One of the best documentaries I've seen. I hope this gets way more views because you deserve it, Mr. Langner

Excellent, You covered the topic very well. Everything was presented clearly, in every detail. Just what I was looking for

I have long been intrigued and interested in this topic, can’t have a better source explaining the story than mr langner himself. Thank you!

This video report was very elaborate, to the point and informative. Top-notch quality. Thanks to the everyone involved in this video report

This was a pleasure to watch, thank you Ralph for this thorough analysis, 10 years+ after the fact. It's even more interesting now, as time goes by, to understand the complexities of these issues, from the geo-political perspective all the way to the pure technological one. I truly hope you could make this type of video into a series, in which you explain the different malware threats that pop up and dissect them in this fashion. In this day and age ransomware seems to be quite prolific all over the world, that would make for another amazing video, going through what has been happening in the last decade or so...

Thanks Langner for explaining it so well, the details of the 2 stage attack campaign were so perfect.

Such great breakdown, thorough explanations and I loved the chronicling of the events dating back 1975.

Excellent. I've always loved your analysis and distillation of what occurred. I like how in Zero Days, you cheekishly knew what you could and couldn't talk about, alluding to it throughout your interview.

This documentary is excellent, brilliant. Good work.

This was the best documentary I've seen on KZbin ever. Thank you so much Sir

Very informative, thx. I also enjoyed the swipe at the public press in the end. And of course the (almost) happy ending.

Thanks for putting this together. All the other videos are just overviews but this gets deep into the working principles and demonstrates the type of clever thinking the creators of Stuxnet had. This is exactly what I was hoping to find.

Very well done. I've heard of stuxnet and watched vids about it but never seen such an in-depth analysis of what was actually going on before.

Messerscharfe Analyse, hochinteressant und wirklich hervorragend dargestellt. Danke!

Being a vulnerable researcher myself this I can say was the most complete description of the events.. what a great documentary 👏 👌 👍 🙌 ❤

Ausgezeichnetes Video. Danke schön.

Thanks! One of the best write ups on the "weapon" I've ever seen or heard. I knew your group was one of the first to reverse engineer the "weapon" and analyze it. I'm very glad you made this as I did not know there were two campaigns.

Great video. Very interesting subject presented very clearly, thank you !

Great video..very in-depth without bogging the viewer down

Fantastic video. I'm reading a Cyber Security book that mentions Stuxnet and decided to see what videos or documentaries were available. Great work by the team at Langner.

Very well done analysis of Stuxnet. Thank you for your very clear explaining.

excellent video! the level on details is just fantastic. very informative. thanks.

This video is a gold standard template for how to properly present a subject.

Just got this recommended by KZbin, two years late… great vid! Subbed as well!

Got totally hooked on this subject that I've seen several times before. Absolutely amazing documentary

This was honestly a fantastic video for all sorts of viewers. Thanks to The Langner Group for putting this together. I learned a ton and can't praise it enough. I am very interested in how the state of cyber-physical attacks evolve over the ext decade or so and how the end-goals of these attacks change. For example, ransomware like EKANS, etc (I'm no expert here by any means)...will these sets of malware ultimately hold our critical infrastructure for hostage rather than blow things up or cause physical harm?Will cyber-physical attacks ramp up in damage slowly over time? Almost like pushing a glass further and further towards the end of a countertop... It may be just my paranoia but with the amount of funding certain nation states are allocating to cyber defense, it makes me wonder what may be going on in regards to the offensive side of things... Once again though, great video!

That was more enlightening than I was expecting. Great video.

Excellent work gentlemen. Thank you.

i love top level explanation like this, thx a lot

This must be one of the more beautifully scripted topic on cyber warfare. Very clear representation

I wish they used a lot of this info in the zero day documentary. They really needed to provide more info on te centrifuge process. As well as the decisions to do the various updates. I still don’t understand the problems or lack of implementation for manual shutdown. The illustration of the sound helped a lot.

Thank you for the documentary! I'm studying cyber security and this video was really worthy and interesting to watch

Great work and video... thanks for bring it to public.

Fantastic and resourceful video. Well done

I want to start learning about technical side of cyber security. Where does one start as a beginner? Great video!

I just wanted to say this was an outstanding explanation. I can't imagine the amount of brainpower and preparation that must have went into developing Stuxnet. Did the analysis team know much about Iran's nuclear enrichment program before trying to decipher what the binary did? I'm absolutely amazed that you guys were able to discern the specific system that the worm targeted with how little the world knew about Iran's program at the time.

Very well detailed ! Thanks a lot :)

lieber Herr Langner, besten Dank für Ihre Darstellung der möglichen Ereignisse, die allerdings einige fundamentale Fragen offen lässt. davon abgesehen, würde ich mich freuen, sie würden den Text gleich auf Deutsch vortragen und die hochproblematische Tonspur reinigen.

God thank you, this video was so much better than the vice video on stuxnet

The documentary “Zero Days” by Alex Gibney does a great job of almost naming names and outlining its development. Very interesting watch I’d recommend.

Outstanding presentation.

Thanks for this exhaustive explanations... the best I saw yet... but... I have a small doubt--- since we do not know for sure what was the vector for the first 'infection'--- and the software was binaries for the Siemens PLCs... ?what software was submit to Virustotal???

That's what I was looking for. Thank you very much!

Intensely interesting subject presented so that a layman can understand. Thank you. But perhaps there is something I missed. If the centrifuges are spinning at such a high RPM, above the human hearing, then how is such a low frequency produced that can be heard? As an additional comment the Iranian technicians may have become tone deaf after being bombarded with those frequencies for a long time.

"The stealthy cyber weapon had been turned into a prank." "After that little concert in the cascade hall..." lol These funny statements actually show the high quality of technical expertise in this video. Seriously, other videos breathlessly report, with mysterious background music, how amazing it was to control the speed. This is the first explanation I've seen that described the resulting sound and how obvious it would be to the Iranians.

Excellent report. thanks!

Great vid.enjoyed it.

amazing and well put together

excellent video very well produced and explained

Mr Langner I had first seen you in the documentary, Zero Days. It seems like your interview was largely overshadowed by those of the NSA analyst and the gentlemen from Symantec. Zero Days was rather melodramatic and so much of the events and facts were smothered by rhetoric and profanity. But your detached, straightforward presentation made you memorable. So of course when i saw this presentation chronicling the events of those three or four years, i clicked. I haven't taken a physics course in years but i followed along as best i could. It was time well spent. You spoke with authority. Your presentation was thorough and clinical ( as much as it could be managed in a fifty minute seminar ). In the most general definition weren't both payloads zero day intrusions? Was it the second one that attacked the Siemens motor controller or the first? Thanks - William; Hampton, VA U.S.

The noise would have been masked by the other running centrifuges. It only targeted a few cascades at a time (164 centrifuges each) and it was over 50 mins. So 164 centrifuges at a time in a room full of 5,000 to 8,000 running.

Some of the most sophisticated and effective sabotage ever committed. Insane.

I am glad i stumbled on this

Thank you this was really helpful for me to understand the situation

Fantastic video, really appreciated the information on the additional systems they were forced to build to mitigate the failures they were already dealing with. I wonder how they (the attackers) knew enough about those systems to target them, I understand they intercepted the Libyan shipment to understand the centrifuges, but not their over pressure systems.

Question - did stuxnet accelerate and decelerate all centrifuges in a cascade at once? If it was more selective (a few here, a few there), wouldn't the sound difference have been masked by other centrifuges operating at normal rpm?

What here and on many other occasions is real problem are the standards. M$ Window$ and standard industry PLC. For this kind of highly critical purpose development of custom systems pays off (and that is an understatement).

Thanks for sharing. 😉👌🏻

this guy is the paul harrell of cybersecurity and i love it

Interesting. How did the developer know how the systems work in such detail ?

This guy is a G

Great video

While it's true there are vendors who gain on exaggerated concerns about industrial cyber warfare, it's also true that funded actors are still launching campaigns designed to prey on weaker links to conduct reconnaissance and potentially pivot into more valuable assets. We are aware of phishing campaigns preying on smaller energy providers exhibiting TTPs not unlike Ukraine, with many of these providers connected to grid providers who control larger 'backbones' of regional grid connectivity. In other words... past performance is no indication of future activity when it comes to cyber warfare, let alone the financial disruption already seen in stories like Go Daddy, Marriott, Sony, Home Depot, Garmin, etc.

Great piece! Thank you. It's unfortunate, though, the optimistic closing comments simply don't represent the very real, pretty much unavoidable, potential for significant destruction at some point in the near future. Humans do not have the greatest track record for avoiding self-inflicted disasters. While the tech will undoubtedly advance, humans won't. There will always be a percentage of the population that will only be happy when everyone else isn't, and they are immortalized forever in their version of a heaven.

Great video. Some story.

What I find weird is that the two domains that were used for updates, SUPPOSEDLY could not be determined to whom they belonged. Like. Every domain in existence is strictly documented. Unless ICANN _itself_ was compromised, it should be dead simple to find who had those two domains.

If Stuxnet can be used to target the dedicated centrifuges used by Iran, then it's just a matter of time that a worm/virus is developed to attack a specific component in any/all electric vehicles.

It's difficult to take this guy seriously without him wearing a black hoodie and a Guy Fawke mask.

Great work

Can I say the blurry intro was fucking with my head I started looking around and blinking a shit ton just to make sure lol

At 24:40....l experienced ; Unease , dissociation ...and value 6...inconfidance.... The occilations are being disturbed @ 12 %... throughout this video. ( Occilations producing musical note 440- middle C...are now producing b-flat... undoubtedly protocol has been tampered with'''''''')

Great video! One question that remains : within all the connection between machines that the 4.0 revolution has been bringing to us, will these cyber attacks be more frequent?

Got any theories for how or why Stuxnet found its way into Virus Total in 2007? Seems odd that the developers with a limitless budget would have used a public tool like that to check for detections and seems weird that they were able to carry on with the operation without Iran catching on for two years if one of its victims thought something was fishy enough to check it out on Virus Total

Operators in a control room can be very different from the scientists. Sure they could hear the change in sound, probably would report it, but if it's still turning, who would care. Things are milling alright. Also, operators usually lack the power to make things happen. Reporting is on them, action is on others. That's what I wanted to say on operators being deaf. They're usually not in a position to change the sound.

this guy doesnt blink

All thanks to the Red White and Blue, thanks to Erik van Sabben!

Just imagine what these great minds could do with their knowledge if they weren't engaged by their nations to build weapons designed to destroy civilized, innocent people and their children, society and traditions..

Just wondering, how was there no component that requires some secret information like password or at least serial number. The sorry that someone could replicate nuclear enrichment faculty in testbed with exact hardware does not sound real. Just one secret information is enough to prevent replication from photos and visits and only leave "inside job" as the option.

China is very proactively using its cyber offensive capability against many country. Please mke a video on that based on your view and reserach. Anyways it was a very informative video.

I can't believe that i found the guy who figured all of this out... There is one big question remaining though. Why is a German company helping the Iran gaining material to potentialy build nuclear weapons?

ralph du bist der geilste ober eber, bitte mach weiter dein ding

Thank you.

Not sure why but the historical timeline of STUXNET is absolutely not what is being said. I received an unclassified debriefing in Stuxnet before retirement and I retired in January 1999. So why Wikipedia and other sources are now saying it was in the 2000’s makes me wonder WTF is going in.

Still StuXnet is is active but with new signature and new tasks

Good stuff.

Many know what really happened...but does anybody know what the real intent was?

Who would have thought, that the next true “Cyber Weapon”, was soon to come, from the Automotive industry?

People are assuming it was USA and Israel but I’m sure that the Saudis also helped in this project, probably in a financial way. It’s not only USA and Israel that are Irans enemies.

I want my pci-e frame buffer back!

First the target was Irans nuclear facilities, the next target is every man with a phone. We already run such worms and tracking mechanisms on our phone ready to activate the payload when we become an object of interest. A dystopian state with mass surveillance is already a reality. Stuxnet just raised the confidence of these agencies.

Very good content. Please put subtitles the accent is very hard to understand

Pro tip.. increase speed to 1.25 - Ralph speaks VERY slowly..

💯💯

It took more than a year to write stuxnet. No way it was completed in 1 year.

my dad just put my dumbass on this... voraciously interested!

2:58 that aged like fine milk.

You know to much…wondering if you and your team was behind all this especially since you also did a Ted talk on this 10+ years ago🤔🤔

I feel like I should 'unlike' this video asap. However; I can't hit the ; 'Like' button enough!

Best

Les infos d’molina