Monday, April 18, 2011

Reason #6 Why China May Have Sponsored The Stuxnet Attack

In spite of the fact that I'm probably the only person who still doesn't believe that Israel or the U.S. was behind the development of the Stuxnet worm, I just discovered another reason why I believe the PRC is the most likely state-sponsor. According to this article in iStock Analyst "China Focus: Foreign Firms Seek Expansion Into China Even As Super-National Treatment Ends", Siemens has 16 R&D centers in China which employ over 2,300 engineers who are working on over 1,000 patents each year.

Assuming that Stuxnet was a Chinese operation, they didn't need access to Idaho National Labs or Dimona as the New York Times reported on January 17, 2011. In fact, everything needed was already in the PRC.

1. Windows source code :
"The review is an extension of an agreement signed in 2006 which enables China immediate access to the source code for Windows 7, Vista, XP, Server 2008 R2, Server 2003, and 2000, and the embedded software CE 6.0, 5.0, and 4.2. Also included is the source code for Microsoft Office 2003 Professional Edition and most other Microsoft products."


2. The Vacon Frequency Converter Drives targeted by Stuxnet are manufactured in Souzhou.


3. RealTek,  one of two Taiwanese companies who's digital certificates were stolen has a subsidiary office (RealSil) in Souzhou.


4. The P1 centrifuges which were sold to Iran by Pakistan's AQ Khan were originally of Chinese design.

5. Chinese anti-virus company Rising International announced an unheard of 1 million infections in China three months after the virus was discovered. No infections had been reported in China before then.  Rising International became notorious for creating and distributing software viruses, then selling the anti-virus with the help of a Chinese government official in Beijing's Public Security Bureau.

And now (6), 2300 Siemens engineers working in 16 R&D centers in China would have access to a limitless supply of inside information about Siemens software and hardware.

I'm not suggesting that this represents incontrovertible evidence that China was the state sponsor of Stuxnet, but there is more fact-based evidence supporting China than I've seen presented for any other state. And now with Iran threatening legal retaliation against Siemens and apparently convinced that it was the U.S. and Israel with no evidence to support it, I think its important to present some alternative analysis to the conventional wisdom one more time.

UPDATE (1 JUN 2012): David Sanger spilled the beans today in a lengthy NY Times article that Stuxnet was a U.S. operation which started during the Bush Administration. The world's first cyber weapon didn't come from China after all. 

No comments:

Post a Comment