What’s The Difference between Stuxnet & Flame?



There have been two major reported cyber attacks on Iranian assets in the past couple of years, by viruses (or malware) called Stuxnet and Flames.

These have some similarities to each other, and some important differences.

For those who are interested in such topics, this is the line-up:

Similarities: both Stuxnet and Flame attacked thousands of computers, the overwhelming majority within Iran.

They were both distributed by removeable media and by local networks.

There is also apparently some common code used for modules within these two viruses, for example the module which exploits a weakness in a printing routine.

Differences: Stuxnet is an attack malware – which rendered thousand of computer controlled nuclear enrichment centrifuges useless. Flame, on the other hand, is designed to collect and relay intelligence data – it’s a massive spying device.

Flame did not solely target the nuclear facilities, but also thousand of computers in Iranian industry, including Government ministries and the vital oil and gas facilities.
.
Stuxnet targeted Seimens industrial controllers; Flame works on standard Windows PC operating systems.

As a starter, Flame copies keyboard entries, sifts through emails & text messages, records microphone sounds and interconnects with Bluetooth devices.

The data is then communicated to command & control servers, scattered around the world.

On a purely legal front, whereas Stuxnet could be considered a hostile & illegal attack under international cyberspace legislation, Flame doesn't seem to directly infringe international treaties such as The Council of Europe Convention on Cybercrime. 

According to most observers, both Stuxnet and Flame are the products of one or more Governments. Fingers have been stubbornly pointed at the USA and, ahem, Israel.

This conclusion has been justified by the complexity of the code, which is apparently well beyond solo geeks, or even whole industries.

My logic would point to the receiving end of the Flame data, collected by this enormous and unprecedented cyberspying mission.

Which geek, or industry, is going to have the resources to obtain useful, even critical, data from simultaneously spying on thousands of Iranian computers?

Whoever is behind this double attack – Stuxnet on the nuclear facilities, and Flame’s mega-espionage on Iranian infrastructure… Yeshar koachachem!!. 

Comments

Post a Comment

Popular posts from this blog

Marrying a Soloveitchik

Image
Mazaltov! My nephew, Gedaliah Kestenbaum married Devori Soloveitchik in Jerusalem last week. Gedaliah has married into rabbinical aristocracy .    Devori is the daughter of  Rabbi Yitzchak Zev Soloveitchik, and the grand-daughter of Rabbi  Meshulam Dovid (Reb Dovid) Soloveitchik , who is Rosh Yeshiva of Yeshivat Brisk (one of the two) in Jerusalem . The Soloveitchik's are a rabbinical dynasty descended from Rabbi  Yosef Dov (HaLevi) Soloveitchik (The "Beis Halevi") and his son Rabbi  Chaim Soloveitchik ("Reb Chaim Brisker"). Rav Chaim's sons Rabbi  Yitzchak Zev (Reb Velvel) Soloveitchik ("The GRIZ" The Brisker Rov) and Rabbi  Moshe Soloveitchik seem to have gone in different hashkafik directions. Whereas Reb Velvel's descendents are predominantly right wing hareidim, Rav Moshe's branch are leaders in the Modern Orthodox/National Religious hashkafa – most notably Rav Joseph Ber Soloveitchik ("The Rav")
Read more

Hoax Letter Sent to Synagogue

Image
            (Beis Tefillah Synagogue, Ramat Beit Shemesh) The following hoax letter has been sent to members of the Beis Tefillah Synagogue board of management, as if it was written by Rabbi CM [ed. name respectfully withheld] who serves as their rabbi: I think that as long as David Morris sets policy for L.A [ed. Lema'an Achai ], and is their public face,  I will not allow L.A. to use the Shul for fundraising purposes. This will change if: 1)David M apologizes publicly for stating,and insinuating again and again(in many forums,but especially in his childish Tzedek Tzedek blog) that , as a group ,  "Rabbis" (of RBSA ) are guilty of aiding and abetting and enabling child molesters.(And that of course that leaves LA to come to the rescue of our children.) OR IF  2)LA  publicly , clearly,and unambiguously disavows such statements .They must say--we clearly,and unambiguously ,disavow  statements or blogs which say or imply that  Rabbis  of RBSA (as a group ) aid or a
Read more