One thing that was touched on really needs emphasis: The Iranian nuclear program managers had wisely adopted one of the most effective defenses against cyberattack: Their systems were not connected to the Internet, and it required what is effectively inside assistance to even begin to attack that system. Whenever I read about a security breach of any system, my first question is always, "Why was this connected to the Internet at all?" Many compromised systems did not require Internet connectivity in order to accomplish their official purposes.

Been studying cybersecurity for several years and working as a Security Analyst some of that time as well, so I'm all too familiar with Stuxnet, but I will never get tired of hearing this story. Stuxnet was truly a monumental achievement (for someone at least) and a total game changer in terms of how offensive cyber operations were viewed. One of my favorite case studies that I constantly return to in my career, I still gain new insights every time I do so. Happy to say that Warographics did the story justice! And the crazy part is this video is just the tip of the "Stuxnet lore" iceberg.🤯

I learned about Stuxnet back in 2011 when I was taking a Cybercrimes course in Ireland. I remember being blown away by how smart of a program it was.

The virus didn't just require a USB stick, it could embed itself on devices that used the USB port. Seriously one of the smartest weapons I've ever seen.

As a computer science student, this stuff is fascinating to me. I found a video about Stuxnet recently and had been wanting a video from you breaking it down ever since!

For the ones asking. Stuxnet dit copy itself on usb drives. Once the plc are updated, the virus send files to the drive, and if that drive is connected to a computer that is connected to the internet it sends data back. No plant is compledley airgapped. Just the most importand machines

I highly recomment reading "To kill a centrifuge" by Langner, it is their version of the Stuxnet analysis and covers the whole operation in a lot of detail.

I remember being told about this as a cautionary tale of the dangers of picking up random USB sticks

I remember when Stuxnet was first revealed. I concluded at the time that either the US or Israel had to have done it, based on who had motivation and ability. Turns out, it wasn’t “either”, it was “and”.

Beware of the USB stick in the parking lot.

Thjis is a very simplistic account. Firstly, it seems to ignore entirely the straightforward point that the Natanz centrigues were entirely interconnected by a pressure detection system, also controlled by PLCs, which would take individual centriguges offline if they were found to be an issue (bear in mind that we are talking about very small pressure differences). This probably required not only the possession of P1 centrifuges, but a much higher level of testing in which multiple P1s were actually connected by an automated overpressure system, which may actually have used uranium hexafluouride. This pressure system was how the first attack probably damaged the centrigues; and was actually quite difficult to detect. This first attack may not have involved Israel. And secondly this account also seemingly ignores the point that there was distinctly more than one attack - using differnt techniques, in which different actors were involved. The second, for example, was the one that actually went after the rotor PLCs. And the "leak" referred to may have been the worm looking for serial numbers of specific Siemens PLCs.

The Stuxnet operation crosses the line into art. So elegant and clever.

I absolutely love how Simon uses his voice to keep everyone on the edge of their seat.

Thanks, Simon. I learned about Stuxnet in the 2008-ish time frame when I read Kaspersky's early reports. A brilliant move. Up until then, we all believed our PLC's to be invulnerable to viruses. And, they are, but the software used to communicate with PLC'S is not. I'm not a hacker but I do automation, sometimes with PLC'S. It was an important lesson.

1:45 - Chapter 1 - The timeline 18:55 - Chapter 2 - The unsolvable equation ; fanny , flame & flowershop 22:00 - Chapter 3 - The future

The script is usually very tight on here. 'An existential crisis to their existence' The exception that proves the rule.

If Natanz was truly airgap, how could the virus send information back to the US?

I remember when news of Stuxnet first appeared. I was studying IT at the time and didn't really grasp the enormous possible consequences. Some people I studied with, and who had a lot more experience, were terrified. Some thought it might spell the end of the internet.

I think $300M/year of delay is actually decent. In comparison to a "new bomb" which would need its own research and development and a bespoke production line for a limited number of bombs and it looks like maybe a wash.

Worth noting that we actually don't know just how effective the Stuxnet development was, since it's possible that many techniques and maybe other zero-days are still in use in other attacks around the world.

The story I had originally heard about how Stuxnet infiltrated the facility was a usb drive dropped in the parking lot. Had no idea it was a long-term program with two-way communication rather than a single attack destroying the centrifuges. The description I was aware of had claimed that the worm cloned parts of itself onto more usb drives to carry it back out of the facility in order to reach an internet-connected device it could deliver a "job complete" message through, but if it was able to receive updates regularly, there was clearly a more reliable communication method established that breached the air-gapped nature of the network.

Not to be confused with Suxnet, the.... other way to make things blow.

Usually a religious Warographics listener, but rolled my eyes on the release of this stuxnet episode. So didn't listen to it immediately but I'm grateful for "the algorithm" sneaking it into the autoplay-list. I thought I already knew everything there was to know but then Mr. Whistler's team goes and unearthed the Dutch connection. Well done, well done 👏

I remember when this happened. I also vividly remember, how at the time, my work place was full of PLC's. I was very tech minded and a lot of access to things that I probably shouldn't have. Stuxnet was some scary stuff, for the potential havoc it could wreak on just about any company, anywhere with a PLC. It just made me realize how exposed we are when it comes to hardware security.

I had to write a report on this when I was taking cybersecurity classes. Definition of a watershed moment.

Working with PLC's daily I can assure you they are some of the biggest cybersecurity nightmares. Because uptime is very much preferred over cybersecurity. Even if you know about issues, you cant deploy them cause uptime.

Zero Days is a nice documentary about this. Some NSA whistleblowers say their part too, undercover ofc. Strongly recommend it.

I'd heard part of this before, but this video put it all together. Good job.

The most scary part, most maleare is sitting dormant waiting for an action command to start attacking. We haven't even had the first real spark yet.

Stuxnet is gonna need a sequel soon.

very well laid out wish I could share more about the late 90's early 00s but you guys are so over target wonderful video

Honestly it's incredible this operation was pulled off. It's refreshing to see the US protrayed so competent. Fu*k anyone who was against this. This is truly bad ass.

There's a great documentary by Alex Gibney called "Zero Days" about it, that looks at it more as the story of discovery and reverse engineering what it actually does. This was a wild time blowing everyones minds about what is really out there. Also, te fact that they found and essentially burned 4 Windows zero days is wild, a no interaction Windows zero day is incredibly hard to find, and worth millions on the open market for these kind of things. Though it probably helped that Windows licensing deals for the military and the likes have included access to the source code for years.

Thanks

aaaaah I love the 80's action movie one liners at the end of your videos.

This man has like 1 million channels and is pumping out videos on all of them almost everyday. He is everywhere

Do you know what I’d pay to hear a deep dive, TED talk from the programmers of this? That would be incredible!

Watching this from Lebanon.

Everyone likes to think only China or Russia has high quality hackers, the truth is the US has the best hackers in the world(TOA)... to go along with the best military equipment in the world

@10:55 is incorrect, there is no way to send back a blueprint map if the system is air gapped. My guess is that malware might have mapped the internal "network", but in finishing it would deliver the payload(s), another option is that the map was downloaded later of shortly after the initial breach ( again physical access with a USB ), but it seems unlikely.

Check out Zero Days. It's a documentary style movie about Stuxnet. And there is also a book: Countdown to Zero Day

I actually requested a deep dive into this on Simons reddit. I'm so happy someone took it up!!! I was thinking Casual Criminalist or Dark Shadows, but it actually makes more sense in Warographics. It is truly shocking to me how little people know about this, much less how under reported it was. I feel like cyber warfare took such a huge leap forward from this event, and I can only find a little content related to it. It's shocking. Scary. The future of cyber warfare is terrifying to me. Hope this video helps to spread awareness. I would have liked to hear this in a free format though. Still, awesome video. Great content!!!!!!!!!!!

10:50 how the heck did the program contact it's creators if the facility's system was totally isolated? If it broadcasted a signal, how come the Iranians didn't pick up on it?

I remember all the talk about Russia's cyber warfare capabilities on the lead up to its invasion of Ukraine. Ended up falling flat. As much as the complexity of viruses are growing, it seems our capabilities in fighting them are as well. Or, Russia just sucks at cyber warfare.

Keep up with these informative and entertaining videos.

I love recommending the book Sandworm to people that are curious about this stuff. It largely covers this same story but with more little details

So glad my country is extremely involved in the hypothetical nuclear programs of foreign nations and not our own dying economy

I am aware of that malware back in 2005 too..when i was doing work for a programming company

11:00 I don't quite get that. If the network was airgapped, how would the virus exfiltrate information to the US or get updates?

Simon, you're an incredibly great presenter! While watching this video I thought of the work and dedication of the author/writer! You have a great staff! They deserve more attention! Thank you for your great work!

Much as there was once an age of pike and shot, we are now in the age of drones and hackers. It would be wise to be the first to adopt them skillfully.

IT/OT systems are hard to update anyway because of their complexity. A single bug could destroy part of the ICS or create hazardous conditions inside the plant. This explains why many systems use obsolete operating systems or code.

Fascinating video. Please do more on cybersecurity

That was the best video I’ve ever seen on KZbin. Absolutely fascinating.

It was introduced by encoding every single hard disk manufactured by western digital and seagate at the point of manufacture. That’s how I’d do it

If it was air gapped and someone had to physically introduce Stuxnet , after the 11 min mark you talk about Stuxnet sending back facility design and layout as well as then being able to updated Stuexnet remotely. You can't have both an Air gapped system and remote update capabilities.

Stuxnet = High-Tier Pegasus = Ultra-High-Tier Operation Triangulation = God tier

Its fascinating to learn that for once a spy died relatively shortly after performing their duties, and zero foul play was found

What a throwback! Clicked as soon as i saw that name!!!

The book: 'Countdown to Zero Day' does a great job chronicling this cyberattack.

So I have watched a few of your videos, and while I have liked them, I also didn’t really know the subject matter. This one I did, and out of curiosity, I looked and noticed you followed the Wikipedia page on this subject pretty closely/exactly. You have good presentation, and for those unfamiliar with the various subjects you cover, these are great videos. It would be cool to see deeper dives with some independent research, alternate sources, etc.

how can they update the virus if the facility and its infrastructure was airgapped from the internet? did the worm magically assemble a wifi chip also? it sounds like something was missing here. or was the facility not truly airgapped but configured to null route internet traffic thus being connected to the internet and not fully airgapped?

How did it phone home if the facility was air gapped?

Stuxnet had to be brought in by thumb drive, yet it transmitted information and was updated remotely? How is this possible if Natanz was completely isolated?

I've seen a few videos about stuxnet and I can tell you this is by far the one with the most work put in. Great job researchers.

14:57 It wasn't a bug in the code that caused Stuxnet to leak. Phase 3 of it was turned over to Unit 8200 who wanted it to be less subtle & more aggressive. They modified it to spread more rapidly which eventually led to its discovery. This is explained in the excellent documentary "Zero Days" on this entire discovery process & motivations of POG. Incidentally, it's worth noting that zero days sell anywhere from $250k to $500k on the black market, meaning that only a nation state can practically afford to make something like this. It's beyond the reach, financially speaking, of any lone hacker or hacker group.

I feel like Simon & Team is fast becoming my Walter Cronkite

The documentary "ZERO DAYS"..details this undertaking

Has this ever been made into a movie? Because it should be.

EXCELLENT PRESENTATION. APPRECIATE YOUR KNOWLEDGE AND NOT BEING SLOW NOR STALE... ❤❤❤❤❤❤

Umm, how can it be updated remotely? Let alone get the data back If it was physically disconnected from the interwebs?

I live 45min from INL (Idaho National Labs) had zero clue they were involved in this operation. That is pretty neat, I'll have to let a friend of mine who works there know.

mfs out here hacking nuclear powerplants meanwhile i cant remember how to unlock my phone

Fun fact: my buddy and I were the first strategic intel analysts to report on Stuxnet within the US intel community. When we questioned NSA what information hey he on attribution and origination we were told to “cease and desist”.

Wasn't just Stuxnet, a whole slew of malware based on the Tilded platform , include Duqu and the star of the show, Stuxnet.

I love Business Blaze and probably watch those video's the most but it's video's like this that brought me into Simon's orbit in the first place and I'll always be a fan of. 🎉

I thought it was mentioned that the facility's computer systems were air-gapped. How then did Stuxnet communicate with US computer systems?

There was a pipeline explosion in Siberia during the 80's that was attributed by exspionage and sabotage of the pump control systems used on the natural gas pipeline. I can't recall what the operation name was but I do remember it was implemented by using control chips that had been infected with "malware' used at the time.

Yes thank you was watching old video on this the other day

Amazing Episode Simon 👏

0d exploit when a normal third party found it = Remarkable investigation and skills used to find it 😎 "0d" exploit when the government finds it in big tech software = They just asked microshoft for their backdoors 😅

WTF!?!? I thought I knew all of Simon’s channels yet, somehow, here we are learning about war things, with Simon, on a new channel.

Low key reassurance in regards to thier current situation

You gave me flashback moments of the show Mr. Robot. I wonder if the writer took ideas from this hack. The scale of this on the super secure infrastructure. This is truely movie style stuff.

TIL "specialisms" is a word. Excellent writing and presentation as always!

how did stucksnet connect to outside world if its closed system

Simonverse spy stories continue 🎉🎉🎉

Can anyone explain @10:57 - 11:04, being without internet, with an air gap?

"An existential threat to its existence" I see 😅 IIRC it was also Dutch nuclear technology that was stolen by AQ Kahn, the world's most prolific illegal nuclear proliferator and guy who gave Pakistan the bomb.

22:48 Holy shit! The algorithm just randomly dropped this in my feed last night. And the Iranian president goes down in a chopper this morning?!? WTF? 😮

10:58 wait wait wait, how did this virus send the map of operations back us/israel if this plant was in isolation from world internet?

For some reason, the sound quality of this item is not up to the usual very high standard.

Wow. I had no idea about any of this. Neat.

I still have the code in my pcie frame buffer on one of my mb’s, can’t get rid of it, it’s impressively annoying code

Thanks for sharing.

Simon is everywhere

If the centrifuges were air-gapped to the rest of the Internet, how was Stuxnet able to communicate and update itself?

I am so thankful for Stuxnet so the Iran regime could not get any nuclear programs activated. Since the Shah's departure the country has been in turmoil

Watch the movie "Zero Days" years ago, and definitely got intrigue about this one.

If the facility was air gapped, how did they get data and updates back and forth? Your explanation is critically flawed.