Cryptogate, Siemens and Stuxnet

McJ's picture

Here's another spy story for you. Not as thrilling as Winter's excellent ongoing tale but interesting and informative, I hope. smiling I stumbled upon this story while doing some late night googling on the Stuxnet worm. As you know this worm works "by exploiting previously unknown security holes in Microsoft’s Windows operating system. It then seeks out a component called Simatic WinCC, manufactured by Siemens, which controls critical factory operations. The malware even uses a stolen cryptographic key belonging to the Taiwanese semiconductor manufacturer RealTek to validate itself in high-security factory systems."

It seemed unbelievable to me that the German electronic giant Siemens could have released such critical software containing a well known security risk and even more unbelievable that they could have known the code had been leaked for two years and done nothing about it. See my previous comment on this here. Surprisingly (or maybe not), this is not the first time Siemens and Iran have been linked in a far reaching story of espionage, foul play and stolen cryptographic keys. You can judge for yourself if you think Siemens was simply incompetent, or unethical, in selling their easily hackable software to critical industries worldwide or whether their history suggests this may have been the plan.

Note to James: I am leaning towards MIHOP here. So's Eileen! smiling

On March 18, 1992 Hans Buehler, a top salesman for the Swiss company Crypto AG, was arrested in Tehran, Iran and accused of spying for the US and Germany. For the next nine months, he was held in solitary confinement and questioned repeatedly as to whether he had leaked the codes to Iranian and Libyan encrypted communications to western powers.

A Swedish cryptographer, Boris Hagelin founded Crypto AG in 1952 in Zug, Switzerland. Boris was the renowned inventor of the "Hagelin-machine". Hundreds of thousands of his "Hagelin-machines" were used in World War II on the side of the Allies to decrypt enemy communications. As Switzerland was perceived as a discreet place, a neutral nation that could be trusted, their enciphering devices for voice communication and digital data networks were popular. In the ensuing years, Crypto AG built up long standing relationships with over 130 countries.

"The purchasing nations, confident that their communications were protected, sent messages from their capitals to embassies, military missions, trade offices, and espionage dens around the world, via telex, radio, teletype, and facsimile. They not only conducted sensitive albeit legal business and diplomacy, but sometimes strayed into criminal matters, issuing orders to assassinate political leaders, bomb commercial buildings, and engage in drug and arms smuggling.

Both Iran and Libya had purchased their cryptographic communication equipment from the Swiss company. The Iranians had become suspicious that their codes had been leaked after Ronald Regan had announced to the world that the US had been reading secret Libyan communications in "a speech justifying the retaliatory bombing of Libya for its alleged involvement in the La Belle discotheque bombing in Berlin's Schoeneberg district." This suspicion was further solidified when "the U.S. provided the contents of encrypted Iranian messages to France to assist in the conviction of Ali Vakili Rad and Massoud Hendi for the stabbing death in the Paris suburb of Suresnes of the former Iranian prime minister Shahpour Bakhtiar and his personal secretary Katibeh Fallouch".

Apparently however, the Iranians eventually believed Buehler's story that he did not know anything. In 1993, Crypto AG paid Iran one million German Marks for his return, then promptly fired him a few weeks later ordering him to repay the bond. The reason given was that "Buehler's publicity, especially during and after his return, was harmful for the company". What is more likely is that they had satisfied themselves that Buehler had not given away any of their secrets and because Buehler had been asking some embarrassing questions.

Buehler's story prompted the Swiss and German news media to investigate the company. (Perhaps the Iranians were hoping his release would generate interest in the story.) It turns out, Buehler's belief that Crypto AG was a discreet, neutral company, simply providing the best equipment, was grossly naive. Crypto AG was anything but discreet. In fact, the company had become quite diffuse.

"Swiss television traced the ownership of Crypto AG to a company in Liechtenstein, and from there back to a trust company in Munich. A witness appearing on Swiss television explained the real owner was the German government--the Federal Estates Administration.

According to [the German Newspaper] Der Spiegel, all but 6 of the 6000 shares of Crypto AG were at one time owned by Eugen Freiberger, who resided in Munich and was head of the Crypto AG managing board in 1982. Another German, Josef Bauer, an authorized tax agent of the Muenchner Treuhandgesellschaft KPMG, and who was elected to the managing board in 1970, stated that his mandate had come from the German company Siemens. Other members of Crypto AG's management had also worked at Siemens."

Furthermore, some Crypto engineers came forward to tell of secret dealings and cooperation with the NSA and it's cryptographers, the German BND, American "watchers"and Motorola engineers. The story eventually unraveled and it was learned that for decades, the US had routinely intercepted and deciphered the top secret encrypted messages of 120 countries.

"Crypto AG's enciphering process had been developed in cooperation with the NSA and the German company Siemans [and] involved secretly embedding the decryption key in the cipher text. Those who knew where to look could monitor the encrypted communication, then extract the decryption key that was also part of the transmission, and recover the plain text message. Decryption of a message by a knowledgeable third party was not any more difficult than it was for the intended receiver".

It seems that all the favorite suspects were in on the code cracking scheme. From Wayne Madsen we learn about the involvement of Israel and England.

The role of Israel may be explained by a little-reported intelligence alliance. NSA maintains a link with the Israeli sigint entity, "Department 8200," located in northern Tel Aviv at Herzliya. The sigint link is said to involve the British Government Communications Headquarters (gchq) base on Cyprus. Israel's ability to crack the Iranian Crypto AG codes indicates that Israel had access to the key decoding programs.

Madsen also elaborates on the Siemens connection. Just one big incestuous family.

"A Presidential directive on national security prepared for President Truman states that "Switzerland ... delivers precision instruments and other materials necessary for the armament of the USA and NATO countries [emphasis added]." Germany's BND, too, has apparently cooperated with the US encryption rigging scheme through Siemens Defense Electronics Group of Munich.

A previous director of Siemens called Crypto AG a "secret Siemens daughter," while a former Crypto AG financial director said, "the owner of the firm [Crypto] is the Federal Republic [of Germany]." The Siemens connection to Crypto was remarkably incestuous. Siemens provided technical assistance for the machine manipulation process. Suspicion about the German electronics giant's role in Crypto's operations was heightened when it was reported that Siemens helped raise the $1 million to spring Buehler from his Teheran prison cell. In fact, after revelations of the Crypto-Siemens association hit the Swiss press, Crypto's managing director Michael Grupe informed the employees that the advisory board to Crypto's board of directors was being dissolved. The two advisers-Alfred Nowosad and Helmut Wiesner-were both full-time Siemens employees. With the world media describing the company as a silent partner of German and American signals intelligence (sigint) agencies around the world, Grube announced that "Crypto is changing its profile.".

This all makes me very suspicious that Siemens and friends in the US and Israel are up to their old tricks. As my husband always says, "Same old shit, just a new pile".

For some further reading:
The Baltimore Sun, About December 4, 1995, pp. 9-11.
No Such Agency Part Four
Rigging the Game

The story about Crypto AG

And just to muddy the waters for you a bit, here is yet another case of the involvement of Siemens in Iran's business. In March 2010, Siemens and the Finnish telecoms firm Nokia have yet again been accused of helping the Iranian government monitor calls and texts. (Obviously they have been accused of this before but I don't have a link to that story.)

Snip:

"German engineering giant Siemens and Finnish telecoms firm Nokia have once again been accused of helping the Iranian government monitor calls and texts.
Nobel prizewinner Shirin Ebadi, speaking on France Culture radio said that some western technology companies are helping the government and called for international economic sanctions.
"Unfortunately, a certain number of firms support the Iranian regime in its repression and censorship," she said.
"It's clearly the case with Siemens and Nokia when they send the Iranian state software and technology that it can use to monitor mobile telephone calls and text messages," she continued."

Comments

Trust me. I'm a cryptographer.

Great snooping, McJ! You'd think these 'security' dickheads would learn the nature of their own business after a while, wouldn't you?

It's funny, I thought of the Crypto AG scam (and laughing again about it - too funny) when reading about all this and here you have them hooked up firmly with Siemens. Perfect. haha. And how smart are those Iranian security people (and all the others), eh? Good job they're not driving the bus. Oh, wait . . . . .

Yeah, I've found Eileen to be infallible (if not infallable) in these matters. She always leads the way to the bottom of things; fighting her way through all the hot air till she gets to the solid bedrock of cold, hard facts.

So that makes three of us on MIHOP. Ok, all holding hands now . . ready . . . one, two, three . . . . . Hop

Great work, McJ. Thanks again

McJ's picture

Thanks! Formatting that

Thanks! Formatting that article took me longer than the researching and writing. I fixed some of the links in case you tried them and they didn't work.

"It's funny, I thought of the Crypto AG scam (and laughing again about it - too funny) when reading about all this"
Well, I'm sure you sent me that message. It wouldn't be the first time. wink

"So that makes three of us on MIHOP.."
I caught myself on that one! I was thinking "Who is the third person, AP? DOH!!! doh! rolling on the floor laughing rolling on the floor laughing

And ya, MIHOP from the dickheads driving the bus. smiling

Well, ashalee

I was thinking you, me and Eileen! smiling Smile smiling But now you mention it AP was leaning over MIHOP way pretty much from the start smiling

WP has nailed all the tech analysis which is all way over my head so I can't add anything to that. Though I can say, McJ, that all the trouble you took with the formatting paid off. It is all quite easy to follow which it might not have been otherwise with all the quotes.

The next question is, what were/are they hoping to do with all this? Create general mayhem on top of their prime target? "Out of Chaos, Order"??

McJ's picture

I Know

Ya I know about Eileen. It just caught me for a second or two. And I was the one that started it this time. smiling

The formatting is doing some weird things so I was challenged a bit to figure out how to get it to work will all those tags, links and color. I think it will be better for next time. smiling

Good question!

fantastic work, McJ

There was a time -- within living memory, believe it or not -- when this story itself would have been considered "fantastic" ... as in "the stuff of fantasy".

Sending the decryption key as part of the ciphertext is so ... outrageous!

In the previous spy-gate thread you highlighted the danger of hard-coded credentials (*), and this is more or less the same trap-door as that one, only worse.

Hard-coded credentials entail coding the decryption key as part of the encryption/decryption program and the practice is well known to be very, very stupid -- if your aim is security.

The scheme described here is even more counter-security than hard-coded credentials, because it gives the sender the impression that he can change his keys at will. But whenever he does that, his new "encrypted" messages will simply contain his new "decryption key".

What's chilling and obvious about this scheme is that it could only have been developed by someone who understood its role completely from the get-go. This is such an obviously fraudulent "take" on "encryption"... I am lost for words. Wow!

~~~

(*) I am currently working on a project which actually uses hard-coded credentials, and this was one of the first things I noticed when I first saw the code. Yes! -- I could tell right away that there was something "funky" going on there, and any other programmer would have known instantly as well.

It turns out that the client knows all about it, wants it that way, and doesn't consider it "security feature" (just a place-holder for real security in a future version), so it's all right. But if none of the above were true, only thoroughly corrupt programmers could work on such a project. (Not that they are impossible to find, or anything...)

(**) I have always wondered, considering that the NoSuchAgency has long had control of all the encryption software sold legally in the USA, what "features" an encryption algorithm would have to contain in order to be approved by "the most powerful code-breaking agency on the planet" ... and this may be the answer (or something like it): the NoSuchAgency may have been approving only those "encryption" programs whose ciphertext could be read by anyone who knew where to look for the decryption key secretly embedded in the message. Of course I am just speculating here but wouldn't that be typically lame?!

(***) Thanks for the very kind words regarding the continuing saga, and -- ironically? or is irony dead?? -- Holmes and Watson are just about to get into a discussion of basic cryptography / cryptanalysis !!

So ... this is all not only excellent but also very timely in more ways than one.

Thanks and please keep rockin'!

this is outstanding McJ

i still have to wrap my brain around it all, no promises there. i keep thinking of the game rock paper scissors with these people. there's just no trust anywhere among them at all. so they're spying on each other, and even the ones cooperating (US and Israel) must also be spying on each other, as we know Israel does routinely to the US. i don't know if you caught g. duff's "rule of lie..." piece, but he has some interesting facts in there about Pollard and what he stole from the US to send to Russia: http://www.veteranstoday.com/2010/10/03/gordon-duff-rule-of-lie-americas...

start excerpt:

Pollard never gave anyone anything, he sold it. Nothing went TO Israel, Pollard and the State of Israel were spying FOR the Soviet Union AGAINST the United States.

The information was: (this has been confirmed)

* The identities of all CIA agents and the full NOC list, agents of “non official cover” (A movie was made about this, Tom Cruise, Mission Impossible)
* Full NATO defense plans in case of Soviet Attack
* Full information including strategic vulnerability assessments on what would be needed to defeat the United States in a nuclear war
* Design specifics on all American nuclear weapons and delivery systems
* America’s military and diplomatic codes

This information was sold by Pollard to controllers in Israel who then sold it to the Soviet Union. We have learned that because of this information a couple of things happened:

* The Soviet Union came close to a nuclear “first strike” on the United States
* Over 100 CIA agents were executed after extensive torture
* Over 1500 “intelligence assets” were rounded up, tortured and interrogated, then killed behind the Iron Curtain
* America lost all ability to use intelligence to defend itself from the Soviet Union
* America’s strategic capabilities were diminished by over 50%, with many ‘capabilities’ totally unviable
* 15 years of weapons research was lost
* Several weapons systems were totally compromised including our stealth aircraft and nuclear submarines

However, when Barney Frank and his furniture salesman buddy, the one who continually brags about how stupid Americans are and how he can get them to do anything he wants, publicly demanded this monster, Pollard, be set free, the press was silent. The furniture salesman was right, about the press anyway, he can get them to do anything he wants.

Netanyahu wasn’t serious about Pollard, he simply brings it up, from time to time, when he has a need to humiliate the United States, reminding them how naive and gullible they are as a people and how corrupt their military and government are.

end excerpt.

so that was all going on during the 80s, overlapping with Tehran getting suspicious about this Crypto AG. not to speculate but it gets crazy to think who stole what when and who did they tell and why...

McJ's picture

Thanks WP and AP. It was a

Thanks WP and AP. It was a very fortuitous stumble!

AP: I hadn't read the piece by G. Duff but that is very interesting. He does some really good work.

WP: Thanks for the explanation! And as usual there seems to be a lot of synchronicity that happens on this blog. At least when we are active. smiling I don't think your speculation about the NoSuchAgency is too far out. I know they are involved somehow with the keys that Microsoft puts in Windows for export out of the country. I read something about it in my snooping around about this. I will try to find it again.

This all takes some rethinking. If everyone knows what everyone else is doing (secretly, strategecally etc.) how does that effect their decision making. It must really change the game plan. smiling And the rest of us schmoes are left going WTF.

I am also curious to know why Iran would buy software from Siemens considering the history. It almost appears they are in on the game this time. I am also curious about the connection to Taiwan with the stolen key coming from the Taiwan company Realtek and the fact that the worm has also attacked China.

I don't know where this is going and I am pressed for time right now so I hope to get back to this sometime this evening.

Mindblowing.....

AP I never understood much of the Pollard case.
Having read your explanation I must say it's mindblowing.
The "tribe" would run nana down in the parking lot for a buck.
Jeeeeeeeez.
And the Clintons gave away how much to China ?
We ( USA ) are toast. Freakin' unbelievable.
Thanks to you all !

Dave

McJ's picture

Symantec analysis of Stuxnet code

Symantec has just released a detailed paper with analysis of the Stuxnet code. You can get the pdf file at the link. http://www.wired.com/images_blogs/threatlevel/2010/10/w32_stuxnet_dossie...

It is a very technical report which is way over my head but I noted a couple of things which may or may not mean anything since I really don't understand the report.

This is their summary of the threat.

Stuxnet is a threat targeting a specific industrial control system likely in Iran, such as a gas pipeline or power plant. The ultimate goal of Stuxnet is to sabotage that facility by reprogramming programmable logic controllers (PLCs) to operate as the attackers intend them to, most likely out of their specified boundaries.
Stuxnet was discovered in July, but is confirmed to have existed at least one year prior and likely even before. The majority of infections were found in Iran. Stuxnet contains many features such as:
Self-replicates through removable drives exploiting a vulnerability allowing auto-execution.
• Microsoft Windows Shortcut ‘LNK/PIF’ Files Automatic File Execution Vulnerability (BID 41732)
Spreads in a LAN through a vulnerability in the Windows Print Spooler.
• Microsoft Windows Print Spooler Service Remote Code Execution Vulnerability (BID 43073)
Spreads through SMB by exploiting the • Microsoft Windows Server Service RPC Handling Remote Code Execution
Vulnerability (BID 31874).
Copies and executes itself on remote computers through network shares.•
Copies and executes itself on remote computers running a WinCC database server.•
Copies itself into Step 7 projects in such a way that it automatically executes when the Step 7 project is • loaded.
Updates itself through a peer-to-peer mechanism within a LAN.•
Exploits a total of four unpatched Microsoft vulnerabilities, two of which are previously mentioned vulner•
abilities for self-replication and the other two are escalation of privilege vulnerabilities that have yet to be disclosed.
Contacts a command and control server that allows the hacker to download and execute code, including up•
dated versions.
Contains a Windows rootkit that hide its binaries.•
Attempts to bypass security products.•
Fingerprints a specific industrial control system and modifies code on the Siemens PLCs to potentially sabo•
tage the system.
Hides modified code on PLCs, essentially a rootkit for PLCs.

Anyone know what the part I bolded mean? And what would be the reason they are not being disclosed?

Below is a screen clip of the Stuxnet Timeline. Notice the entries on July 17 and July 21. This means the Stuxnet drivers have been signed by certificates from both JMicron Technology Corp and Realtek Semiconductor Corp. Both these companies are from Taiwan and have offices in the the Hsinchu Science and Industrial Park. See link: http://www.securelist.com/en/blog/2236/Stuxnet_signed_certificates_frequ...

Photobucket

Also on page 6 there is chart showing the geographic distribution of the worm. Iran has by far the most infections at 58% with Indonesia next at 18% and India at 10%. China isn't even on the chart.

And finally on page 20 at the bottom of a section title "Windows Rootkit Functionality" Symantec added this comment.

"Guavas are plants in the myrtle (myrtus) family genus. In addition, according to Wikipedia, “Esther was originally named Hadassah. Hadassah means ‘myrtle’ in Hebrew.” Esther learned of a plot to assassinate the king and “told the king of Haman’s plan to massacre all Jews in the Persian Empire...The Jews went on to kill only their would-be executioners.” Symantec cautions readers on drawing any attribution conclusions. Attackers would have the natural desire to implicate another party."

It really struck me as a strangely inappropriate place for it.

In addition, there is this from Secure List which has done a series of posts on Stuxnet.
http://www.securelist.com/en/blog/283/Myrtus_and_Guava_Episode_5

Siemens also confirms that the worm is able to transmit process and production data, and that it attempts to establish a connection with the cybercriminals’ servers. At the moment, however, the servers are apparently inactive.

Are they spying with this worm as well. The big question - Who owns/controls the servers and what happens when and if they become active?

newjesustimes's picture

thanks McJ and

apologies it took me so long to come around - to echo everyone above, great job!

> the other two are escalation of privilege vulnerabilities that have yet to be disclosed.

'escalation of privelege' means gaining more priveleges to the system than one should have. for example, someone might have access to a read-only shared folder, or a printer on the target system, but then they send some data in the right format to trick the system into 'escalating priveleges' and next thing you know, they're adding users and services or overwriting the system registry as if they were logged in to the Administrator account.

Here's the lengthier explanation http://en.wikipedia.org/wiki/Privilege_escalation

I would guess the primary reason for not disclosing them is that they want the vendor (Microsoft) to come up with a fix before they give out clues as to the exploit, and once a patch exists then they'd disclose the information.

> Same old shit, just a new pile
rolling on the floor laughing your husband sounds like my kind of guy!

McJ's picture

Thanks NJT and more info

Thanks for the info NJT.

Found out a few more tidbits on this.

The worm was first discovered in June by VirusBlokAda, a little-known Belarussian security firm.

The worm is trying to contact servers in either Denmark or Malaysia so it can send data. Which means this thing is also spying.

"The highly sophisticated worm also takes advantage of default passwords used by Siemens' management consoles to connect and then try to steal industrial secrets from infected companies. If it worked, the worm could steal manufacturing "recipes" from victims, allowing criminals to counterfeit products." (http://www.computerworld.com/s/article/9179459/Siemens_German_customer_h...)

Whoever wrote the code had detailed knowledge of Siemens’s industrial-production processes and control systems, and access to the target plant’s blueprints. ((http://cafe.comebackalive.com/viewtopic.php?f=1&t=51583&start=30)

A more "plausible target [than the Bushehr reactor] is Iran’s uranium-enrichment plant at Natanz. Inspections by the International Atomic Energy Agency, the UN’s watchdog, have found that about half Iran’s centrifuges are idle and those that work are yielding little. Some say a fall in the number of working centrifuges at Natanz in early 2009 is evidence of a successful Stuxnet attack.
(http://cafe.comebackalive.com/viewtopic.php?f=1&t=51583&start=30)

And here's a quote from Eric Byres, chief technology officer with SCADA security consulting firm Byres Security.

...The Siemens system was designed "assuming that nobody would ever get into those passwords," Byres said. "It's an assumption that nobody will ever try very hard against you."
(http://www.networkworld.com/news/2010/072010-after-worm-siemens-says-don...)

Does anyone really think that is what Siemens assumed?

"The highly sophisticated

"The highly sophisticated worm also takes advantage of default passwords used by Siemens' management consoles to connect and then try to steal industrial secrets from infected companies. If it worked, the worm could steal manufacturing "recipes" from victims, allowing criminals to counterfeit products."

Now, this sounds like 'our friend and ally'!

Here' another article on the stuxnet worm-
http://theuglytruth.wordpress.com/2010/10/11/stuxnet-computer-worm-israe...

ignorant as I am with this stuff

Let me see if I have the basics correct. Someone (PTB_US/ISRAEL) are setting things up via computer code that they can at a future time use to stuff up things(?) in Iran (our, latest worst enemy), but not doing a real good job of either doing it or hiding that it is them that is doing it. Phew! that was a sentence and a half. This of course makes the threat of cybert terrorism really scary, because we all know that the best terrorists in the world come from the countries in which we all reside. Boy are we stuffed-again.

Yes!

I'd say you've got all that stuff just about right.

thanks winter

thanks winter

McJ's picture

Comment for Penny re: Stuxtnet

Penny,
Re: Your Post
Wednesday, March 23, 2011
Stuxnet /Fukushima: Connected? Why and Why not.

I am leaving this comment here so I can remember where I put it sticking out tongue and because I think I would need to break it up into more than one comment over on your post. I guess I should have done my own post on the possible Stuxnet connection to the nuclear crisis in Japan like James suggested to to me. I have information and comments spread over at A13's and the WP Community and in email exchanges and in bookmarks etc.

Here is a collection of them along with some additional comments that I think you may find pertinent.

We know that one part of the Sutxnet Virus can act as a 'man in the middle' sending false signals to operators regarding the operation of the plant and that it's purpose is to destroy targets 'military style'. Stuxnet attacks the Siemens PLC (programmable logic controller).

.... an excerpt from a New York Times article about Israeli and US involvement in creating the virus (which by the way Israel has bragged about - see this link  http://www.net-security.org/secworld.php?id=10596). It is specifically referring to the Iran centrifuges but it does say that part of Stuxnet's attack is to stop the safety systems from kicking in.  So, what if in Japan's case the safety rods were not raised or only partially pushed up between the fuel rods or if they were jammed?

http://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html?pagewa...
"One part of the program is designed to lie dormant for long periods, then speed up the machines so that the spinning rotors in the centrifuges wobble and then destroy themselves. Another part, called a “man in the middle” in the computer world, sends out those false sensor signals to make the system believe everything is running smoothly. That prevents a safety system from kicking in, which would shut down the plant before it could self-destruct.

“Code analysis makes it clear that Stuxnet is not about sending a message or proving a concept,” Mr. Langner later wrote. “It is about destroying its targets with utmost determination in military style.”

The system could be telling them that the safety rods were in place when they actually weren't. There are some people that are questioning if the rods actually were raised because of the difficulty they are having in lowering the heat however all reports say that they were. So, how do we know because we can't trust the information we are getting.

And we know that Siemens upgraded the controllers at the Sendai nuclear power plant in Japan.

"In 2008, Siemens was awarded the Asian Power Award for its upgrading of the Sendai nuclear power plant in Japan. Following modernization of the control systems and the three turbines, the output of the plant rose by 40.5 MW to 942 MW."

Here is the link to the cached page where I got this from - http://tinyurl.com/4krtkbt . Curiously enough the main link to the Seimens site gives you an error message "We're sorry, your request encountered an error." http://tinyurl.com/4bsegsn

We know that Siemens is a German owned company and there were ten German nuclear experts at the Fukushima plant who left the country shortly after the earthquake.

... I haven't had time to check out the veracity of [this quote but it] should be easy to verify.   (This guy named "IrishSpirit" is quoting articles but not including the links.)
http://nexus.2012info.ca/forum/showthread.php?462-BREAKING-Huge-blast-at...

"Reports have it that Siemens Nuclear experts have now left Japan, stating their was nothing else that they could do. Hopefully not true.
UPDATE: Ten German nuclear technician who had been present during the earthquake wrecked Japanese nuclear reactors in Fukushima are doing well and are expected on Monday in Germany. A spokeswoman for the Foreign Office announced that the experts should leave in the evening from the airport of the capital Tokyo." 

******
I was been able to confirm the story about the 10 German Nuclear Experts. It is at the link - http://tinyurl.com/5rhur2x
However, this article states that the experts were from AREVA (which is a French Company that builds nuclear reactors ). [It does confirm that they were German experts.]

And I found that AREVA and Siemens have worked as a consortium , evidenced by their joint work in Slovakia with Siemens supplying digital supervision, protection and controls systems for two of the reactors.
http://tinyurl.com/5rhur2x
"Erlangen, Germany, 2010-Apr-27
A consortium comprising AREVA and Siemens Energy will supply digital supervision, protection and control (I&C) systems for units 3 & 4 of the Mochovce nuclear power plant in Slovakia. Slovenské Elektrárne a subsidiary of the Enel Group, is completing the construction of two reactors based on VVER (Pressurized Water Cooled and Water Moderated) technology.
The new power plant units will be equipped with TELEPERM XS safety I&C supplied by AREVA and SPPA-T2000 operational I&C from Siemens."

Then we learned via A13 that an Israeli firm called Magna BSP was providing security at the Fukushima plant. From an article in Haaretz we find that Magna BSP had not handed control over to the Japanese at the time of the earthquake.
"Among the 50 Japanese workers who have remained at Fukushima amid the unfolding crisis, in an effort to bring the facility under control, are two individuals who were in Israel about three weeks ago, where they underwent training to transfer the operation of the security system to the Japanese themselves. "

From the Jerusalem post we learn that Magna BSP has remote access to its computer systems at the plant.
http://www.jpost.com/Defense/Article.aspx?ID=212168&R=R1

Israeli firm’s cameras recording Japanese nuclear core
By YAAKOV LAPPIN
03/15/2011 01:43
"Security cameras installed by Israeli defense company at Fukushima plant have ability to detect presence of radioactive clouds in air.
As the world continues to gaze with concern at Japan’s Fukushima nuclear power plant, hi-tech security cameras installed by an Israeli defense firm are recording events at the troubled core from an insider’s vantage point.
The Arava-based Magna BSP company, which specializes in producing and installing stereoscopic sensory and thermal imaging cameras, had been contracted to place cameras around one of the plant’s six cores – the core that has been experiencing explosions and overheating.
Speaking to The Jerusalem Post on Monday, Magna’s head, Haim Siboni, said the thermal cameras also had the ability to detect the presence of radioactive clouds in the air, but added that Magna had not been able to gain access to the images recorded by the cameras at this time.
“Because we are using these special cameras, we can also identify radioactive clouds, due to the spectrum that our cameras can sense,” Siboni said.
Although Magna is able to gain remote access to its computer system, which receives the cameras’ images, Siboni said his company had not yet been authorized to do so.
“We have not been allowed to take control remotely yet,”
Siboni said.
Magna has been asked to secure a second core at the Fukushima plant in the near future."

As anonymous noted Stuxtnet could have already infected the computers at Fukushima, regardless of whether they were connected to the Internet (which I am certain they wouldn't have been as warnings were issued early on regarding this). This could have happened inadvertently by a process engineer via a USB stick or it could have been loaded by someone from the Israeli security company or by the German technicians. The other way I see Stuxnet could have been loaded is through the remote access that Magna BSP has to it's security computers at the plant. If the security computers are connected via a local network to the plant's computers it could have infected them this way. What is interesting about this last scenario from a sabotage context is that the computers would not need to be infected with Stuxnet until the last moment (so to speak). The Israeli company is saying that it doesn't have access to it's computer system however we only have their word on it which would mean zilch if this is what they had done.

Thanks for all that McJ

You did an excellent job putting all that info together.
And there is lots of info there.
If I could make a suggestion, re-title it and leave it up as a must read post.

In one of my older posts on the stuxnet virus i had some articles linked that explained how the virus worked.
Quoting from that older article-

"Researchers say Stuxnet was designed to target control systems like those used at the Bushehr plant in Iran. In particular, they say it targets supervisory control and data aquisition systems or SCADA systems designed by the German company Siemens.

They say that after finding a way into a plant's system, the worm can simply steal data or potentially wreak havoc, causing its systems such as cooling pumps to malfunction."

That all said, I am hoping there is not a misunderstanding on what my post was about?

Because I thought I made it clear that a stuxnet infection could definitely no tbe ruled out.

The sad truth, however, is that there were so many problems with the power plant, as I mentioned, TEPCO has a history of cutting corners and covering up.
Then the idiotic way the plant was constructed, with all those spent fuel rods sitting right on top of the reactors??!!

This was done to save money, bottom line. So called nuclear engineers who designed that shit, should have known without a doubt that design would present a problem.

But it always comes down to making maximum profits and dam safety all to hell!

Thanks again McJ

McJ's picture

Stuxnet and Sabbotage

Thanks for your kind words on my comment. I think you made your point very well that the Fukushima plants were a disaster waiting to happen. smiling I added the information to build on your post as well as on Michael's excellent comments. When I first read about a possible HAARP connection, I admit I didn't give it much credence however after doing a bit or research coupled with the information I had gathered on Stuxtnet I am finding the idea more plausible. If you read this article by David Nabhan - http://www.thenakedscientists.com/HTML/articles/article/the-san-andreas-... and this interview with Dr. James McCanney http://www.winterpatriot.com/node/551 you start to come around to the idea that it may well be possible to predict when earthquakes will occur. So one could hypothesize a sabotage situation using a 1,2,3,4 punch. Solid information about the timing of a large earthquake about to occur off the coast of Japan + a help along by HAARP + Fukushima reactors being a disaster waiting to happen + the deployment of the Stuxnet virus. As for the reasons for doing this, it could have been meant as a stark warning to Russia and China. I just don't like to put anything past the evil ones. smiling

it's a stark warning to Japan as well, no?

... and many other places, too!

Even if we disregard the evidence of nuclear sabotage by software for a moment, it still strikes me as perhaps the most unusual act of war we have ever seen, though it will not be treated as such.

I mean, to mess with the geology of a place like Japan ...

If Japan breaks down and falls into the ocean, it will trigger a tsunami that would roll across the Pacific in a matter of hours, obliterate Hawaii, and keep going till it hit the Rockies. For all practical purposes we could say goodbye to SF, LA, SD, Seattle, Van and Vic and many other cities large and small, all the way up to Alaska. Much the same fate would await Acapulco, Managua, Panama City, Lima ... All of Central America could easily be washed into the Caribbean!

But the damage it would do to East Asia would dwarf the all that. Indonesia, Malaysia, Vietnam ... we wouldn't hear much about it here if some of our own cities were gone, but every place that is separated from Japan by nothing but water would be in danger, and the less distance, the more danger. Taiwan, Hong Kong, Sayonara. Massive damage to China, both Koreas and Russia. Not much would remain of the Philippines.

Possibly PNG would help to protect the north coast of Australia. NZ would have no protection at all.

On the other hand, Washington and Tel Aviv would be relatively safe. Comforting, no?

Some days I think I missed my calling. I shoulda been an alarmist.

alarmist? I'm not so sure

well, Winter, I remember you saying at the time that the stuxnet worm was first in the public's consciousness that the israelis had opened Pandora's box with their little bit of criminality; that all sorts of shit would go wrong with industrial systems in the future. And you have been proved correct, unfortunately.

You also said it would be relatively easy now for someone else (if not he same usual suspects) to modify and deploy as a weapon too.

you ain't seen nothin yet

It will be VERY easy to clone and retarget this monster ... and for that reason I cannot get Bachman-Turner Overdrive out of mind at the moment. I'm sure you know how it goes...

You ain't seen nothin' yet
B-B-B-Baby, you just ain't seen n-n-n-nothin' yet
Here's something that you're never gonna forget
B-B-B-Baby, you just ain't seen n-n-n-nothin' yet

I hope I'm wrong but I've been hoping that for a long time now without result.

memories

I had forgotten that song (along with a lot of other things because I'm of a certain age ) but you have brought it back to mind, Winter. And I don't think I'm going to forget it so easily from now on, though. Such madness

McJ's picture

Fore warned is fore armed...

You are exactly right Winter and this is alarming stuff. An event of that magnitude would cause a massive tsunami the likes of which today's world could not fathom nor would be likely to contemplate. However, such things are not unheard of in our distant past. There is evidence that events like this have happened. I watched a documentary once about what would happen if a known precarious chunk of the Canary Islands were to break off and fall into the sea. The tsunami produced would be hundreds of feet high and moving at incredible speed when it hit land. Basically, the same scenario you have just described except in the Atlantic. It would wipe out the entire eastern seaboard of the the US and Canada.

And yes this could be a warning to Japan and just about anywhere else that is paying attention. So, good point!

Post new comment

The content of this field is kept private and will not be shown publicly.
By submitting this form, you accept the Mollom privacy policy.