The World’s First Cyber Weapon Attack on a Nuclear Plant | Cyberwar
Vložit
- čas přidán 27. 03. 2024
- Stuxnet was a sophisticated cyber attack on an Iranian nuclear plant that may have changed the nature of warfare forever.
This episode of Cyberwar first aired on VICE TV in 2016.
Help keep VICE News’ fearless reporting free for millions by making a one-time or ongoing contribution here. - vice.com/contribute
Subscribe to VICE News here: bit.ly/Subscribe-to-VICE-News
Check out VICE News for more: vicenews.com
Follow VICE News here:
TikTok: www.tiktok.com/@vicenews?lang=en
Facebook: / vicenews
Twitter: / vicenews
Instagram: / vicenews
More videos from the VICE network: www. vicevideo
#VICENews #News
Reminder, this episode was from 2016, 8 years ago.
Edit: Vice news is really wanting us to endure 2016 again
Yes, important reminder
Check out darknet diaries with my boy jack... current hacker ish
Maverick got enough time to push it on big screen.
Thank U. Saved me the watch.
JUST A FRIENDLY REMINDER------ America is in violation of the Symington Amendment by giving aid to Israel when they haven't signed the Nuclear NPT, and promote terrorism on Iran when they seek to develop their own energy program.
Thanks to Vice you can relive 2016 again and again, and again and...
Again?
And again
And again until they get their ad views
Thank you, therefore I won't watch the video and will instead dislike and report!
Yes, but you wouldn't believe how many people don't know or understand Stuxnet. This episode is great for people to understand cybersecurity, politics, etc.
vice if your gonna repost old articles at least include the orginial post date and the tag #repost or something.
The descriptions says it’s a repost
Yeh but they could have atleast put it in the dam title smh@Duckduckobtusegoose
@@kieronluke4657it's not hard to read the description. can you not understand anything that's not hashtagged?
324,185 views Mar 28, 2024 #VICENews #News
Stuxnet was a sophisticated cyber attack on an Iranian nuclear plant that may have changed the nature of warfare forever.
This episode of Cyberwar first aired on VICE TV in 2016.
@@og666 it's not hard, but the issue is that it is hard to know the description is important. Titles have the benefit of being on screen all the time (PC, non-full screen) and hashtags have the bonus benefit of popping out from being a different color.
YALL GONNA MAKE PPL FREAK OUT 😂
emotions will be tugged
People that are helpless and don’t have guns lmao
JUST A FRIENDLY REMINDER------ America is in violation of the Symington Amendment by giving aid to Israel when they haven't signed the Nuclear NPT, and promote terrorism on Iran when they seek to develop their own energy program.
@@crackerjack2303Hiroshima’s pistols did nothing
This story is about 10 years old tho lol
whats crazy to me, is that my highschool in 2010 didn't allow unauthorized USBs to be plugged in we had to go to the tech room and show the usb to a teacher and he had to scan it and give it a little sticker saying it was ok to use on our laptops, but the Iranians at a nuclear facility didnt do this. wild
edit: Irans
I doubt that’s how it happened… most likely the engineer was paid by intelligence to bug the system
This was not your run-of-the-mill worm. Your teacher's antivirus would not have seen anything, that's whata 0-day attack does. It is called that because 0 days have transcured since the attack has been discovered by security companues and therefore no countermesure to that attack exists yet.
And the method used was to inject this worm in as many normal computers in the world as possible so that everytime a technician would break the air gap to import some code he would have more and more chance to be using a pen drive that would have been previously inserted in an infected computer. I don't remember the exact number but when Stuxnet was first reported on it had infected an astonishing number of computers worldwide, something like 20 percent.
@@Freiheit1232ok, but what dude is saying is Iran should of had something in place to protect itself from just some bad actor plugging in a USB stick into a computer and taking down their entire operation. AMATEURS! Hahaha
You would be surprised to find out in some second / third world countries this thing is still going on in governmental building. Simply because security protocols are overseen by employees, and security awareness is just something from a check list that nobody cares but they all sing the paper because is the norm.
@@sforza209 There would definitely be a way around such a system whether it is a high ranking individual at the plant or someone who just bypassed security protocols
"We demonstrated the capability that you could have devastating physical impacts by cyber means" That seem like an accidental admission.
The delivery method is incorrect. It had since been revealed that it came in via a part that was infected, not a usb.
Wayyyy more impressive tbh😂😂 them boys at Siemens hooked them up😂
Something stolen: USA did similar to the Soviets back in the day.
Source
According to the dark research that came out 5 years ago, it was attacked through the HVAC system.
Also the threat analyst misdefined zero day as a zero click attack, I guess fact-checking isn’t one of Vice’s strengths
Remember that this episode was from 2016
It's also a bit inaccurate. The first known cyberattack dates to at least 1982 with software that caused specific massive damage being inserted into natural gas equipment destined for the Soviet Union. It triggered.""The result was the most monumental non-nuclear explosion and fire ever seen from space," he recalls, adding that U.S. satellites picked up the explosion. Reed said in an interview that the blast occurred in the summer of 1982." (Washington Post).
USA is the main threat
Sure
Episode is from 2016 about an event(s) that happened in 2010. And the details are very watered down.
Interesting how this episode is more relevant today than in 2016.
0 day means a technology virus we don't currently have a solution for. It literally means day 0, the first day of the existence of a new virus. It has nothing at all to do with the capabilities of the virus.
Yes, zero-click was what they were talking about.
4 zero days in one piece of malicious code is beyond insane.
That crazy man
That's probably $10m in value right there...
@@Fatman305 Way way way more. A single zero day exploit that requires zero user input to execute can fetch up to 20 million dollars.
I don’t know about them but I believe you.
@@jiszle697 I was wrong, the other way. It likely cost less than $1m back in 2010. Look for Forbes article from 2012 "Shopping For Zero-Days". And note that even those ~$100k high-end exploits back in 2012 were much cheaper a few years earlier: "This is very different than in 2007, when researcher Charlie Miller wrote about his attempts to sell zero-day exploits; and a 2010 survey implied that there wasn’t much money in selling zero days. The market has matured substantially in the past few years."
Interesting how an IT engineer did not know what a PLC was.
A USB stick in your work machine. That has not "formally" been permitted since early 2000's in most commercial organizations that I have done business with.
Things like that wouldn't ever be a standard educational criteria until there's an issue. 😅😂
@@tonywalker4207 None of them will ever forget what a PLC is now.
Because an security researcher (as you call it "IT engineer") is a software engineer and not an electrical engineer...? Do you think that all electrical engineers can complete a malware analysis because they are an engineer?
@@jjann54321 Valid (excellent) point. In particular for "stick to your lane" type engineers.
But the very best among us, including hackers, tend to be multidisciplinary. Mitnick's M.O. was less about tech and more about social engineering.
As a "security researcher" it is important to be aware about the most basic instruments used in (critical) industry.
@@TriAngles3D Totally unacceptable to have zero clue what a PLC is. A cursory understanding of hardware systems is a must for softdevs.
The interesting thing is that the guy who likely planted it. Who was a dutch engineer , died in a one sided motor accident a few years later in Dubai. He was likely recruited by Dutch intellegence services. Who handed him over to the israeli and US services. The strange thing is that most of Dutch officers who were actively involved by recruiting him had no idea that this happened. The whole operation was so fractured that people only know about their small part. Which makes it impossible for most people to actually know what was giong on. Which is the power of the organisation. Even high Dutch politicians did not know what the Dutch role was. And it is still is a mystery till today.
How is it still a mystery if you explained it?
Vice is killing it. Wait this is not zero days old?
Vice exposing things that can get us all hurt.. like we really want Iran to have nukes? Tf they doing.. like Snowden.. all that for what? To live in effing Russia? Lmfao
Nuclear power plant worker here, if someone was determined enough to attack a power plant and cause radiological sabotage... you're fucked. The NRC requirements aren't high enough to protect against modern threats.
*stares in nuke worker at a plant with 1950 tech that's never heard of the Internet*
I mean, they could crash our email and make it hard to watch CZcams but, actually a threat to radiologic safety? Nah, we good.
I heard power plants controls are so confusing even the hackers are like wtf lol
@@EyeKnowRaff yes there's plenty of antiquated tech but they're modernizing it with ICS
@@will201084that’s 🧢 they have old ass plc’s anyone can go online with and make edits
@@Ebap-dy9zp I'm more worried about the spent fuel rods taking a long, HOT soak in the pool outside the plant. The eerie blue glow tells you that stuff is still plenty dangerous.
This is such an insane story. Cyber security is still such paramount importance in 2024 and I feel like a lot of people are still very unprepared or uneducated about proper security.
Very much so! I'm been in cyber security an other aspects of the industry for many years and I'm still learning.
I wish they would date it in the head line instead of using it as click bate. Other wise well done.
Its terrifying to think that there are cyber weapons out there that could dictate if we live or not
there aren't. in order to pull something like this off you need years and state resources. like a complicated spy mission. its not like some child can inadvertently do this in a fit of immature rage because the virus is just floating around
its possible that russia or china could do this to some US infrastructure, but only if it was a long term concerted effort with many people involved, as it was for the allies that launched stuxnet
@@HanTheProphet This video was from 2016 8 YEARS AGO PRETTY SURE THEY'VE HAD ENOUGH TIME TO UP THEIR GAME!
@@HanTheProphetever heard of an emp?
@@MommaBear_316Security has had 8 years to evolve as well. It’s a classical arms race. All it takes is for one to get through, yes. But how many are going to face back at you? Techwar has to obey MAD like anything else.
@@HanTheProphetare there, or are there not? You said both lol
Pretty wild that the SysAdmins in the nuclear plant didnt block USB drives on their PCs. Pretty big oversight for something that sensitive.
Infected part not a usb stick
Oh man!! When I watched this for the first time by downloading it via a torrent, it was surreal! Now, after 8 years, it is nice to see it available publicly and I can share with everyone. This series was great! Can't wait for the Russia episode.
0day is just an exploit that has not being disclosed yet.
Yea he didn’t explain what a zero day was lol .
@@inility57722:35
Uncle Sam ain’t gona do that for a while baby 🇺🇸🤠🤩 💪
The more time goes by and information becomes more available new things are becoming apparently more common helping us to understand the complexity of the internet
Symantec security: discovers super weapon attacking bad guys
“We should let everyone know about this”
I prefer a security company to be as neutral as possible...
Agreed. Better than being like Kaspersky and their engineers getting arrested if they don't do what they're supposed to.
Your idea of "bad guys" are not the same as everyone's idea of "bad guys."
it got out of control and spread through numerous other countries.
Symantec security: discovered super weapon that could wipe out lots of people at once and directly cause international wars
"We should let everyone know about this"
Very informative. Thanks for the research
Did he just admit it was the US at the end there? "We demonstrated"
Yepper
they did actually.
😅q7@@ROBLOXGamingDavidthe i8776677u7766😅
U.S. sabatoging something Iranian sounds about right.
You really thought you did something huh
Iran running Windows legally is impossible since Microsoft would never sell them license keys.
It’s called looking up windows keys, Microsoft actually doesn’t stop it because then they have more people on their OS
Now this great journalism !
I really like this segment from vice. I wish they would continue it!
What’s with y’all refurbishing old news that y’all already covered lately?
Wait till Ai comes to cyberwars.
So its a real life Skynet without an A.I.
Excellent video. Very interesting, informative and worthwhile video.
Stuxnet was old even in 2016, now its really old, thanks Vice
Stuxnet was the start of a new era
by then, it is already as dangerous as it can get.
3:04 really? You’re misdefining a crucial term 3 minutes into the entire video? That’s so shobby
10:06 Literally shows us it being on the charts
When he threw the blank pieces of paper, that really hit home.
Who wants Captain Crunch?
me me meee
Yes
So why would Chen and Symantec broadcast they found Stuxnet, determining it was a weapon and being used against Irans nuclear weapons program? Great they had the skill and fortitude to detect and decode, but why rat out the ‘rat’ being used against a larger rat?
That’s what I was thinking the whole time while watching this
I'm surprised they didn't get a call from Mossad or NSA to keep quiet
Because it was already detected by a Belarussian company. If they kept quiet, that's just a clear indication of something shady.
Exactly it's because they were in help programming this with the United States government to demonstrate what its capable of
Why are there still people that genuinely believe that, in this time and age, causing geopolitical trouble will leave them unharmed?
James Actin is not an expert on the IAEA. He is incorrect to say that the Fuel Enrichment Plant at Natanz is too small to fuel a nuclear power reactor. In fact, Natanz has a capacity for 50,000 centrifuges, sufficient to provide fuel for a 1000 MWe reactor such as that at Bushehr!
Awesome to see Vice bang out great content
Upvote if you came back from year 2032 to re-watch this.
And here I am in 2232 and thinking 🤔 You made a typo.
What's interesting, since this aired Iran is one of the leaders in AI research. US firms tried desperately to recruit Iranian engineers but trump refused to allow it. That's why companies in Silicon Valley opened up research facilities in Canada and Europe, so thy could hire these people.
If Iran is one of the leaders in AI research then how come Iran hasent come out with a leading tech company till now just like China?
@@arbaz79You mention two state run economies and question why private corps haven’t upset them in the same breath.
Yep, they are now hacking the states that hacked them back then. Not extraordinarily, but still, they are now advancing.
For anyone wanting a more up-to-date insider look at this event, read "The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age" by David Sanger.
Plc's like siemens, allen bradley, sneider were not built with security in mind. These are in all systems in warehousing, factories and energy grids around the world.
And the more advance the country the more vulnerable they are.
True! Easy to hack! Still 😂
The thing with sanctioning Iran for so long is that they have learned to develop their own home grown versions of weapons.
This could eventually spell disaster and backfire on the U.S and Israel ... Just saying. 🤔
You made some valid points.
That's a good point you made.
Yup if they did not sanction iran, they could pull more of these stuxnet type attacks. Now everything in iran is anti-stuxnet. 😂
Iran says, ''' How's your GPS Ship steering software working these days ? "
Smoking crack if you think the us isn’t gonna retaliate with something 10fold in severity lol
@@gumpycognac4505 What if the Baltimore crash was not an attack, just a proof of concept? Now realize the Millions of ships & trucks & farm equipment & other vehicles all dependent on GPS & easily hacked by A.I. more advanced than any tinyb organic human brain . . .
Stuxnet was dangerously used & it came back to hurt us. But it was an incredible Team effort to pull this off.
I work on PLCs occassionally as an electrician and they control everything industrial. Suprised it took this long to realize even if this is from 2016. Not much has changed as far as PLC security thats for sure
Few people know that during one week in 2023:
1. The FAA's Air Traffic Control System went offline in the U.S.
2. Within hours Canada's Air Traffic Control System also went offline. They are completely separate systems.
3. A month earlier the Philippines own Air Traffic Control System went down. That was a test run.
4. For those living in reality, three separate incredible events in three separate countries is called a hack/ransom ware attack. The media reported them as just a catastrophic system failure...that was reversed within hours.
5. The value of Bitcoin jumped dramatically right after the U.S. and Canadian events = the ransoms were paid.
Get a life
Whole lotta yappin
That's a pretty interesting claim, I've looked up and verified all the other stuff and the price of bitcoin does seem to increase dramatically over the days afterward. Love the level of replies from the two idiots above me tho
@@ifxthenwhy6202your post read my mind, top to bottom. This whole thing makes Jason Lowery's book Softwar all the more interesting.
@@ifxthenwhy6202exactly, even microsoft pays ransoms, what the two above you on?
“The US opened a door that everyone will walk through now”
No Vice and NY Times let our enemies now in detail what's up lol
Full disclaimer I work with mostly competitor products but wow...Siemens: From Concentration Camps to Iranian Nuclear facilities. (According to the Siemens website and this video.) Too bad I can't bring this up in a business meeting without looking like an ass, lol. Sometimes being P.C. blows my mind.
Anybody else notice that the interviews were sped up?
To all those who are complaining that it's from 2016... Don't. The point is this is happening and has been happening for a while and vice has taught more of us just how fragile our predicament is.
the attack didn't even happen in 2016 either... this is old ass news from a million years ago. DEPRECIATED CONTENT. Not useful. errr... obsolete information.
parts of stuxnet is what affected the ship that hit the Baltimore Bridge.
As a Power Engineer and PLC user this scares the hell out of me ..
That crazy
lol what’s crazy it came out 4 minutes ago. Confuzzed!
@@Rynam happened 2016 bro. things are twice as worse in the shadows rn
@@Akac3shnot in 2016, 2009 i think
@rafayahmed6259 dam bro that’s crazy !!
Seán McGurk, former director of NCCIC, US Dept. of Homeland Security:
"I think that there is no clear... complete evidence or even complete indication that it was one country or another."
Also Seán McGurk:
"Stuxnet to me was a Trinity moment... we demonstrated a capability that you could have devastating physical impacts by cyber means."
Hold on, what do you mean by, "we?"
bro youre overthinking it, he means the employees of HLS, and anyone involved
(not israel)
Old VICE was sooo goooood
Wait when he said ‘normal malware doesn’t go after control systems’ was he referring to malware outside of international cyber-terrorism? I understand that most cyber attacks are most clandestine but surely it’s not unheard of for them to go after control of the particular infrastructure/government facility
Do you think a normal malware could infect an unknown operating system? You know windows,mac and linux. However a nuclear power plant OS does not use any of those. So it can only be of someone that understands how a nuclear power plant operates from the infrastructure/bare level. Look it is easy to figure out if you just think a little for a few mins.
The FUTURE is not BRIGHT, it's SCARY as ffffff...
Good luck & God bless us ALL - cuz we're gonna be needing it.
❤ 🙏 ❤
I sincerely hope not though ...
Vice..RIP☠️
Amos 5:18-19
⚠️Woe unto you that desire the day of the LORD! to what end is it for you? the day of the LORD is darkness, and not light.
19 As if a man did flee from a lion, and a bear met him; or went into the house, and leaned his hand on the wall, and a serpent bit him.
20 Shall not the day of the LORD be darkness, and not light? even
Vice, with their finger on the pulse of the state of the art. They made a doc six years late, and released it fourteen years late.
Zero-day: if found, it is kept and not reported to the developers by the agencies for precisely this reason (to be used when needed).
The code was inputed so after it was all put out then the ransoms could happen
Y'all better keep those nuclear power plants safe as if ur life depends on it from exploits
JUST A FRIENDLY REMINDER------ America is in violation of the Symington Amendment by giving aid to Israel when they haven't signed the Nuclear NPT, and promote terrorism on Iran when they seek to develop their own energy program.
Ben has been cooking recently 👏
Bro this almost 10 years old😂
If by "recently", you mean in 2016.....
21:37 I consider this statement as an admission of responsibility
Genuine question is the interview tripping sack during the interview with the guy from Symantec? Pupils are absolutely massive for being in a lit room
Why do channels re-upload stories from almost a decade ago? Especially news reports like this -- the technology discussed as well as the geopolitics of the region have changed dramatically since then...
Understanding the past isn't necessary?
@@DarkandWeird that's exactly my point -- this is clickbait from their editorial team, pure and simple. If there was a desire to encourage understanding the past, this clip would be coupled with more context, rather than recycling this decontextualized story at a time when Iran & Israel are in the news a lot.
Stop posting as if they were recent news!!!!
Excellent reporting.
They are currently in conflict... Except their parents were able to be vocal
Nuclear power is probabaly supposed to be used to fly people to space.
I'm single
Sad
I'm a double cheeseburger
Pronouns about to be Was/were
I’m double
I'm a half pounder 😅😅😅
I'm guessing there won't be a new season :(
Considering this video is almost 10 years old, nope.
They did that guy super dirty with the thumbnail lmao
Unsubed. Old content.
Some people call Stuxnet the opening battle of WW3.
It was a programmer in Minsk who first discover Stuxnet
This video is more exciting than a regular movie, it’s even got it’s own plot twist.
The combination of cyberwar and the recent AI advancements make nuclear weapons obsolete, the combination of both of these can do far more damage over a far greater range.
I worked on Siemens LOGO industrial controllers at the time...this is interesting...
Nuclear *enrichment* plant, not a power plant. Massive difference in intent.
i remember a boeing engineer was telling me stories about how they'd put code in usb sticks that would get sold to russian nuclear plants and how it would slightly alter their output somehow to make them less efficient which caused massive losses over time.
so glad im a cybersecurity major rn
The explanation in the beginning of what a “zero day” exploit is not really correct. It is a cyberattack that takes advantage of an unknown or unaddressed security flaw in computer software, hardware or firmware. The term “Zero day" refers to the fact that the software or device vendor has zero days to fix the flaw because malicious actors can already use it to access vulnerable systems.
Second, kinetic really shouldn’t be applied to missiles bc a “kinetic energy weapon” is one that doesn’t use explosives but rather speed/density to destroy something….
when the facts do come to light this will be a great movie
There was an attack on a uk power station two or three months ago in the uk
Gosh the amount of times this has been covered.... is Vice using Microsoft Edge?
It wasn't attacking a nuclear plant, it was looking for a specific configuration of PLCs that operated centrifuges for enriching uranium.
...within a nuclear power plant
Yeah so when the plant pops it will be an "unfortunate accident"
Need to keep making content like this.... hopefully
More videos about hacking even if its a old video but you guys should make cyber warfare videos
If vice stuck to investigation journalism like this they would still be viable today
Well this is just the problem of having cyber and techonlogy can cause alot of problem from computers and such that is upholding the systems in reacters and cause an meltdown which is just crazy and should not be allowed too do and should be supervised.
Uhhhhhhh didn't Australian Media report on this approximately 15 years ago?
Sounds like someone is setting us up for a “checkmate “
Explanation of "zero day"..... Having such a "specialist" provoke not only them..
With amazing reporting like this it's hard to understand why Vice went bankrupt. Who's uploading these?
I have one issue about this entire series
The U.S. govt wouldn't just let a bunch of whistleblowers reveal all this stuff unchecked. I think they cleared most if not all the info that has been released here. We dont take national security lightly. Even after an individual has technically left clearanced govt service.
Wonder what happened to this insider. He probably was not a systems administrator, network security person but a programmer.