One of the best documentaries I've seen. I hope this gets way more views because you deserve it, Mr. Langner
@aliabbaswadia3974 Жыл бұрын
Thankyou.
@robbienorton9522 Жыл бұрын
it's great but don't heed to much to the technical involvement. The US does not and never has used siemens step anything in the US except a few german auto manufacturers and suppliers. This is mossad
@mrhassell29 күн бұрын
I second that. Brilliant analysis and investigative work there, Mr Ralph Langner! You also seem to have inspired another documentary (or two), from this, and from your original research.
@marekant77764 жыл бұрын
Excellent, You covered the topic very well. Everything was presented clearly, in every detail. Just what I was looking for
@OTbase4 жыл бұрын
Thank you!
@marekant77764 жыл бұрын
@@OTbase Did every single one of those centrifuges contain a PLC? Do we have any pictures of damaged units?
@OTbase4 жыл бұрын
No, and no. You can find details on the automation system, including number of PLCs, in "To kill a centrifuge" (just google it).
@marekant77764 жыл бұрын
@@OTbase I'm gonna have a read, then. Thank You, have a good day
@gibonsamuel236517 күн бұрын
Dangerous world. Once more.
@sdadasdadsada29933 жыл бұрын
I have long been intrigued and interested in this topic, can’t have a better source explaining the story than mr langner himself. Thank you!
@BTsMusicChannel3 жыл бұрын
with some value judgments added.
@Meru7323 жыл бұрын
This video report was very elaborate, to the point and informative. Top-notch quality. Thanks to the everyone involved in this video report
@Kaio73 жыл бұрын
This was a pleasure to watch, thank you Ralph for this thorough analysis, 10 years+ after the fact. It's even more interesting now, as time goes by, to understand the complexities of these issues, from the geo-political perspective all the way to the pure technological one. I truly hope you could make this type of video into a series, in which you explain the different malware threats that pop up and dissect them in this fashion. In this day and age ransomware seems to be quite prolific all over the world, that would make for another amazing video, going through what has been happening in the last decade or so...
@fredrickae3 жыл бұрын
Thanks Langner for explaining it so well, the details of the 2 stage attack campaign were so perfect.
@nycrsny3406 Жыл бұрын
Such great breakdown, thorough explanations and I loved the chronicling of the events dating back 1975.
@SolarWarden882 жыл бұрын
Excellent. I've always loved your analysis and distillation of what occurred. I like how in Zero Days, you cheekishly knew what you could and couldn't talk about, alluding to it throughout your interview.
@elimgarak35973 жыл бұрын
This documentary is excellent, brilliant. Good work.
@jamesf60392 жыл бұрын
This was the best documentary I've seen on KZbin ever. Thank you so much Sir
@superola013 жыл бұрын
Very informative, thx. I also enjoyed the swipe at the public press in the end. And of course the (almost) happy ending.
@gregs64037 ай бұрын
Thanks for putting this together. All the other videos are just overviews but this gets deep into the working principles and demonstrates the type of clever thinking the creators of Stuxnet had. This is exactly what I was hoping to find.
@28russ3 жыл бұрын
Very well done. I've heard of stuxnet and watched vids about it but never seen such an in-depth analysis of what was actually going on before.
@zappaNRW3 жыл бұрын
Messerscharfe Analyse, hochinteressant und wirklich hervorragend dargestellt. Danke!
@attacksec3 жыл бұрын
Being a vulnerable researcher myself this I can say was the most complete description of the events.. what a great documentary 👏 👌 👍 🙌 ❤
@NordicAxe Жыл бұрын
Ausgezeichnetes Video. Danke schön.
@johnmoore859911 ай бұрын
Thanks! One of the best write ups on the "weapon" I've ever seen or heard. I knew your group was one of the first to reverse engineer the "weapon" and analyze it. I'm very glad you made this as I did not know there were two campaigns.
@TUTOUNITYFR4 жыл бұрын
Great video. Very interesting subject presented very clearly, thank you !
@bertmeza86732 жыл бұрын
Great video..very in-depth without bogging the viewer down
@datag11992 жыл бұрын
Fantastic video. I'm reading a Cyber Security book that mentions Stuxnet and decided to see what videos or documentaries were available. Great work by the team at Langner.
@danielchristopher98092 жыл бұрын
Very well done analysis of Stuxnet. Thank you for your very clear explaining.
@nikolasdahl56204 жыл бұрын
excellent video! the level on details is just fantastic. very informative. thanks.
@OTbase4 жыл бұрын
You're very welcome!
@Ashtree813 жыл бұрын
This video is a gold standard template for how to properly present a subject.
@tomhekker Жыл бұрын
Just got this recommended by KZbin, two years late… great vid! Subbed as well!
@rafael.adornaАй бұрын
Got totally hooked on this subject that I've seen several times before. Absolutely amazing documentary
@josephbf-le1wo4 жыл бұрын
This was honestly a fantastic video for all sorts of viewers. Thanks to The Langner Group for putting this together. I learned a ton and can't praise it enough. I am very interested in how the state of cyber-physical attacks evolve over the ext decade or so and how the end-goals of these attacks change. For example, ransomware like EKANS, etc (I'm no expert here by any means)...will these sets of malware ultimately hold our critical infrastructure for hostage rather than blow things up or cause physical harm?Will cyber-physical attacks ramp up in damage slowly over time? Almost like pushing a glass further and further towards the end of a countertop... It may be just my paranoia but with the amount of funding certain nation states are allocating to cyber defense, it makes me wonder what may be going on in regards to the offensive side of things... Once again though, great video!
@OTbase4 жыл бұрын
Thanks!
@Arthur-dl1jj Жыл бұрын
That was more enlightening than I was expecting. Great video.
@flyguy29192 жыл бұрын
Excellent work gentlemen. Thank you.
@adytech57888 ай бұрын
i love top level explanation like this, thx a lot
@ashoknr40792 жыл бұрын
This must be one of the more beautifully scripted topic on cyber warfare. Very clear representation
@WJWeber3 жыл бұрын
I wish they used a lot of this info in the zero day documentary. They really needed to provide more info on te centrifuge process. As well as the decisions to do the various updates. I still don’t understand the problems or lack of implementation for manual shutdown. The illustration of the sound helped a lot.
@VerdadTrasLaVerdad6 ай бұрын
Thank you for the documentary! I'm studying cyber security and this video was really worthy and interesting to watch
@nadjacp3 жыл бұрын
Great work and video... thanks for bring it to public.
@guayoski17 күн бұрын
Fantastic and resourceful video. Well done
@asingh69473 жыл бұрын
I want to start learning about technical side of cyber security. Where does one start as a beginner? Great video!
@johnstrumm26902 жыл бұрын
I just wanted to say this was an outstanding explanation. I can't imagine the amount of brainpower and preparation that must have went into developing Stuxnet. Did the analysis team know much about Iran's nuclear enrichment program before trying to decipher what the binary did? I'm absolutely amazed that you guys were able to discern the specific system that the worm targeted with how little the world knew about Iran's program at the time.
@OTbase2 жыл бұрын
The developers of Stuxnet knew EVERYTHING about the internal systems at Natanz. They may have known it better than the Iranian operators.
@v19torrent4 Жыл бұрын
@@OTbase Does that mean that spies were involved in the development of Stuxnet? How could they know everything if not more than the Iranian people who worked on it?
@OTbase Жыл бұрын
@@v19torrent4 it does
@spaul_3 жыл бұрын
Very well detailed ! Thanks a lot :)
@ulrichulrich58105 ай бұрын
lieber Herr Langner, besten Dank für Ihre Darstellung der möglichen Ereignisse, die allerdings einige fundamentale Fragen offen lässt. davon abgesehen, würde ich mich freuen, sie würden den Text gleich auf Deutsch vortragen und die hochproblematische Tonspur reinigen.
@IgneousRain1773 ай бұрын
God thank you, this video was so much better than the vice video on stuxnet
@andrewschuschu34992 жыл бұрын
The documentary “Zero Days” by Alex Gibney does a great job of almost naming names and outlining its development. Very interesting watch I’d recommend.
@nicksundby2 жыл бұрын
Outstanding presentation.
@IBITZEE2 жыл бұрын
Thanks for this exhaustive explanations... the best I saw yet... but... I have a small doubt--- since we do not know for sure what was the vector for the first 'infection'--- and the software was binaries for the Siemens PLCs... ?what software was submit to Virustotal???
@JulienBaut2 жыл бұрын
That's what I was looking for. Thank you very much!
@richardgoebel226Ай бұрын
Intensely interesting subject presented so that a layman can understand. Thank you. But perhaps there is something I missed. If the centrifuges are spinning at such a high RPM, above the human hearing, then how is such a low frequency produced that can be heard? As an additional comment the Iranian technicians may have become tone deaf after being bombarded with those frequencies for a long time.
@OTbaseАй бұрын
No and no. The video simulates the actual acoustic representation of IR-1 centrifuges in normal operation (taken from video footage), and the frequency range that they were taken through in the rotor speed attack. What you hear is what Iranian operators would have heard. Case in point: If you spend prolonged time in the cascade hall, you will become used to the sound of normal operation and phase it out of perception. BUT you will notice any deviations EVEN STRONGER.
@richardgoebel226Ай бұрын
@@OTbase Thank you for clarifying this and so much more.
@uTestTarget5 ай бұрын
"The stealthy cyber weapon had been turned into a prank." "After that little concert in the cascade hall..." lol These funny statements actually show the high quality of technical expertise in this video. Seriously, other videos breathlessly report, with mysterious background music, how amazing it was to control the speed. This is the first explanation I've seen that described the resulting sound and how obvious it would be to the Iranians.
@tobalaba3 жыл бұрын
Excellent report. thanks!
@dunneyd10 күн бұрын
Great vid.enjoyed it.
@Disconnected.Reality3 жыл бұрын
amazing and well put together
@fernandocardoso71022 жыл бұрын
excellent video very well produced and explained
@William_sJazzLoft3 жыл бұрын
Mr Langner I had first seen you in the documentary, Zero Days. It seems like your interview was largely overshadowed by those of the NSA analyst and the gentlemen from Symantec. Zero Days was rather melodramatic and so much of the events and facts were smothered by rhetoric and profanity. But your detached, straightforward presentation made you memorable. So of course when i saw this presentation chronicling the events of those three or four years, i clicked. I haven't taken a physics course in years but i followed along as best i could. It was time well spent. You spoke with authority. Your presentation was thorough and clinical ( as much as it could be managed in a fifty minute seminar ). In the most general definition weren't both payloads zero day intrusions? Was it the second one that attacked the Siemens motor controller or the first? Thanks - William; Hampton, VA U.S.
@OTbase3 жыл бұрын
The only zero day exploits that were used in this attack were in the dropper of the second version. The irony is that zero days are quite unsubstantial for the Stuxnet story -- something I tried to explain to Alex Gibney, but obviously without success.
@William_sJazzLoft3 жыл бұрын
@@OTbase okay that answers my question. This is all so fascinating. Thank you for the effort that you put into this
@EQ_EnchantX5 ай бұрын
The noise would have been masked by the other running centrifuges. It only targeted a few cascades at a time (164 centrifuges each) and it was over 50 mins. So 164 centrifuges at a time in a room full of 5,000 to 8,000 running.
@OTbase5 ай бұрын
Wrong. The attack code did not target a few centrifuges at a time. It targets 984 centrifuges at a time. Look at the code.
@EQ_EnchantX5 ай бұрын
@@OTbase That is incorrect, the logic targets cascades which house 164 centrifuges each. Nowhere in the code does it target 984 centrifuges because they are controlled as a group and can not be individually targeted.
@izzate72 жыл бұрын
Some of the most sophisticated and effective sabotage ever committed. Insane.
@milkaaiwako10 ай бұрын
I am glad i stumbled on this
@manamsetty26642 жыл бұрын
Thank you this was really helpful for me to understand the situation
@tombuckley914 ай бұрын
Fantastic video, really appreciated the information on the additional systems they were forced to build to mitigate the failures they were already dealing with. I wonder how they (the attackers) knew enough about those systems to target them, I understand they intercepted the Libyan shipment to understand the centrifuges, but not their over pressure systems.
@OTbase4 ай бұрын
You are correct, the attackers could not have known the details of the cascace protection system from the Libyan installation. They must have had an insider at Natanz or one of the contractors.
@crescentworks6855 Жыл бұрын
Question - did stuxnet accelerate and decelerate all centrifuges in a cascade at once? If it was more selective (a few here, a few there), wouldn't the sound difference have been masked by other centrifuges operating at normal rpm?
@OTbase Жыл бұрын
All centrifuges in six cascades at once. Impossible to miss.
@JosipMiller2 жыл бұрын
What here and on many other occasions is real problem are the standards. M$ Window$ and standard industry PLC. For this kind of highly critical purpose development of custom systems pays off (and that is an understatement).
@jtveg2 жыл бұрын
Thanks for sharing. 😉👌🏻
@carfo2 жыл бұрын
this guy is the paul harrell of cybersecurity and i love it
@catharperfect7036 Жыл бұрын
cringe.
@boxclever80303 жыл бұрын
Interesting. How did the developer know how the systems work in such detail ?
@OTbase3 жыл бұрын
That's the right question to ask. They must have had an insider.
@William_sJazzLoft3 жыл бұрын
@@OTbase the way you explained it I thought it might have been a vulnerability in the supply chain to the Iranians. After all, i thought that you had indicated that in the beginning at least they were exposed to some industrial espionage.
@OTbase3 жыл бұрын
@@William_sJazzLoft Sure the infiltration came through the supply chain. That's how you jump an air gap.
@William_sJazzLoft3 жыл бұрын
@@OTbase and it can be certain that the intelligence organizations involved knew that Siemens PLCs were being used.
@OTbase3 жыл бұрын
@@William_sJazzLoft They had full insider knowledge of the automation details
@shockthemuscle38104 жыл бұрын
This guy is a G
@jamesa49582 жыл бұрын
Great video
@shreddagorge4 жыл бұрын
While it's true there are vendors who gain on exaggerated concerns about industrial cyber warfare, it's also true that funded actors are still launching campaigns designed to prey on weaker links to conduct reconnaissance and potentially pivot into more valuable assets. We are aware of phishing campaigns preying on smaller energy providers exhibiting TTPs not unlike Ukraine, with many of these providers connected to grid providers who control larger 'backbones' of regional grid connectivity. In other words... past performance is no indication of future activity when it comes to cyber warfare, let alone the financial disruption already seen in stories like Go Daddy, Marriott, Sony, Home Depot, Garmin, etc.
@OTbase4 жыл бұрын
I'm aware of this situation and have commented it extensively -- see www.cirsd.org/en/horizons/horizons-autumn-2016--issue-no-8/cyber-power-an-emerging-factor-in-national-and-international-security. That doesn't change the fact that we didn't see successful & substantial cyber-physical attacks in the ten years after Stuxnet.
@shreddagorge4 жыл бұрын
We haven't seen a big earthquake hit northern California in a while... are we safe, or are we due?
@OTbase4 жыл бұрын
I haven't said that we are safe. I said that we have the means to stay safe.
@allwheeldrive Жыл бұрын
Great piece! Thank you. It's unfortunate, though, the optimistic closing comments simply don't represent the very real, pretty much unavoidable, potential for significant destruction at some point in the near future. Humans do not have the greatest track record for avoiding self-inflicted disasters. While the tech will undoubtedly advance, humans won't. There will always be a percentage of the population that will only be happy when everyone else isn't, and they are immortalized forever in their version of a heaven.
@arturlangner93712 жыл бұрын
Great video. Some story.
@GeorgeTsiros4 ай бұрын
What I find weird is that the two domains that were used for updates, SUPPOSEDLY could not be determined to whom they belonged. Like. Every domain in existence is strictly documented. Unless ICANN _itself_ was compromised, it should be dead simple to find who had those two domains.
@jascam1 Жыл бұрын
If Stuxnet can be used to target the dedicated centrifuges used by Iran, then it's just a matter of time that a worm/virus is developed to attack a specific component in any/all electric vehicles.
@iyeetsecurity9223 жыл бұрын
It's difficult to take this guy seriously without him wearing a black hoodie and a Guy Fawke mask.
@nycrsny3406 Жыл бұрын
lol
@kenfreymureti9563 Жыл бұрын
Great work
@itsunova98073 жыл бұрын
Can I say the blurry intro was fucking with my head I started looking around and blinking a shit ton just to make sure lol
@mrsjupiter93102 жыл бұрын
At 24:40....l experienced ; Unease , dissociation ...and value 6...inconfidance.... The occilations are being disturbed @ 12 %... throughout this video. ( Occilations producing musical note 440- middle C...are now producing b-flat... undoubtedly protocol has been tampered with'''''''')
@adilsonchrestani3 жыл бұрын
Great video! One question that remains : within all the connection between machines that the 4.0 revolution has been bringing to us, will these cyber attacks be more frequent?
@OTbase3 жыл бұрын
So far we have no reason to assume that they will be more frequent. But we must recognize that they can be more severe. More connectivity means more complexity means higher risk that a lot of things go wrong at the same time.
@Just.A.T-Rex3 жыл бұрын
@@OTbase this hasn’t aged well. Definitely more frequent.
@Matt-cm9pv3 жыл бұрын
Got any theories for how or why Stuxnet found its way into Virus Total in 2007? Seems odd that the developers with a limitless budget would have used a public tool like that to check for detections and seems weird that they were able to carry on with the operation without Iran catching on for two years if one of its victims thought something was fishy enough to check it out on Virus Total
@jascam1 Жыл бұрын
Israel likely had a mole in Iran to plant the virus. The Mosad are masters at infiltration that is how they won the seven day war, by HUMIT.
@Matt-cm9pv Жыл бұрын
@@jascam1 I'm asking how it ended up on Virus Total, not how it got into the lab. Virus Total is basically a giant repository of malware samples scrutinized by the entire netsec industry. Seems unlikely that someone involved in a classified operation would upload it themselves. I'm just curious who did it, was it a mistake made by someone involved in the development or did one of their targets have some passing suspicion about a file on their computer and uploaded it to scan against every AV before moving on? The first sample was uploaded a couple years before the Iranians found out what was going on
@cruelolol Жыл бұрын
It's explained in the Zero Days documentary. A later version of Stuxnet started shutting down PCs, which is how it was discovered initially.
@Matt-cm9pv Жыл бұрын
@@cruelolol that doesn't explain how it ended up on virus total a year before its discovery though, that's what I'm curious about
@PdGNL-h1o13 күн бұрын
Operators in a control room can be very different from the scientists. Sure they could hear the change in sound, probably would report it, but if it's still turning, who would care. Things are milling alright. Also, operators usually lack the power to make things happen. Reporting is on them, action is on others. That's what I wanted to say on operators being deaf. They're usually not in a position to change the sound.
@OTbase13 күн бұрын
Wrong. Iran had maintenance engineers constantly roaming around in the cascade hall as centrifuges were breaking all the time. These maintenance engineers (and the operators as well) detect deviances from normal ops right away. Scientests may not.
@marbles71772 жыл бұрын
this guy doesnt blink
@marfiuss9 ай бұрын
All thanks to the Red White and Blue, thanks to Erik van Sabben!
@_thefiddlestck18382 жыл бұрын
Just imagine what these great minds could do with their knowledge if they weren't engaged by their nations to build weapons designed to destroy civilized, innocent people and their children, society and traditions..
4 күн бұрын
Just wondering, how was there no component that requires some secret information like password or at least serial number. The sorry that someone could replicate nuclear enrichment faculty in testbed with exact hardware does not sound real. Just one secret information is enough to prevent replication from photos and visits and only leave "inside job" as the option.
@OTbase3 күн бұрын
Wrong. No passwords or serial numbers necessary. What was necessary was a replica IR-1 cascade or multiple, and it's clear where the attackers got that from. Check "To Kill a Centrifuge".
@Nitishksupport8223 жыл бұрын
China is very proactively using its cyber offensive capability against many country. Please mke a video on that based on your view and reserach. Anyways it was a very informative video.
@fredsoda30343 жыл бұрын
I can't believe that i found the guy who figured all of this out... There is one big question remaining though. Why is a German company helping the Iran gaining material to potentialy build nuclear weapons?
@OTbase3 жыл бұрын
Well I think that one is easy: Because it pays well. The deeper question that puzzled me is: Why didn't CIA & Mossad pull the plug when they probably could have?
@dronestrikejr3 жыл бұрын
@@OTbase great question well never know the answer to unfortunately
@kickassvideos54693 жыл бұрын
ralph du bist der geilste ober eber, bitte mach weiter dein ding
@alexandermuller51432 жыл бұрын
Thank you.
@OpenCarryUSMC7 күн бұрын
Not sure why but the historical timeline of STUXNET is absolutely not what is being said. I received an unclassified debriefing in Stuxnet before retirement and I retired in January 1999. So why Wikipedia and other sources are now saying it was in the 2000’s makes me wonder WTF is going in.
@OTbase7 күн бұрын
Well you just draw your own conclusions
@hassansyed56613 жыл бұрын
Still StuXnet is is active but with new signature and new tasks
@SincereSentinel3 жыл бұрын
Good stuff.
@bigcheezmoe4 күн бұрын
Many know what really happened...but does anybody know what the real intent was?
@OTbase4 күн бұрын
It's suggested in the video, without going into mind reading. For more info you may want to check "To Kill a Centrifuge".
@mrhassell29 күн бұрын
Who would have thought, that the next true “Cyber Weapon”, was soon to come, from the Automotive industry?
@J87513 Жыл бұрын
People are assuming it was USA and Israel but I’m sure that the Saudis also helped in this project, probably in a financial way. It’s not only USA and Israel that are Irans enemies.
@hashfors22 күн бұрын
I want my pci-e frame buffer back!
@rohanmajumdar3133 Жыл бұрын
First the target was Irans nuclear facilities, the next target is every man with a phone. We already run such worms and tracking mechanisms on our phone ready to activate the payload when we become an object of interest. A dystopian state with mass surveillance is already a reality. Stuxnet just raised the confidence of these agencies.
@SCHMUNZELTV2 жыл бұрын
Very good content. Please put subtitles the accent is very hard to understand
@OTbase2 жыл бұрын
Click on the CC button in the lower right corner of the viewer
@zeroisonline2 жыл бұрын
Pro tip.. increase speed to 1.25 - Ralph speaks VERY slowly..
@b_tssl Жыл бұрын
💯💯
@sodalines3 жыл бұрын
It took more than a year to write stuxnet. No way it was completed in 1 year.
@dukstedi4 жыл бұрын
my dad just put my dumbass on this... voraciously interested!
@sforza2095 ай бұрын
2:58 that aged like fine milk.
@timduke46162 жыл бұрын
You know to much…wondering if you and your team was behind all this especially since you also did a Ted talk on this 10+ years ago🤔🤔
@maartentoors2 жыл бұрын
I feel like I should 'unlike' this video asap. However; I can't hit the ; 'Like' button enough!