Bonum Certa Men Certa

Kaspersky: Russian Nuclear Plant Runs Windows, Gets Infected With Malware Developed by the NSA (Stuxnet)

Tsar Bomba mushroom cloud Tsar Bomba mushroom cloud



Summary: New example of the high cost of Windows and a new example of FUD in the press, attributing an attack on SCADA to "Linux"

BY NOW, owing to leaks, people know where Stuxnet came from. Israel and the United States developed it and then used it to derail facilities in Iran. It is cyberwar, and it was started quite proactively. A lot of businesses around the world suffered from Stuxnet too, demonstrating quite clearly that the NSA's criminal behaviour has a high price; others pay the toll, not just US taxpayers. Given the special relationship between Microsoft and the NSA, Stuxnet's reliance on Windows is not surprising; it's well known by now.



Putting aside the old news about Stuxnet, Kaspersky claims that Stuxnet infected a Russian nuclear plant. This is extremely dangerous because the US and Russia/USSR have been very close to nuclear war on numerous occasions in the past 30 years. A lot of people don't know this because such material takes decades before it's declassified.

"A lot of people don't know this because such material takes decades before it's declassified."With clever phishing scams, not even strong passwords that computer scientists tend to choose can provide protection and it is no secret that Free software is penetrable due to incompetence during setup [1] or even delay in patching/maintenance (new examples in [2-8]). Underlying languages/frameworks can sometimes be the culprits [9,10], but that doesn't mean that in practice it is easy to crack a GNU/Linux system. Evidence suggests that it is hard.

Having had Windows malware issues in space (USB sticks inside Windows), the International Space Station (ISS) recently moved to Debian GNU/Linux [1. 2]. But this weird article tells a dubious story. It says that ISS got a malware infection from Russian astronauts and then adds this sentence: "The reason is that the space station uses computer-controlled SCADA systems in order to manage various physical components of the satellite. As these systems are based on Linux, they are open to infection."

"The problem is prevalent in proprietary software not just of Microsoft and the solution may be to simply ban the use of proprietary software."Really?

Stuxnet malware has been targeting SCADA systems and they run Windows. We've sent almost a dozen E-mails back and forth to verify the facts and we are pretty sure the above is a lie. Sosumi says "the rhetoric is made as if linux is the problem [...] the whole thing is fishy [...] it's like I said, the article is done as if linux was the problem" (it's not).

iophk wrote: "I would think that the PR people for all the major distros would be all over that article correcting it and demanding a retraction." He later said: "If you have any contact at Red Hat and Canonical, they might want to find some way of correcting this article [...] It makes it look like the previous Windows infections were Linux."

Nice FUD they got there.

"Hackers", in the mean time, are being demonised by Microsoft, which simply misuses the term [11]. The US government cannot seem to understand that relying on Windows in critical systems is a bad idea [12,13] because even fonts open a back door [14,15]. The problem is prevalent in proprietary software not just of Microsoft [16] and the solution may be to simply ban the use of proprietary software [17]. It is improperly reviewed.

Related/contextual items from the news:



  1. SSL Study Shows Most Sites Incorrectly Configured
    Black Hat research takes a deep look at SSL security and finds it lacking due to a number of common configuration issues.


  2. Ubuntu: 2014-1: OpenSSH vulnerability


  3. Gentoo: 201310-17 pmake: Insecure temporary file usage


  4. Gentoo: 201310-16 TPTEST: Arbitrary code execution


  5. Gentoo: 201310-18 GnuTLS: Multiple vulnerabilities
  6. Gentoo: 201310-19 X2Go Server: Arbitrary code execution


  7. Debian: 2786-1: icu: Multiple vulnerabilities


  8. Debian: 2787-1: roundcube: design error


  9. Is PHP Secure?


    In a classic watering hole attack, hackers compromised a well-known, respected high-traffic Website and planted malware in a bid to infect unsuspecting visitors. On Oct. 24, Google began to flag PHP.net as being a site hosting malware, i.e., potentially a watering hole.


  10. PHP.net Compromised. Served Malicious JS


  11. M$ Denigrates Hackers


  12. DHS hammering out cybersecurity planning


  13. Database hacking spree on US Army, NASA, and others costs gov’t millions
    Federal prosecutors have accused a UK man of hacking thousands of computer systems, many of them belonging to the US government, and stealing massive quantities of data that resulted in millions of dollars in damages to victims.


  14. Microsoft in a TIFF over Windows, Office bug that runs code hidden in pics


  15. Not Again! M$’s OS Executes Data In Images…
    It’s such a simple concept. Data should not be executed. Images are data. But, no, M$ does not get that and randomly executes code contained in some TIFF images. Out of the bowels of M$’s complexity comes yet another invitation to millions of bad guys to post TIFFs all over the web damaging the systems of millions of users.


  16. 38 million Adobe users hacked, not 3 million


    Adobe has revealed the massive hack it suffered a month ago was far bigger than initially reported, with attackers obtaining data on more than 38 million customer accounts.


  17. [Bruce Schneier:] Understanding the Threats in Cyberspace
    The primary difficulty of cyber security isn't technology -- it's policy.


Recent Techrights' Posts

New XBox Leaks Probably Serve to Confirm XBox's Collapse (Many More Layoffs)
It's very much consistent with what many other sites have reported lately
 
Noteworthy Claim That IBM is Firing a Lot of Lawyers This Week (RAs in the Legal Department)
A lot of what they do is patent 'trolling' or lawyering up against their own staff (e.g. HR disputes)
Links 10/10/2025: US Judge Bars Attacks by ICE On Journalists and Protesters; “We Took The Freedom of Speech Away” Says the President
Links for the day
Slopwatch: Serial Sloppers, Google News Gifting Slopfarms, and Fake News/Plagiarism About "Linux"
Google itself is a slop pusher these days
Qualcomm, the New Owner of Arduino, Blasted for Its Software Patents Tax on 'Smartphones'
A lot of Qualcomm's patents are on software. We wrote about this in prior years.
XBox Layoffs Rumours, Downtime, and Criticism From XBox Co-Founder
"everyone is ditching the xbox."
Links 10/10/2025: Honoring The Legacy Of Robert Murray-Smith, Many Articles on the Hey Hi (AI) Bubble
Links for the day
Gemini Links 09/10/2025: October Gothic and Reading Middle Earth Role Playing; C and Ada
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, October 09, 2025
IRC logs for Thursday, October 09, 2025
Links 09/10/2025: Farewell to Jane Goodall, California Bans Algorithmic Price-Fixing
Links for the day
Gemini Links 09/10/2025: Lost Wages and a Saga Of Continuing To Use Palm PDAs
Links for the day
Richard Stallman's Talk in Helsinki is Done. Tomorrow Göteborg.
There are scarce details in Finnish about Dr. Stallman's talk
The Slop Song
The train wreck marches on
LLM Slop/Advanced Plagiarism Flooding the Zone With Capital That Does Not Exist
Many publishers out there still participate in this bubble instead of calling it what it is
Links 09/10/2025: Sacked Microsoft Workers Make "Sackbird", IBM Taps CockroachDB for PostgreSQL
Links for the day
"Happy Hacking Day" Richard Stallman Talk This Afternoon (From 14:00 to 16:00) at Haaga-Helia University in Pasila
Richard Stallman in Helsinki, Finland
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, October 08, 2025
IRC logs for Wednesday, October 08, 2025
Links 09/10/2025: Impact of Microsoft Layoffs, More Data Breaches
Links for the day
Gemini Links 09/10/2025: Autumn Blues and C IRC Bot
Links for the day
Slopwatch Appreciated by Real Authors of GNU/Linux Articles
We do try to keep on top of those things
Upgraded R.R.R.R.R.R. Today
The Web of 2025 is full of garbage, not limited to slopfarms
Freedom From Proprietary Prisons
Forking always an option
IBM's Watson Died in 1956, Now Watson Dies Again
IBM is becoming just a reseller of GAFAM and other stuff
Slopwatch: LinuxSecurity, UbuntuPIT, and Google News
We've also just noticed more slop from UbuntuPIT
Microsoft Says That Constant Mass Layoffs Are Success, the Media Isn't Buying This Microsoft Narrative Anymore
If people in the media feel an obligation to repeat whatever lies Microsoft tells, what point will there be to the media?
Links 08/10/2025: "Mali Puts Free Speech on Trial" And Apple Enforces Dictatorship
Links for the day
Links 08/10/2025: ‘Death to Spotify’ and Law to Ban Loud Commercials on Streaming (Dis)Services
Links for the day
Links 08/10/2025: Real Innovation and Nina.chat is Dead
Links for the day
Links 08/10/2025: Y2K38 Bug is a Vulnerability, Chat Control in Europe a Threat
Links for the day
Microsoft Windows is No Longer an Operating System, It's Surveillance Project
Why is this even legal to preload on PCs outside the US?
How and Why Once-Legitimate Sites Turn Into Slopfarms
Many sites will go offline and many social control networks will shut down once they realise or even openly admit they spend money and time gardening a bunch of bots and slop
UbuntuPIT Became a Slopfarm and Gnoppix Tarnishes Its Own Brand With Slop
It fits all the characteristics of mildly-edited (if at all) slop
Slopwatch: Linux Journal and Other Slopfarms
GAFAM needs to go the way of the dodo
Gemini Links 08/10/2025: "Seek Seek Revolution" and Gradient Backgrounds
Links for the day
Qualcomm Arduino Takes Aim at Raspberry Pi
Qualcomm is a Microsoft partner
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, October 07, 2025
IRC logs for Tuesday, October 07, 2025
Stagnation of the Economy and What Free Software Can (or Could) Do For It
If your economic model is based on a pyramid of lies, it won't last very long
Social Control Media is Sinking
it would rightly seem like the era of centralised "social" sites (they're not social, they're about controlling the users) is ending, not overnight but gradually