it's great but don't heed to much to the technical involvement. The US does not and never has used siemens step anything in the US except a few german auto manufacturers and suppliers. This is mossad
I second that. Brilliant analysis and investigative work there, Mr Ralph Langner! You also seem to have inspired another documentary (or two), from this, and from your original research.
This was a pleasure to watch, thank you Ralph for this thorough analysis, 10 years+ after the fact. It's even more interesting now, as time goes by, to understand the complexities of these issues, from the geo-political perspective all the way to the pure technological one. I truly hope you could make this type of video into a series, in which you explain the different malware threats that pop up and dissect them in this fashion. In this day and age ransomware seems to be quite prolific all over the world, that would make for another amazing video, going through what has been happening in the last decade or so...
Thanks for putting this together. All the other videos are just overviews but this gets deep into the working principles and demonstrates the type of clever thinking the creators of Stuxnet had. This is exactly what I was hoping to find.
Excellent. I've always loved your analysis and distillation of what occurred. I like how in Zero Days, you cheekishly knew what you could and couldn't talk about, alluding to it throughout your interview.
Thanks! One of the best write ups on the "weapon" I've ever seen or heard. I knew your group was one of the first to reverse engineer the "weapon" and analyze it. I'm very glad you made this as I did not know there were two campaigns.
Fantastic video. I'm reading a Cyber Security book that mentions Stuxnet and decided to see what videos or documentaries were available. Great work by the team at Langner.
I wish they used a lot of this info in the zero day documentary. They really needed to provide more info on te centrifuge process. As well as the decisions to do the various updates. I still don’t understand the problems or lack of implementation for manual shutdown. The illustration of the sound helped a lot.
I just wanted to say this was an outstanding explanation. I can't imagine the amount of brainpower and preparation that must have went into developing Stuxnet. Did the analysis team know much about Iran's nuclear enrichment program before trying to decipher what the binary did? I'm absolutely amazed that you guys were able to discern the specific system that the worm targeted with how little the world knew about Iran's program at the time.
@@OTbase Does that mean that spies were involved in the development of Stuxnet? How could they know everything if not more than the Iranian people who worked on it?
This was honestly a fantastic video for all sorts of viewers. Thanks to The Langner Group for putting this together. I learned a ton and can't praise it enough. I am very interested in how the state of cyber-physical attacks evolve over the ext decade or so and how the end-goals of these attacks change. For example, ransomware like EKANS, etc (I'm no expert here by any means)...will these sets of malware ultimately hold our critical infrastructure for hostage rather than blow things up or cause physical harm?Will cyber-physical attacks ramp up in damage slowly over time? Almost like pushing a glass further and further towards the end of a countertop... It may be just my paranoia but with the amount of funding certain nation states are allocating to cyber defense, it makes me wonder what may be going on in regards to the offensive side of things... Once again though, great video!
The documentary “Zero Days” by Alex Gibney does a great job of almost naming names and outlining its development. Very interesting watch I’d recommend.
"The stealthy cyber weapon had been turned into a prank." "After that little concert in the cascade hall..." lol These funny statements actually show the high quality of technical expertise in this video. Seriously, other videos breathlessly report, with mysterious background music, how amazing it was to control the speed. This is the first explanation I've seen that described the resulting sound and how obvious it would be to the Iranians.
lieber Herr Langner, besten Dank für Ihre Darstellung der möglichen Ereignisse, die allerdings einige fundamentale Fragen offen lässt. davon abgesehen, würde ich mich freuen, sie würden den Text gleich auf Deutsch vortragen und die hochproblematische Tonspur reinigen.
All someone has to do to turn all the stop lights green is infiltrate a Seimans Programable Logic Controller, its like an Arduino that is decades behind and I dont believe t has any cyber security.
Thanks for this exhaustive explanations... the best I saw yet... but... I have a small doubt--- since we do not know for sure what was the vector for the first 'infection'--- and the software was binaries for the Siemens PLCs... ?what software was submit to Virustotal???
@@OTbase They obviously haven’t heard the numerous other videos where the music is not tailored to the content as the subject changes, or how those videos have the music completely overpowering the narration. Your music is obviously tailored as the subject changes. Work most aren’t willing to do.
The noise would have been masked by the other running centrifuges. It only targeted a few cascades at a time (164 centrifuges each) and it was over 50 mins. So 164 centrifuges at a time in a room full of 5,000 to 8,000 running.
@@OTbase That is incorrect, the logic targets cascades which house 164 centrifuges each. Nowhere in the code does it target 984 centrifuges because they are controlled as a group and can not be individually targeted.
Mr Langner I had first seen you in the documentary, Zero Days. It seems like your interview was largely overshadowed by those of the NSA analyst and the gentlemen from Symantec. Zero Days was rather melodramatic and so much of the events and facts were smothered by rhetoric and profanity. But your detached, straightforward presentation made you memorable. So of course when i saw this presentation chronicling the events of those three or four years, i clicked. I haven't taken a physics course in years but i followed along as best i could. It was time well spent. You spoke with authority. Your presentation was thorough and clinical ( as much as it could be managed in a fifty minute seminar ). In the most general definition weren't both payloads zero day intrusions? Was it the second one that attacked the Siemens motor controller or the first? Thanks - William; Hampton, VA U.S.
The only zero day exploits that were used in this attack were in the dropper of the second version. The irony is that zero days are quite unsubstantial for the Stuxnet story -- something I tried to explain to Alex Gibney, but obviously without success.
Fantastic video, really appreciated the information on the additional systems they were forced to build to mitigate the failures they were already dealing with. I wonder how they (the attackers) knew enough about those systems to target them, I understand they intercepted the Libyan shipment to understand the centrifuges, but not their over pressure systems.
You are correct, the attackers could not have known the details of the cascace protection system from the Libyan installation. They must have had an insider at Natanz or one of the contractors.
What here and on many other occasions is real problem are the standards. M$ Window$ and standard industry PLC. For this kind of highly critical purpose development of custom systems pays off (and that is an understatement).
If Stuxnet can be used to target the dedicated centrifuges used by Iran, then it's just a matter of time that a worm/virus is developed to attack a specific component in any/all electric vehicles.
While it's true there are vendors who gain on exaggerated concerns about industrial cyber warfare, it's also true that funded actors are still launching campaigns designed to prey on weaker links to conduct reconnaissance and potentially pivot into more valuable assets. We are aware of phishing campaigns preying on smaller energy providers exhibiting TTPs not unlike Ukraine, with many of these providers connected to grid providers who control larger 'backbones' of regional grid connectivity. In other words... past performance is no indication of future activity when it comes to cyber warfare, let alone the financial disruption already seen in stories like Go Daddy, Marriott, Sony, Home Depot, Garmin, etc.
I'm aware of this situation and have commented it extensively -- see www.cirsd.org/en/horizons/horizons-autumn-2016--issue-no-8/cyber-power-an-emerging-factor-in-national-and-international-security. That doesn't change the fact that we didn't see successful & substantial cyber-physical attacks in the ten years after Stuxnet.
@@OTbase the way you explained it I thought it might have been a vulnerability in the supply chain to the Iranians. After all, i thought that you had indicated that in the beginning at least they were exposed to some industrial espionage.
Intensely interesting subject presented so that a layman can understand. Thank you. But perhaps there is something I missed. If the centrifuges are spinning at such a high RPM, above the human hearing, then how is such a low frequency produced that can be heard? As an additional comment the Iranian technicians may have become tone deaf after being bombarded with those frequencies for a long time.
No and no. The video simulates the actual acoustic representation of IR-1 centrifuges in normal operation (taken from video footage), and the frequency range that they were taken through in the rotor speed attack. What you hear is what Iranian operators would have heard. Case in point: If you spend prolonged time in the cascade hall, you will become used to the sound of normal operation and phase it out of perception. BUT you will notice any deviations EVEN STRONGER.
Question - did stuxnet accelerate and decelerate all centrifuges in a cascade at once? If it was more selective (a few here, a few there), wouldn't the sound difference have been masked by other centrifuges operating at normal rpm?
Just imagine what these great minds could do with their knowledge if they weren't engaged by their nations to build weapons designed to destroy civilized, innocent people and their children, society and traditions..
Great piece! Thank you. It's unfortunate, though, the optimistic closing comments simply don't represent the very real, pretty much unavoidable, potential for significant destruction at some point in the near future. Humans do not have the greatest track record for avoiding self-inflicted disasters. While the tech will undoubtedly advance, humans won't. There will always be a percentage of the population that will only be happy when everyone else isn't, and they are immortalized forever in their version of a heaven.
What I find weird is that the two domains that were used for updates, SUPPOSEDLY could not be determined to whom they belonged. Like. Every domain in existence is strictly documented. Unless ICANN _itself_ was compromised, it should be dead simple to find who had those two domains.
Wonderful and elucidating video. Thanks for sharing. The click on the like button came after the mention that weirdos are known today as activists (LOL). Nice touch.
Great video! One question that remains : within all the connection between machines that the 4.0 revolution has been bringing to us, will these cyber attacks be more frequent?
So far we have no reason to assume that they will be more frequent. But we must recognize that they can be more severe. More connectivity means more complexity means higher risk that a lot of things go wrong at the same time.
Operators in a control room can be very different from the scientists. Sure they could hear the change in sound, probably would report it, but if it's still turning, who would care. Things are milling alright. Also, operators usually lack the power to make things happen. Reporting is on them, action is on others. That's what I wanted to say on operators being deaf. They're usually not in a position to change the sound.
Wrong. Iran had maintenance engineers constantly roaming around in the cascade hall as centrifuges were breaking all the time. These maintenance engineers (and the operators as well) detect deviances from normal ops right away. Scientests may not.
Got any theories for how or why Stuxnet found its way into Virus Total in 2007? Seems odd that the developers with a limitless budget would have used a public tool like that to check for detections and seems weird that they were able to carry on with the operation without Iran catching on for two years if one of its victims thought something was fishy enough to check it out on Virus Total
@@jascam1 I'm asking how it ended up on Virus Total, not how it got into the lab. Virus Total is basically a giant repository of malware samples scrutinized by the entire netsec industry. Seems unlikely that someone involved in a classified operation would upload it themselves. I'm just curious who did it, was it a mistake made by someone involved in the development or did one of their targets have some passing suspicion about a file on their computer and uploaded it to scan against every AV before moving on? The first sample was uploaded a couple years before the Iranians found out what was going on
I can't believe that i found the guy who figured all of this out... There is one big question remaining though. Why is a German company helping the Iran gaining material to potentialy build nuclear weapons?
Well I think that one is easy: Because it pays well. The deeper question that puzzled me is: Why didn't CIA & Mossad pull the plug when they probably could have?
Not sure why but the historical timeline of STUXNET is absolutely not what is being said. I received an unclassified debriefing in Stuxnet before retirement and I retired in January 1999. So why Wikipedia and other sources are now saying it was in the 2000’s makes me wonder WTF is going in.
At 24:40....l experienced ; Unease , dissociation ...and value 6...inconfidance.... The occilations are being disturbed @ 12 %... throughout this video. ( Occilations producing musical note 440- middle C...are now producing b-flat... undoubtedly protocol has been tampered with'''''''')
First the target was Irans nuclear facilities, the next target is every man with a phone. We already run such worms and tracking mechanisms on our phone ready to activate the payload when we become an object of interest. A dystopian state with mass surveillance is already a reality. Stuxnet just raised the confidence of these agencies.
China is very proactively using its cyber offensive capability against many country. Please mke a video on that based on your view and reserach. Anyways it was a very informative video.
People are assuming it was USA and Israel but I’m sure that the Saudis also helped in this project, probably in a financial way. It’s not only USA and Israel that are Irans enemies.
One of the best documentaries I've seen. I hope this gets way more views because you deserve it, Mr. Langner
Thankyou.
it's great but don't heed to much to the technical involvement. The US does not and never has used siemens step anything in the US except a few german auto manufacturers and suppliers. This is mossad
I second that. Brilliant analysis and investigative work there, Mr Ralph Langner!
You also seem to have inspired another documentary (or two), from this, and from your original research.
I have long been intrigued and interested in this topic, can’t have a better source explaining the story than mr langner himself. Thank you!
with some value judgments added.
This video report was very elaborate, to the point and informative.
Top-notch quality.
Thanks to the everyone involved in this video report
This was a pleasure to watch, thank you Ralph for this thorough analysis, 10 years+ after the fact. It's even more interesting now, as time goes by, to understand the complexities of these issues, from the geo-political perspective all the way to the pure technological one.
I truly hope you could make this type of video into a series, in which you explain the different malware threats that pop up and dissect them in this fashion.
In this day and age ransomware seems to be quite prolific all over the world, that would make for another amazing video, going through what has been happening in the last decade or so...
Excellent, You covered the topic very well. Everything was presented clearly, in every detail. Just what I was looking for
Thank you!
@@OTbase Did every single one of those centrifuges contain a PLC? Do we have any pictures of damaged units?
No, and no. You can find details on the automation system, including number of PLCs, in "To kill a centrifuge" (just google it).
@@OTbase I'm gonna have a read, then. Thank You, have a good day
Dangerous world. Once more.
Being a vulnerable researcher myself this I can say was the most complete description of the events.. what a great documentary 👏 👌 👍 🙌 ❤
Thanks Langner for explaining it so well, the details of the 2 stage attack campaign were so perfect.
Thanks for putting this together. All the other videos are just overviews but this gets deep into the working principles and demonstrates the type of clever thinking the creators of Stuxnet had. This is exactly what I was hoping to find.
Excellent. I've always loved your analysis and distillation of what occurred. I like how in Zero Days, you cheekishly knew what you could and couldn't talk about, alluding to it throughout your interview.
This was the best documentary I've seen on UA-cam ever. Thank you so much Sir
Such great breakdown, thorough explanations and I loved the chronicling of the events dating back 1975.
Thanks! One of the best write ups on the "weapon" I've ever seen or heard. I knew your group was one of the first to reverse engineer the "weapon" and analyze it. I'm very glad you made this as I did not know there were two campaigns.
Fantastic video. I'm reading a Cyber Security book that mentions Stuxnet and decided to see what videos or documentaries were available. Great work by the team at Langner.
This video is a gold standard template for how to properly present a subject.
Messerscharfe Analyse, hochinteressant und wirklich hervorragend dargestellt. Danke!
Very informative, thx. I also enjoyed the swipe at the public press in the end. And of course the (almost) happy ending.
Very well done. I've heard of stuxnet and watched vids about it but never seen such an in-depth analysis of what was actually going on before.
This documentary is excellent, brilliant. Good work.
Ausgezeichnetes Video. Danke schön.
This must be one of the more beautifully scripted topic on cyber warfare. Very clear representation
Just got this recommended by UA-cam, two years late… great vid! Subbed as well!
Great video..very in-depth without bogging the viewer down
I wish they used a lot of this info in the zero day documentary. They really needed to provide more info on te centrifuge process. As well as the decisions to do the various updates. I still don’t understand the problems or lack of implementation for manual shutdown. The illustration of the sound helped a lot.
I want to start learning about technical side of cyber security. Where does one start as a beginner? Great video!
Very well done analysis of Stuxnet. Thank you for your very clear explaining.
That was more enlightening than I was expecting. Great video.
Got totally hooked on this subject that I've seen several times before.
Absolutely amazing documentary
I just wanted to say this was an outstanding explanation. I can't imagine the amount of brainpower and preparation that must have went into developing Stuxnet. Did the analysis team know much about Iran's nuclear enrichment program before trying to decipher what the binary did? I'm absolutely amazed that you guys were able to discern the specific system that the worm targeted with how little the world knew about Iran's program at the time.
The developers of Stuxnet knew EVERYTHING about the internal systems at Natanz. They may have known it better than the Iranian operators.
@@OTbase Does that mean that spies were involved in the development of Stuxnet? How could they know everything if not more than the Iranian people who worked on it?
@@v19torrent4 it does
Great video. Very interesting subject presented very clearly, thank you !
Fantastic and resourceful video. Well done
How wonderful to hear a voice of reason about cyber security! Thank you.
excellent video! the level on details is just fantastic. very informative. thanks.
You're very welcome!
This was honestly a fantastic video for all sorts of viewers. Thanks to The Langner Group for putting this together. I learned a ton and can't praise it enough. I am very interested in how the state of cyber-physical attacks evolve over the ext decade or so and how the end-goals of these attacks change. For example, ransomware like EKANS, etc (I'm no expert here by any means)...will these sets of malware ultimately hold our critical infrastructure for hostage rather than blow things up or cause physical harm?Will cyber-physical attacks ramp up in damage slowly over time? Almost like pushing a glass further and further towards the end of a countertop... It may be just my paranoia but with the amount of funding certain nation states are allocating to cyber defense, it makes me wonder what may be going on in regards to the offensive side of things... Once again though, great video!
Thanks!
Thank you for the documentary! I'm studying cyber security and this video was really worthy and interesting to watch
Super interesting issue. German engineering quality analysis. Most appreciated. Thank you!
The documentary “Zero Days” by Alex Gibney does a great job of almost naming names and outlining its development. Very interesting watch I’d recommend.
"The stealthy cyber weapon had been turned into a prank."
"After that little concert in the cascade hall..."
lol These funny statements actually show the high quality of technical expertise in this video. Seriously, other videos breathlessly report, with mysterious background music, how amazing it was to control the speed. This is the first explanation I've seen that described the resulting sound and how obvious it would be to the Iranians.
Excellent work gentlemen. Thank you.
That is just soothing to watch. Thank you for this great video! :)
i love top level explanation like this, thx a lot
Great work and video... thanks for bring it to public.
lieber Herr Langner, besten Dank für Ihre Darstellung der möglichen Ereignisse, die allerdings einige fundamentale Fragen offen lässt. davon abgesehen, würde ich mich freuen, sie würden den Text gleich auf Deutsch vortragen und die hochproblematische Tonspur reinigen.
All someone has to do to turn all the stop lights green is infiltrate a Seimans Programable Logic Controller, its like an Arduino that is decades behind and I dont believe t has any cyber security.
Thanks for this exhaustive explanations... the best I saw yet...
but... I have a small doubt--- since we do not know for sure what was the vector for the first 'infection'---
and the software was binaries for the Siemens PLCs... ?what software was submit to Virustotal???
Perfect narration and use of background music.
Damn! Finally we have someone who appreciates the music which has caused others so much grief! 🙂
@@OTbase They obviously haven’t heard the numerous other videos where the music is not tailored to the content as the subject changes, or how those videos have the music completely overpowering the narration. Your music is obviously tailored as the subject changes. Work most aren’t willing to do.
Outstanding presentation.
Very well detailed ! Thanks a lot :)
The noise would have been masked by the other running centrifuges. It only targeted a few cascades at a time (164 centrifuges each) and it was over 50 mins. So 164 centrifuges at a time in a room full of 5,000 to 8,000 running.
Wrong. The attack code did not target a few centrifuges at a time. It targets 984 centrifuges at a time. Look at the code.
@@OTbase That is incorrect, the logic targets cascades which house 164 centrifuges each. Nowhere in the code does it target 984 centrifuges because they are controlled as a group and can not be individually targeted.
Some of the most sophisticated and effective sabotage ever committed. Insane.
God thank you, this video was so much better than the vice video on stuxnet
Great vid.enjoyed it.
this guy is the paul harrell of cybersecurity and i love it
cringe.
amazing and well put together
excellent video very well produced and explained
Mr Langner I had first seen you in the documentary, Zero Days. It seems like your interview was largely overshadowed by those of the NSA analyst and the gentlemen from Symantec. Zero Days was rather melodramatic and so much of the events and facts were smothered by rhetoric and profanity. But your detached, straightforward presentation made you memorable. So of course when i saw this presentation chronicling the events of those three or four years, i clicked. I haven't taken a physics course in years but i followed along as best i could. It was time well spent. You spoke with authority. Your presentation was thorough and clinical ( as much as it could be managed in a fifty minute seminar ). In the most general definition weren't both payloads zero day intrusions? Was it the second one that attacked the Siemens motor controller or the first? Thanks -
William; Hampton, VA U.S.
The only zero day exploits that were used in this attack were in the dropper of the second version. The irony is that zero days are quite unsubstantial for the Stuxnet story -- something I tried to explain to Alex Gibney, but obviously without success.
@@OTbase okay that answers my question. This is all so fascinating. Thank you for the effort that you put into this
Excellent report. thanks!
That's what I was looking for. Thank you very much!
Awesome video!
Very good, and a good note to end on!
Fantastic video, really appreciated the information on the additional systems they were forced to build to mitigate the failures they were already dealing with. I wonder how they (the attackers) knew enough about those systems to target them, I understand they intercepted the Libyan shipment to understand the centrifuges, but not their over pressure systems.
You are correct, the attackers could not have known the details of the cascace protection system from the Libyan installation. They must have had an insider at Natanz or one of the contractors.
What here and on many other occasions is real problem are the standards. M$ Window$ and standard industry PLC. For this kind of highly critical purpose development of custom systems pays off (and that is an understatement).
If Stuxnet can be used to target the dedicated centrifuges used by Iran, then it's just a matter of time that a worm/virus is developed to attack a specific component in any/all electric vehicles.
It's difficult to take this guy seriously without him wearing a black hoodie and a Guy Fawke mask.
lol
While it's true there are vendors who gain on exaggerated concerns about industrial cyber warfare, it's also true that funded actors are still launching campaigns designed to prey on weaker links to conduct reconnaissance and potentially pivot into more valuable assets. We are aware of phishing campaigns preying on smaller energy providers exhibiting TTPs not unlike Ukraine, with many of these providers connected to grid providers who control larger 'backbones' of regional grid connectivity. In other words... past performance is no indication of future activity when it comes to cyber warfare, let alone the financial disruption already seen in stories like Go Daddy, Marriott, Sony, Home Depot, Garmin, etc.
I'm aware of this situation and have commented it extensively -- see www.cirsd.org/en/horizons/horizons-autumn-2016--issue-no-8/cyber-power-an-emerging-factor-in-national-and-international-security. That doesn't change the fact that we didn't see successful & substantial cyber-physical attacks in the ten years after Stuxnet.
We haven't seen a big earthquake hit northern California in a while... are we safe, or are we due?
I haven't said that we are safe. I said that we have the means to stay safe.
Interesting. How did the developer know how the systems work in such detail ?
That's the right question to ask. They must have had an insider.
@@OTbase the way you explained it I thought it might have been a vulnerability in the supply chain to the Iranians. After all, i thought that you had indicated that in the beginning at least they were exposed to some industrial espionage.
@@William_sJazzLoft Sure the infiltration came through the supply chain. That's how you jump an air gap.
@@OTbase and it can be certain that the intelligence organizations involved knew that Siemens PLCs were being used.
@@William_sJazzLoft They had full insider knowledge of the automation details
Intensely interesting subject presented so that a layman can understand. Thank you. But perhaps there is something I missed. If the centrifuges are spinning at such a high RPM, above the human hearing, then how is such a low frequency produced that can be heard? As an additional comment the Iranian technicians may have become tone deaf after being bombarded with those frequencies for a long time.
No and no. The video simulates the actual acoustic representation of IR-1 centrifuges in normal operation (taken from video footage), and the frequency range that they were taken through in the rotor speed attack. What you hear is what Iranian operators would have heard. Case in point: If you spend prolonged time in the cascade hall, you will become used to the sound of normal operation and phase it out of perception. BUT you will notice any deviations EVEN STRONGER.
@@OTbase Thank you for clarifying this and so much more.
Question - did stuxnet accelerate and decelerate all centrifuges in a cascade at once? If it was more selective (a few here, a few there), wouldn't the sound difference have been masked by other centrifuges operating at normal rpm?
All centrifuges in six cascades at once. Impossible to miss.
Thanks for sharing. 😉👌🏻
This guy is a G
Thank you this was really helpful for me to understand the situation
I am glad i stumbled on this
Just imagine what these great minds could do with their knowledge if they weren't engaged by their nations to build weapons designed to destroy civilized, innocent people and their children, society and traditions..
Excellent content
Great video
Can I say the blurry intro was fucking with my head I started looking around and blinking a shit ton just to make sure lol
Great video. Some story.
Great piece! Thank you. It's unfortunate, though, the optimistic closing comments simply don't represent the very real, pretty much unavoidable, potential for significant destruction at some point in the near future. Humans do not have the greatest track record for avoiding self-inflicted disasters. While the tech will undoubtedly advance, humans won't. There will always be a percentage of the population that will only be happy when everyone else isn't, and they are immortalized forever in their version of a heaven.
I miss Stuxnet, it was always faster than DLS or Cable.
What I find weird is that the two domains that were used for updates, SUPPOSEDLY could not be determined to whom they belonged. Like. Every domain in existence is strictly documented. Unless ICANN _itself_ was compromised, it should be dead simple to find who had those two domains.
Born Slippy: Stuxx
Great work
Wonderful and elucidating video. Thanks for sharing. The click on the like button came after the mention that weirdos are known today as activists (LOL). Nice touch.
Great video! One question that remains : within all the connection between machines that the 4.0 revolution has been bringing to us, will these cyber attacks be more frequent?
So far we have no reason to assume that they will be more frequent. But we must recognize that they can be more severe. More connectivity means more complexity means higher risk that a lot of things go wrong at the same time.
@@OTbase this hasn’t aged well. Definitely more frequent.
Excelente thanks
Operators in a control room can be very different from the scientists. Sure they could hear the change in sound, probably would report it, but if it's still turning, who would care. Things are milling alright. Also, operators usually lack the power to make things happen. Reporting is on them, action is on others. That's what I wanted to say on operators being deaf. They're usually not in a position to change the sound.
Wrong. Iran had maintenance engineers constantly roaming around in the cascade hall as centrifuges were breaking all the time. These maintenance engineers (and the operators as well) detect deviances from normal ops right away. Scientests may not.
sixty three thousand!!?! what kind of a bearing can withstand that load for months if not years?
Modern centrifuges operate at much higher speeds
Got any theories for how or why Stuxnet found its way into Virus Total in 2007? Seems odd that the developers with a limitless budget would have used a public tool like that to check for detections and seems weird that they were able to carry on with the operation without Iran catching on for two years if one of its victims thought something was fishy enough to check it out on Virus Total
Israel likely had a mole in Iran to plant the virus. The Mosad are masters at infiltration that is how they won the seven day war, by HUMIT.
@@jascam1 I'm asking how it ended up on Virus Total, not how it got into the lab. Virus Total is basically a giant repository of malware samples scrutinized by the entire netsec industry. Seems unlikely that someone involved in a classified operation would upload it themselves. I'm just curious who did it, was it a mistake made by someone involved in the development or did one of their targets have some passing suspicion about a file on their computer and uploaded it to scan against every AV before moving on? The first sample was uploaded a couple years before the Iranians found out what was going on
It's explained in the Zero Days documentary. A later version of Stuxnet started shutting down PCs, which is how it was discovered initially.
@@cruelolol that doesn't explain how it ended up on virus total a year before its discovery though, that's what I'm curious about
Good stuff.
this guy doesnt blink
All thanks to the Red White and Blue, thanks to Erik van Sabben!
I can't believe that i found the guy who figured all of this out...
There is one big question remaining though. Why is a German company helping the Iran gaining material to potentialy build nuclear weapons?
Well I think that one is easy: Because it pays well. The deeper question that puzzled me is: Why didn't CIA & Mossad pull the plug when they probably could have?
@@OTbase great question well never know the answer to unfortunately
ralph du bist der geilste ober eber, bitte mach weiter dein ding
Not sure why but the historical timeline of STUXNET is absolutely not what is being said. I received an unclassified debriefing in Stuxnet before retirement and I retired in January 1999.
So why Wikipedia and other sources are now saying it was in the 2000’s makes me wonder WTF is going in.
Well you just draw your own conclusions
At 24:40....l experienced ; Unease , dissociation ...and value 6...inconfidance....
The occilations are being disturbed @ 12 %... throughout this video.
( Occilations producing musical note 440- middle C...are now producing b-flat... undoubtedly protocol has been tampered with'''''''')
Still StuXnet is is active but with new signature and new tasks
First the target was Irans nuclear facilities, the next target is every man with a phone. We already run such worms and tracking mechanisms on our phone ready to activate the payload when we become an object of interest. A dystopian state with mass surveillance is already a reality. Stuxnet just raised the confidence of these agencies.
Libya “forced “ to give its program…not quite. That chapter could a documentary by itself
Who would have thought, that the next true “Cyber Weapon”, was soon to come, from the Automotive industry?
China is very proactively using its cyber offensive capability against many country.
Please mke a video on that based on your view and reserach.
Anyways it was a very informative video.
People are assuming it was USA and Israel but I’m sure that the Saudis also helped in this project, probably in a financial way. It’s not only USA and Israel that are Irans enemies.