Join Transform 2021 for the most important themes in enterprise AI & Data. Learn more.
LAS VEGAS — Call it black hacker humor. With a twist.
During a thoroughly detailed and far ranging talk about hacking and malware propagation at the Black Hat conference attended by 2,000 in a massive conference room at the Mandalay Bay Wednesday, legendary computer security visionary Mikko Hypponen had a funny story to tell.
The Finish Hypponen told the rapt crowd about an email he received from an Iranian computer scientist working for the Atomic Energy Organization of Iran. The email arrived in his inbox after the Stuxnet virus, reportedly created jointly by the NSA and their Israeli counterparts, began wreaking havoc on that country’s nuclear program in 2010.
Stuxnet, at the time Hypponen received the email, is, and was, perhaps the most devastating virus, or worm, ever untethered against an adversary. Stuxnet brutally attacked Iran’s nuclear facilities’ Programmable Logic Controllers, which in turn commanded the facilities’ centrifuges to literally spin themselves to death.
Iran’s nuclear program was set back years, good news to the U.S. and Israel, who suspect Iran wants to build a nuclear bomb and have vowed to never let that happen.
The email was concerned, not about the destroyed centrifuges, but about Australian hard rock group AC/DC, whose music is banned in the ultra conservative Muslim country, a nation where accessing Facebook is now a serious crime and Twitter is outlawed.
The email, which Hypponen confirmed came from an Iranian scientist who was who he said, read:
“There was also some music playing randomly on several of the workstations during the middle of the night with the volume maxed out. I believe it was the American band AC-DC Thunderstruck. It was all very strange and happened very quickly. The attackers also managed to gain root access to the machine they entered from and removed all the logs.”
Thunderstruck of course is a tune from the Australian group’s 1990 album called the “Razor’s Edge.”
Later, Hypponen speculated in a blog post:
“So, maybe, here what they want to do is show the employees of this organization that your IT department can’t protect you. If your computer plays AC/DC, you know that something’s going on, and your own IT department looks stupid, because they can’t stop it, they can’t keep the malware out. Maybe it’s mind games, or maybe it never happened; maybe this guy was just playing some kind of a joke.”
Dirty deeds done dirt cheap!
VentureBeatVentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:
- up-to-date information on the subjects of interest to you
- our newsletters
- gated thought-leader content and discounted access to our prized events, such as Transform
- networking features, and more