and 2010, the U.S. National Security Agency reportedly was trying something similar against North Korea.

    The NSA-led U.S. effort used a version of the Stuxnet virus designed to be activated by Korean-language computer settings, but it ultimately failed to sabotage North Korea’s nuclear weapons program, according to a Friday Reuters report, which attributed the information to people familiar with the campaign.

  4. NSA tried Stuxnet cyber-attack on North Korea five years ago but failed

    The US tried to deploy a version of the Stuxnet computer virus to attack North Korea’s nuclear weapons programme five years ago but ultimately failed, according to people familiar with the covert campaign.

  5. Report: US tried Stuxnet variant on N. Korean nuke program, failed
  6. US tried to bring down North Korean missile programme with computer virus
  7. Report: U.S. failed to sabotage North Korean nuclear program with Stuxnet-twin
  8. Report: US cyberattack on North Korea was ineffective
  9. Why Did a US Cyber Attack on North Korea Fail?
  10. US Tried, Failed To Sabotage North Korea Nuclear Weapons Program With Stuxnet-Style Cyber Attack
  11. US Reportedly Launched Stuxnet Attack Against North Korea
  12. US Failed at Planting Stuxnet-Style Computer Bug in N. Korea Nuke Program
  13. US reportedly tried to destroy North Korea’s nuclear program with a Stuxnet-type virus
Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

This post is also available in Gemini over at:

gemini://gemini.techrights.org/2015/05/30/stuxnet-in-northkorea/

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. IRC Proceedings: Saturday, April 17, 2021

    IRC logs for Saturday, April 17, 2021



  2. Tolerating the Intolerant and Lacking Tolerance for Opposing Views

    The person who shouted...



  3. Letter of Support for Richard Stallman - Doing Better in Community

    "How do you support someone you’ve known for years who is unfairly attacked and publicly maligned?"



  4. Richard Stallman on Rejecting Workplace Bureaucracy in the 1970s

    Dr. Richard Stallman, the Free Software Foundation's founder, explains what inspired him to get involved in non-software matters



  5. Renata Avila: Trying to Understand the Lynching of Stallman

    Reproduced from the original



  6. Breaking News: EDPS Admits That It is Powerless to Investigate Claims of GDPR Non-compliance at the EPO

    Nobody is truly in charge at the EDPS (and in Europe at large); they say EPO is "company" and all one can do is kindly ask the EPO itself to obey the law and stop outsourcing European data to American military contractors



  7. Links 17/4/2021: Linux 5.13 in Sight, Holland Warming up to Free Software

    Links for the day



  8. Richard Stallman Vilified by Those Who Don't Know Him, Says Sylvia Paull

    Republished "In Support of Richard Stallman"



  9. [Meme] Linux Foundation Can't Use Linux

    Two examples from yesterday, highlighting what a bunch of hypocrites run the marketing operation now disguised as ‘research’; Jason Perlow from Microsoft signed/published this newsletter highlight from the failing “Linux” Foundation — a foundation that calls itself “Linux” while its newsletter is still hosted by Microsoft Windows+proprietary IIS and this latest report is made with proprietary software on a Mac



  10. [Meme] Haters Gonna Hate, Don't Apologise to a Libelling Mob

    As was already pointed out before, you cannot appease a mob by talking back to it, certainly not by issuing an apology (putting oneself in a position of weakness)



  11. What the EPO Has 'Normalised' in Europe...

    Under the cover of 'new normal', Europe's second-largest institution crushes the law and crushes its own staff



  12. Lots of Information in Sight, But Minimal Distraction

    How I keep focused on reading and writing whilst at the same time keeping an eye on important incidents, such as DDOS attacks and urgent messages coming in



  13. IRC Proceedings: Friday, April 16, 2021

    IRC logs for Friday, April 16, 2021



  14. Hate Letter Against FSF (Concern Trolls): 1415 Committers, Letter in Support of FSF (With Its Founder Back): 5116

    Taking into account people who asked for their names to be removed from the defamatory hate letter (inciting people, based on falsehoods), it's not impossible that the support letter really triples or quadruples it in terms of number of signatures



  15. Richard Stallman: Sharing is Good... We Need to Legalise It

    Dr. Richard Stallman, the Free Software Foundation's founder, explains his take on copyright and the artificial restriction being used against sharing



  16. Nadine Strossen and Hannah Wolfman-Jones Rebut Accusations Against Stallman and Choose Him as Coauthor

    "Here are her thoughts and the response she received from Nadine, extracted verbatim with their permission from the original article"



  17. Links 17/4/2021: GNOME 40 in Tumbleweed, Devuan 4.0 Alpha, Kate Editor Makes a Leap

    Links for the day



  18. EPO Staff Union Takes the EPO 'to Court' (the ILO's Tribunal, as the EPO Cannot be Taken to a Proper Court)

    The Staff Union of the EPO (SUEPO) Committees are preparing a legal battle over unlawful and unjust measures taken collectively against hard-working (overworked during pandemic) members of staff; the European public should support them



  19. The Latest Anti-RMS Coup Attempt Targets the GNU Project (Because the FSF Coup Has Clearly Failed) by Infringing and Disregarding Trademark Conventions

    A fake "GNU" (not the original GNU, just riding the coattails of the name "GNU") is trying to find/gain traction and we must oppose it because it's an extension of the very same coup attempt (same plotters) that manufactured a whole bunch of libel to incite people and blackmail the Free Software Foundation (FSF)



  20. Links 16/4/2021: Mozilla Dumping FTP, Corporations Still Concern-Trolling FSF

    Links for the day



  21. The EFF Attacks Software Freedom and Promotes Fake Privacy Linked to Microsoft

    Only weeks after attacking Software Freedom (the ad hominem way, which is easier) the EFF endorses a Microsoft-linked privacy abuse, misframing it as some sort of privacy champion



  22. Richard Stallman on How Corporate Media Limits What People Are Allowed to Think and Say (Updated)

    What the founder of the FSF told yours truly a number of years ago about the behaviour of corporate (funded and controlled by corporations) media



  23. Exposing Hard Truths is the First Step or the Path Towards Justice

    A reflection and a moment taken to set aside tribalism (shallow differences based on allegiances of personal comfort), for we need look back at actual facts — however inconvenient at times — and consider the reality of the situation



  24. IRC Proceedings: Thursday, April 15, 2021

    IRC logs for Thursday, April 15, 2021



  25. [Meme] Laundering Bribes as 'Cooperation Money'

    Germany has financial interest in ensuring that EPO abuses carry on and nobody holds the EPO accountable



  26. Articles in Support of Richard Stallman

    Reproduced with permission



  27. EPOLeaks on Misleading the Bundestag -- Part 20: Taking Stock

    Benoît Battistelli's legacy at the EPO is a legacy of corruption and cover-up; we take stock of how illegality was defended and persists to this day



  28. Links 15/4/2021: Zorin OS 16 Beta and Pushing Linux to GitHub- and Microsoft-Connected Rust

    Links for the day



  29. [Meme] Enemies With Common Interests

    The Software Freedom Movement (or Free Software Movement) has many enemies; some of them just hide in the shadows or speak out through shadowy front groups/NGOs that they semi-officially sponsor



  30. [Meme] Germany's Red Cash Cow

    EPO brings a lot of money to the German state. But at what cost to citizens and Germany’s public image?


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts