Quotes from Kim Zetter

Attribution is an enduring problem when it comes to forensic investigations. Computer attacks can be launched from anywhere in the world and routed through multiple hijacked machines or proxy servers to hide evidence of their source. Unless a hacker is sloppy about hiding his tracks, it's often not possible to unmask the perpetrator through digital evidence alone.

As Mike McConnell, the former director of national intelligence, told a US Senate committee in 2011, "If the nation went to war today, in a cyberwar, we would lose. We're the most vulnerable. We're the most connected. We have the most to lose.

But withholding information about vulnerabilities in US systems so that they can be exploited in foreign ones creates a schism in the government that pits agencies that hoard and exploit zero days against those, like the Department of Homeland Security, that are supposed to help secure and protect US critical infrastructure and government systems.

The horrors and costs of war encourage countries to choose diplomacy over battle, but when cyberattacks eliminate many of these costs and consequences, and the perpetrators can remain anonymous, it becomes much more tempting to launch a digital attack than engage in rounds of diplomacy that might never procedure results

There was nothing like staring down the barrel of a suspected cyberweapon to clear the fog in your mind.

But he insisted his reasons for supplying to governments went deeper than money: "We mainly work with governments who are facing national security issues … we help them in protecting their democracies and protecting lives.… It's like any surveillance method. The government needs to know if something bad is being prepared and to know what people are doing, to protect national security. So

Under the new policy, any time the NSA discovers a major flaw in software, it must disclose the vulnerability to vendors and others so the flaw can be patched.

Civil War general Robert E. Lee said famously that it was a good thing war was so terrible, "otherwise we should grow too fond of it.

Germany, a Wassenaar member, already has a law that effectively prohibits the sale of exploits as well as the practice of giving them away for free, something that security researchers do regularly among themselves to test systems and improve security.

One such middleman is a South African security researcher based in Thailand who is known in the security community by his hacker handle "The Grugq." The Grugq brokers exploit sales between his hacker friends and government contacts, pocketing a 15 percent commission per transaction. He only launched his business in 2011, but by 2012 sales were so good, he told a reporter he expected to make $1 million in commissions.

Like conventional weapons, most digital weapons have two parts—the missile, or delivery system, responsible for spreading the malicious payload and installing it onto machines, and the payload itself, which performs the actual attack, such as stealing data or doing other things to infected machines. In this case, the payload was the malicious code that targeted the Siemens software and PLCs.

The nations, of course, that are most at risk of a destructive digital attack are the ones with the greatest connectivity. Marcus Ranum, one of the early innovators of the computer firewall, called Stuxnet 'a stone thrown by people who live in a glass house'.

After two months passed and they were still finding holes, the company canceled the testing and just shipped the kiosks out. O

Each time Stuxnet infected a system, it "phoned home" to one of two internet domains masquerading as soccer fan sites—mypremierfutbol.com and todaysfutbol.com. The domain names, registered by someone who used fake names and fraudulent credit cards, pointed to servers in Denmark and Malaysia

In amassing zero-day exploits for the government to use in attacks, instead of passing the information about holes to vendors to be fixed, the government has put critical-infrastructure owners and computer users in the United States at risk of attack from criminal hackers, corporate spies, and foreign intelligence agencies who no doubt will discover and use the same vulnerabilities for their own operations.

These incidents were all accidental, but in Poland in 2008 a fourteen-year-old boy in Lódz caused several trains to derail when he used the infrared port of a modified TV remote control to hijack the railway's signaling system and switch the tram tracks. Four trams derailed, and twelve people were injured.

You couldn't bomb a plant you didn't know about, but you could possibly cyberbomb it

The long-term consequences of dropping the atomic bomb were also as poorly understood in the 1940s as the consequences of unleashing digital weapons are today - not only with regard to the damages they would cause, but to the global arms race they would create.

iranwatch.?org/?library/?government/?iran/?iran-?irna-?khatami-?right-?all-?nations-?nuclear-?energy-?2-?9-?03

FALLIERE WAS TWENTY-EIGHT, with the dark, Gallic looks of someone who seemed like he'd be more at home DJing trance music in an underground Paris nightclub than poring over reams of printed computer code during a commute on the Métro. In reality, he was fairly shy and reserved, and sifting through dense computer code was in fact a much bigger draw to him than spending sweaty nights in a throbbing club.

Packers are digital tools that compress and mangle code to make it slightly harder for antivirus engines to spot the signatures inside and for forensic examiners to quickly determine what a code is doing.

Each time Stuxnet infected a system, it "phoned home" to one of two internet domains masquerading as soccer fan sites—mypremierfutbol.com and todaysfutbol.com. The domain names, registered by someone who used fake names and fraudulent credit cards, pointed to servers in Denmark and Malaysia that served as command-and-control stations for the attack.

But more important, he also spotted an encrypted block of code that turned out to be Stuxnet's mother lode—a large .DLL file (dynamic link library) that contained about three dozen other .DLLs and components inside, all wrapped together in layers of encryption like Russian nesting dolls.

Two of the underground buildings were each about the size of half a dozen football fields and were heavily reinforced with concrete walls about six to eight feet thick. The Iranians were obviously fortifying them against a possible air strike. The tunnel leading down to the buildings was also built in the shape of a U instead of a straight line—a common tactic to prevent missiles sent into the mouth of a tunnel from having direct aim at a target on the other end.