Birth-Control Fatwas & Oops Factors

denver colorado skyline

Zahir Ebrahim, author of The Poor Man’s Guide to Modernity, brings up a problem in the comment section to my previous post.

I reproduce it here as a separate post, because it’s something that has stumped me, as well.

Briefly: How to get in front of false-flags, red herrings, and black ops before they unfold, or, at least, how to derail them after they’ve begun?

How indeed.

Bloggers and activists who write as things unfold are quietly censored through Internet filtering and monitoring, (eg. Google). and content manipulation (eg. Wikipedia).

Or, we are dismissed as “conspiracy theorists” by the mandarins of the mainstream media, because we cannot reach into our pockets and come up at once with documents in triplicate with signed confessions from the Mossad and CIA to prove our claims.

Of course, some forty years hence, some appointed mouthpiece will, at tax-payer expense,  force open the requisite dusty archive where half-redacted memos, still greasy with guilt, will give the game away.

Masks will briefly slip from Olympian profiles, but until then…..

….even if activists do get heard, the media prince-lings who deign to respond, choose their place and time in ways that leave us bloodied and the issues even more bedraggled.

During the ruckus that ensues, the false-flag or black operation unfolds with the panache of an Augustan comedy….except that to those of us in the peanut-gallery it is tragedy.

That is how, as Zahir Ebrahim writes, no less than the Ayatollah Khomeini of Iran fell victim to the Malthusian disinformation of the banking cartel:

Iran under Ayatollah Khomeini introduced Birth Control through a fatwa (I haven’t seen the fatwa myself, only read or heard about it), as the population of Iran had almost doubled from the time of the Shah by the time of this fatwa in the late 1980s.

Well in the 2000s (I do not recall the year), the successor Ayatollah had to issue a new Fatwa encouraging families to have more children and not less children.

According to the understanding given to me on this topic, the first fatwa on birth-control had been issued because of the fears of over-population and Iran not being able to feed itself under the Malthusian construct.

(Not obvious how this fear was implanted in Iran under the Ayatollah, for he was always most wary of the Western agenda. But then again, he also fell victim to it in uncontrollably waging the eight-year war against Iraq — a war that was foisted by the West upon both the peoples of Iran and Iraq equally, and not just Iran alone ,which the people of Iran always tend to forget.)

Anyway, After the birth rate among the Shia Muslims declined drastically, while the minority Sunni Muslims (aprox. 20% of Iranians) had ignored the fatwa and had concentrated on having more and more children (Sunni Muslims do not accept Fatwas from Shia theologians, and vice versa), the demographics of Iran suddenly started to change. T

The Sunni strategy, I imagine both intellectually and financially supported from somewhere, was to come to key positions of power in Iran through the change in demographic. All legal, nothing subversive about it. In fact, it is the method that Palestinians have been employing to overwhelm their Israeli conquerors these past six decades. A most effective strategy!

This strategy, and the declining birth-rate among the middle class in the Shia households, woke up the Iranian government to the folly of the previous “ill-conceived” and “flawed” fatwa.

Now the impetus in Iran is to encourage more children — but not unsurprisingly, the next generation of the middle class and upper middle class, those whose parents or themselves grew up under the directive of the first fatwa, don’t seem to be energetically inclined towards having more children. Career paths dominate in Iran as much as they do in the West. A more detailed study of this is of course necessary. This is just the anecdotal version.

What this shows me however, is that “oops” cannot always be avoided — we are all human. But surely, as you put it: “that the ultimate source of such laws is an ideology crafted with MALEVOLENT intent by the foundation-funded think-tanks and research institutes.” can always be recognized and interdicted. No?

Provided of course that the government machinery, its media, and its intellectuals, are not already co-opted into either silence, acquiescence, or actually putting down their signatures to their own enslavement.

This is the real problem facing both India, Pakistan, and South East Asia. How to overcome our “asininity” which continually leads us to “oops” ex post facto?

India And The War On Terra (Mater)

An excerpt from a Counterpunch piece I wrote in 2006, warning about the effects of Manmohan Singh signing India up for the US-led global  War On Terror, which actually fronts for the Rothschild “War On Terra”.

“In India, thousands if not millions of lives will likely be affected and India’s self-sufficiency in food destroyed, all for a few more H1B visas and some outsourcing businesses. And the sordid distinction of entry into the Big Boys Club of the WTO mafia.

Strike Two: Tariffs on industry were reduced and the coveted services sector was opened up like a brothel in Kanthipura. Public health, education, telecom, banks, water, all pimped by the state. And by failing to bring up TRIPS (The Agreement on Trade Related Aspects of Intellectual Property Rights) for review and amendment, India – junior Big Boy – ensured that prices of patented drugs will continue to soar, affecting the common people in poor countries. The length of patents, the patenting of life forms, health and food security – all this might have been reviewed with ease. Not one was.

Strike Three: On the other side, the senior Big Boys got away with unctuous promises to ease out export subsidies by 2013 knowing full well that export subsidies are only a drop (2%) in the total subsidies to agriculture. Even the vaunted “Aid for Trade” is smothered in conditional loans contingent on further breaking open the markets of poorer countries. And what gains were made in market access in the developed world went largely to agri-exporters like Argentina and Brazil, not to poor countries.

And not to the lost leader of the third world.

None of this need have been. India might have stood with the Caribbean, South American, and African countries and galvanized the G 110. Cuba and Venezuela clearly drew the line on service liberalization and India might have joined them. But the current Congress administration, which took the place of the BJP with a mandate to resolve India’s growing agrarian crisis, has proved itself if anything less concerned with the country’s welfare. One could well ask if a nationalist BJP government would have had the ideological stomach to betray the heartland of India.

The Indian government’s cowardice at Hong Kong matches it’s cowardice over the Iraq war, which it could have opposed more vocally, and the vote against Iran, which it need not have joined. But the Cambridge-educated economist Manmohan Singh seems to have decided to put opportunism before principle. For our elites, perhaps it’ OK just so long long as it’s Cambridge-bred, not Varanasi-bred. (4)

The betrayal of Hong Kong is the background against which events in Bangalore must be viewed. Having reneged on its public duties, the government of India is bound to release a flood of propaganda intended as a smoke-screen and a distraction from its own craven performance.

It’s also likely to tighten its grip in the face of mass protests or resistance as the implications of Hong Kong become more and more widely known.

At Hong Kong itself, union leaders, farmers, and workers protesting peacefully were attacked with water-cannons, pepper-spray, and tear-gas. 900 were arrested and 70 were hospitalized.(5)

Want to know what to expect in the coming year? Here’s the graffiti already on the wall in Indonesia, which currently occupies the presidency of the Human Rights Commission (though it has yet to ratify key international human rights treaties) and in November, 2005 became a full-fledged compadre of the US in the War on Terra.

On September 18, 2005, in Tanah Awuk village in central Lombok, around a thousand peasants gathered peacefully to protest development policies denying local people the ability to feed themselves, on which they blamed a severe problem of child malnutrition. Indonesia has abundant fertile land and all available land is cultivated for agriculture. The real problem is that policies favor elite profits over the hunger of peasants.

At about 9 in the morning, Indonesian police forces attacked the crowd with plastic and rubber (as well as some metal) bullets, tear gas, and truncheons. 33 were injured, 27 from gunshots, and the rest from assault. At least one child and two women were shot.
National TV footage showed unarmed women being dragged violently across rough terrain and police roughing up a man bleeding copiously from the head.(5)

That’s how you play the game when you join the US Terror team. Salaam, Bangalore.”

The genetic downside of female higher education

Alphagameplan compares the Iranian and the American approach to female higher education and concludes that the Iranian approach is more sustainable:

“The USA, and most of the West, has taken the approach that encouraging female participation in advanced education will strengthen their economies. Events have thus far failed to confirm those assumptions, and indeed, are increasingly calling them into question. That may be one reason Iran feels emboldened to take the opposite approach:

Iran will be cutting 77 fields of study from the female curriculum, making them male-only fields. Science and engineering are among those affected by the decree. ‘The Oil Industry University, which has several campuses across the country, says it will no longer accept female students at all, citing a lack of employer demand. Isfahan University provided a similar rationale for excluding women from its mining engineering degree, claiming 98% of female graduates ended up jobless.’ The announcement came soon after the release of statistics showing that women were graduating in far higher numbers than men from Iranian universities and were scoring overall better than men, especially in the sciences. Senior clerics in Iran’s theocratic regime have become concerned about the social side-effects of rising educational standards among women.”
According to the mainstream Western assumption, this should weaken Iran’s economy and impoverish its society. So, barring a war that will render any potential comparisons irrelevant, this move by Iran promises to make for an unusually informative societal experiment in comparison with the control group of the USA. If Iran sees non-immigrant-driven population growth along with greater societal wealth and scientific advancement, it will justify the doubts of those who questioned the idea that encouraging women to pursue science degrees instead of husbands and careers instead of children would prove beneficial to society at large.

Of course, the Iranian action presents a potentially effective means of solving the hypergamy problem presently beginning to affect college-educated women in the West. Only one-third of women in college today can reasonably expect to marry a man who is as well-educated as they are. History and present marital trends indicate that most of the remaining two-thirds will not marry rather than marry down. So, by refusing to permit women to pursue higher education, Iran is ensuring that the genes of two-thirds of its most genetically gifted women will survive in its gene pool.

No doubt the Iranian approach will sound abhorrent to many men and women alike. But consider it from a macro perspective. The USA is in well along the process of removing most of its prime female genetics from its gene pool as surely as if it took those women out and shot them before they reached breeding age. Which society’s future would you bet on, the one that is systematically eliminating the genes of its best and brightest women or the one that is intent upon retaining them?”

Mossad agents pose as American spies, recruit for war on Iran

Christopher Bollyn (who increasingly proves his reliability as a researcher):

“A series of CIA memos describes how Israeli Mossad agents posed as American spies to recruit members of the terrorist organization Jundallah to fight their covert war against Iran.

Buried deep in the archives of America’s intelligence services are a series of memos, written during the last years of President George W. Bush’s administration, that describe how Israeli Mossad officers recruited operatives belonging to the terrorist group Jundallah by passing themselves off as American agents. According to two U.S. intelligence officials, the Israelis, flush with American dollars and toting U.S. passports, posed as CIA officers in recruiting Jundallah operatives — what is commonly referred to as a “false flag” operation.
– “False Flag” by Mark Perry, Foreign Policy, 13 January 2012

When we looked back at all the things that had happened we felt that two things were unclear. First, if they are from NATO, why did they not meet with us in Afghanistan where they have bases and where they can contact us in a much more easy and secure manner. The second issue was that the first time they informed us that NATO forces wanted to meet with us we thought they were going to speak about eastern parts of Iran, because NATO forces are stationed in Afghanistan. But they insisted that we should transfer our operations from the eastern border region to the capital. We thought that this was very strange. When we thought about it we came to the conclusion that they are either Americans acting under NATO cover — or Israelis.
– Abdolmalek Rigi (1983 – 2010), founder of Jundallah in interview with Press TV (Iran)

Extracts from the article ‘Israeli Mossad agents posed as CIA spies to recruit terrorists to fight against Iran’ in Ha’aretz (Israel), 13 January 2012:

Israeli Mossad agents posed as CIA officers in order to recruit members of a Pakistani terror group to carry out assassinations and attacks against the regime in Iran, Foreign Policy revealed on Friday, quoting U.S. intelligence memos. Foreign Policy’s Mark Perry reported that the Mossad operation was carried out in 2007-2008, behind the back of the U.S. government, and infuriated then U.S. President George W. Bush.

According to a currently serving U.S. intelligence officer, Perry reports, when Bush was briefed on the information he “went absolutely ballistic.”

Perry quotes a number of American intelligence officials and claims that the Mossad agents used American dollars and U.S. passports to pose as CIA spies to try to recruit members of Jundallah, a Pakistan-based Sunni extremist organization that has carried out a series of attacks in Iran and assassinations of government officials.

According to the report, Israel’s recruitment attempts took place mostly in London, right under the nose of U.S. intelligence officials. “It’s amazing what the Israelis thought they could get away with,” Foreign Policy quoted an intelligence officer as saying. “Their recruitment activities were nearly in the open. They apparently didn’t give a damn what we thought.”

“The report sparked White House concerns that Israel’s program was putting Americans at risk,” the intelligence officer told Perry. “There’s no question that the U.S. has cooperated with Israel in intelligence-gathering operations against the Iranians, but this was different. No matter what anyone thinks, we’re not in the business of assassinating Iranian officials or killing Iranian civilians.”

The intelligence officer said that the Bush administration continued to deal with the affair until the end of his term. He noted that Israel’s operation jeopardized the U.S. administration’s fragile relationship with Pakistan, which was under immense pressure from Iran to crack down on Jundallah.

According to the intelligence officer, a senior administration official vowed to “take the gloves off” with Israel, but ultimately the U.S. did nothing.

“Israel is supposed to be working with us, not against us,” Foreign Policy quoted an intelligence officer as saying. “If they want to shed blood, it would help a lot if it was their blood and not ours. You know, they’re supposed to be a strategic asset. Well, guess what? There are a lot of people now, important people, who just don’t think that’s true.”

The following video by Russia Today features a 2010 interview with Webster Tarpley about the Iranian capture of Abdolmalek Rigi, the founder and former commander-in-chief of the terrorist group Jundallah. As one might expect, Tarpley does not even mention Israel or Israelis as he blames the CIA and NATO for being behind the terror attacks of Jundallah (basing his claims on Seymour Hersh and ABC News, no less).  This is typical Tarpley, who protects the Zionist state by consistently ignoring evidence of Israeli involvement in acts of false-flag terrorism – like 9/11.  To understand what’s behind Tarpley’s pro-Israel bias, see my article “Webster Tarpley’s Disinfo” from January 2010.”

Stuxnet: A Chronology (Ongoing)

October 2, 2010

The NY Times now backtracks, claiming that Israeli cyber warfare experts are “too smart” to leave a clue behind. inference…it must be a country that wants to implicate Israel, inference…is Iran (surprise).  Too clever by half, these folks. Another reason I believe Israel or an Israeli-backed team is behind Stuxnet is the fact that Wikileaks apparently had a reference to a possible nuclear “accident” in Iran in July 2009. That is around the time when some researchers argue Stuxnet infections first began.

October 2, 2010

Jeffrey Carr backs off from the allegation that Israel is the culprit, claiming that Ralph Langner was the sole source of the allegation and was irresponsible in posting it on his blog as though it were the opinion of the intelligence community. Carr quotes an earlier piece of his, along with these words:

“Last week I wrote about how the Israel-Iran conspiracy theory around the Stuxnet worm was built entirely on one security engineer’s personal conjecture (Ralph Langner) with absolutely no weighing of alternative possibilities for attribution, nor any objective assessment of the evidence.”

However, if you click on the earlier piece he cites, he wrote nothing of the sort in it. Nowhere in that piece did Carr claim that Langner was the sole source of the allegation; he quotes the NY Times as noting several people who’d reached the same conclusion. Also, there is no hint in the piece that he considered Langner’s allegation speculative or poorly founded. He cited it instead as a likely possibility. This is clear back-pedaling, probably provoked by the fear that the story might lead to a crackdown on Iranian dissidents and foreigners. Well, of course it will. But that’s not the fault of journalists reporting on the story. Or of Ralph Langner, who clearly states on his blog that he is “speculating” (see previous link).

The fault lies with the unknown cybercriminal/s who came up with Stuxnet.

“Stuxnet Speculation Fuels Crackdown By Iranian Intelligence,” Jeffrey Carr, The Firewall, Forbes, October 2, 2010/

*October 1, 2010

[See “Clues Emerge About Genesis Of Stuxnet Worm,” CS Monitor, October 1, 2010]

*October 1, 2010

[“Israel: Smart Enough To Create Stuxnet; Stupid Enough To Use It” War In Context, Oct. 1, 2010]

*October 1, 2010

Cryptome is arguing that Israel would never have done anything so sloppy as what’s alleged. Could it be that some group is deliberately playing off one side against the other, that is, playing divide-and-conquer? Or is this more “plausible deniability”?

On looking back, I notice that one of the first people to launch the “Israel did it” allegation is one Richard Falkenrath, who works for the Chertoff Group (my emphasis).

That makes me wonder.

Here’s Cryptome:

“Really? Personally I’d be surprised if a crack team of Israeli software engineers were so sloppy that they relied on outdated rootkit technology (e.g. hooking the Nt*() calls used by Kernel32.LoadLibrary() and using UPX to pack code). Most of the Israeli developers I’ve met are pretty sharp. Just ask Erez Metula.

“It may be that the “myrtus” string from the recovered Stuxnet file path

“b:\myrtus\src\objfre_w2k_x86\i386\guava.pdb” stands for “My-RTUs”

as in Remote Terminal Unit. See the following white paper from Motorola, it examines RTUs and PICs in SCADA systems. Who knows? The guava-myrtus connection may actually hold water.

As you can see, the media’s propaganda machine is alive and well.”

I am completely out of my depth in the technical part of this. But not in the propaganda part.

As an instance of the way group conflicts can be set off, think of how during the financial crisis there were an inordinate number of Indians being trotted out to do the explaining…and taking the brunt of the public’s anger, although last I looked, despite a respectable number of Indian billionaires, the head honchos of the major banks (with one exception) and the biggest and most important speculators, managers, and  international officials were not Indian, to phrase it as politely as possible.

Setting race and nation each against other is of course the modus operandi of the power elite, and both Kashmir and Israel have played that divisive role in the past….and continue to do so.

*October 1, 2010

A link to an Examiner piece is coming up right at the top of a Google search of Stuxnet and Israel. With all due respect to the author, who probably thinks he/she is on the side of the angels and simply preempting an outburst of anti-Semitism by this effort, the piece is quite misleading….and, apparently, deliberately so, as an examination of the other links listed here, from a variety of  sources in the West (see this NY Times pieces) will prove.

For instance, the Examiner piece doesn’t cite the reports from many western security companies and research teams (see links below) that have extensively researched the issue, nor does it acknowledge that it was these sites that first advanced the claim that Israel/Israeli hackers were likely responsible. Instead, it cites a Times of India piece that republishes the claims.

The attempt, apparently, is to mislead the public into thinking that the allegation of Israeli involvement is one mainly advanced by untrustworthy foreigners with axes to grind (note the description “Iran’s friend, India”).

“Another of Iran’s friends, India, is pushing the notion that Israel did it. According to an on Friday, “A Biblical reference has been detected in the code of the computer virus that points to Israel as the origin of the cyber attack.” It’s further explained that the word “myrtus” is in the code, and that this is a “reference to the myrtle tree”

In point of fact, it was western security companies and western researchers who came to that conclusion.  Moreover, the targets of the worm fit very well with Anglo-Zionist imperial objectives – covering as they do the largest Muslim populations in Asia.

[See “German Firm Employee May Have Created Stuxnet; Israel Blames.”, October 1, 2010

*September 30, 2010


“Buried in Stuxnet’s code is a marker with the digits “19790509” that the researchers believe is a “do-not infect” indicator. If the marker equals that value, Stuxnet stops in its tracks, and does not infect the targeted PC. The researchers — Nicolas Falliere, Liam O Murchu and Eric Chen — speculated that the marker represents a date: May 9, 1979. While on May 9, 1979, a variety of historical events occurred, according to WikipediaHabib Elghanian was executed by a firing squad in Tehran sending shock waves through the closely knit Iranian Jewish community,” the researchers wrote. Elghanian, a prominent Jewish-Iranian businessman, was charged with spying for Israel by the then-new revolutionary government of Iran, and executed May 9, 1979.”


“Last weekend, Iranian officials confirmed that tens of thousands of PCs in their country had been infected by Stuxnet, including some used at a nuclear power plant in southwestern Iran that’s planned to go online next month. The Symantec researchers also revealed a host of other Stuxnet details in their paper, including a “kill date” of June 24, 2012, after which the worm will refuse to execute.”

[See “Stuxnet Code Hints At Possible Israeli Origin, Researchers Say,” by Gregg Keizer, Symantec, Sept. 30, 2010]

*September 30, 2010

Symantec puts out a dossier of information on Stuxnet that includes the following:- attack scenario and timeline, infection statistics, malware architecture, description of all the exported routines, injection techniques and anti-AV, the RPC component, propagation methods, command and control feature, and the PLC infector.

Eric Chien summarizes findings about the worm:

“Only more recently did the general public realize Stuxnet’s ultimate goal was to sabotage an industrial control system.

Analyzing Stuxnet has been one of the most challenging issues we have worked on. The code is sophisticated, incredibly large, required numerous experts in different fields, and mostly bug-free, which is rare for your average piece of malware. Stuxnet is clearly not average. We estimate the core team was five to ten people and they developed Stuxnet over six months. The development was in all likelihood highly organized and thus this estimate doesn’t include the quality assurance and management resources needed to organize the development as well as a probable host of other resources required, such as people to setup test systems to mirror the target environment and maintain the command and control server.”

[See W32.Stuxnet Dossier, Eric Chien, Sept. 30, 2010]

*September 25, 2010


The director of the Information Technology Council of the Industries and Mines Ministry has announced that the IP addresses of 30,000 industrial computer systems infected by this malware have been detected, the Mehr New Agency reported on Saturday. An electronic war has been launched against Iran,” Mahmoud Liaii added.“This computer worm is designed to transfer data about production lines from our industrial plants to (locations) outside of the country,” he said.

[See “Iran Successfully Battling Cyber Attack,” Mehr News, Sept. 25, 2010]

*September 24, 2010

A piece in the Guardian suggests that a government agency is most likely behind the worm but warns against leaping to conclusions. It notes that many hackers/criminals might have become sophisticated enough to create a worm of this type. The piece notes that attacks against Iran have increased and that the identification of the worm was originally made by a Belarus security firm for an Iranian client and that Iran had been experiencing problems with their nuclear facility at Bushehr for months. It notes that the worm uses a stolen cryptographic key from the Taiwanese semiconductor manufacturer Realtek.

[See “Stuxnet Worm Is The Work Of A National Government Agency,” Josh Halliday, Guardian, Sept. 24, 2010]

“Stuxnet: The Trinity Test Of Cyberwarfare,” War In Context, Sept. 23, 2010

*September 16, 2010

Symantec researchers say that Stuxnet had to be created by a state, because it was the most devious and sophisticated malware they’d come across.


“I don’t think it was a private group,” said O Murchu. “They weren’t just after information, so a competitor is out. They wanted to reprogram the PLCs and operate the machinery in a way unintended by the real operators. That points to something more than industrial espionage.”

The necessary resources, and the money to finance the attack, puts it out the realm of a private hacking team, O Murchu said.

“This threat was specifically targeting Iran,” he continued. “It’s unique in that it was able to control machinery in the real world.”

“All the different circumstances, from the multiple zero-days to stolen certificates to its distribution, the most plausible scenario is a nation-state-backed group,” said Schouwenberg, who acknowledged that some people might think he was wearing a tin foil hat when he says such things. But the fact that Iran was the No. 1 target is telling.”

[See “Is Stuxnet the Best Malware Ever?” Gregg Keizer, Symantec Security Response, Sept. 16, 2010]

*September 13, 2010

German computer security research Ralph Langner speculates that Stuxnet is part of cyberwar:

Ralph’s theory — completely speculative from here

“It is hard to ignore the fact that the highest number of infections seems to be in Iran. Can we think of any reasonable target that would match the scenario? Yes, we can. Look at the Iranian nuclear program. Strange — they are presently having some technical difficulties down there in Bushehr. There also seem to be indications that the people in Bushehr don’t seem to be overly concerned about cyber security. When I saw this screenshot last year ( I thought, these guys seem to be begging to be attacked. If the picture is authentic, which I have no means of verifying, it suggests that approximately one and a half year before scheduled going operational of a nuke plant they’re playing around with software that is not properly licensed and configured. I have never seen anything like that even in the smallest cookie plant. The pure fact that the relevant authorities did not seem to make efforts to get this off the web suggests to me that they don’t understand (and therefore don’t worry about) the deeper message that this tells.

Now you may ask, what about the many other infections in India, Indonesia, Pakistan etc. Strange for such a directed attack. Than, on the other hand, probably not. Check who comissions the Bushehr plant. It’s a Russian integrator that also has business in some of the countries where we see high infection rates. What we also see is that this company too doesn’t seem to be overly concerned about IT security. As I am writing this, they’re having a compromised web site ( that tries to download stuff from a malware site that had been shut down more than two years ago ( So we’re talking about a company in nukes that seems to be running a compromised web presence for over two years? Strange.
I could give some other hints that have a smell for me but I think other researchers may be able to do a much better job on checking the validity of all this completely non-technical stuff. The one last bit of information that makes some sense for me is the clue that the attackers left in the code, as the fellows from Symantec pointed out — use your own imagination because you will think I’m completely nuts when I tell you my idea.

Welcome to cyberwar.”

[See “Stuxnet is a directed attack: hack of the century,” Ralph Langner]

*September 8, 2010

German computer security expert Ralph Langner writes to a friend:

Historical document: Ralph informs Joe Weiss what Stuxnet is. Note the date of the email.

*July 22, 2010

Symantec analyzed W32.Stuxnet as a worm that uses a  hitherto unknown Windows bug to attack and then searches the target for SCADA systems and design documents. SCADA is a network used to control utilities, transportation and other critical infrastructure. The worm then contacted Command &Control servers that control the infected machines and retrieved the stolen information. The servers were located in Malaysia and Symantec redirected traffic away from them to prevent the take-over of the information.

Within a 72 hours period Symantec identified close to 14,000 IP addresses infected with W32.Stuxnet trying to contact the C&C server. 58.85 % came from Iran, with the rest coming from Indonesia (18.22%), India (8.31%), with the Azerbaijan, US, and Pakistan making up the other affected countries, with under 2% each (this information is also provided at the Microsoft website).

[See Symantec Security Response,W32.Stuxnet – Network Information, Vikram Thakur, July 22, 2010]

*July 21, 2010


“The zero-day vulnerability, rootkit, main binaries, stolen digital certificates, and in-depth knowledge of SCADA software are all high-quality attack assets. The combination of these factors makes this threat extremely rare, if not completely novel.


The complexity and quality of the attack assets lead some to believe only a state would have the resources to conduct such an attack. However, the usage of the second digital certificate is a bit odd. One could make the case that once the first attack succeeded, a state would take cover and not waste the second digital certificate. Instead, by signing a very similar binary, security companies were immediately able to detect the second stolen certificate, making it useless in further compromises…..


.. Hackers bound by a common cause may target another country, organization, or company that they feel are their enemies. Such hacking groups often have the patience and expertise to gather such attack assets. Further, their goals of continued attack may lead them to continue to refine their attack as they are thwarted or discovered, such as resigning their driver files with a newly stolen digital certificate, modifying their binaries to avoid security product detection, and moving their command-and-control hosts as they are decommissioned…..


…..This scenario [terrorism] is like something out of movie and, while for most attacks we’d immediately dismiss this as a possibility, given the amount and quality of the attack assets, terrorism even seems within the realms of possibility in this case.

[See “The Hackers Behind Stuxnet” by Patrick Fitzgerald, Symantec Security Response,  July 21, 2010]

*July 17, 2010

Researchers find that Stuxnet targets industrial control systems of the kind that control manufacturing and utility companies. It targets Siemens management software called Simatic WinCC, which runs on the Windows operating system.

The systems that run the Siemens software, called SCADA (supervisory control and data acquisition) systems, aren’t usually connected to the Internet, but the virus spreads when an infected USB stick is inserted. If it detects the Siemens software, the virus logs in using a default password.

[See “New Virus Targets Industrial Secrets,” Robert McMillan, Computer World, July 17, 2010]

*July 16, 2010

Symantec starts a blog series on the Stuxnet infection that continues through the summer and into September

[See also Microsoft Security Advisory, July 16, 2010 and Krebson Security, July 16, 2010]

*July 7, 2010

Stuxnet could well have caused the glitch in the solar panels of India’s Insat-4B satellite on July 7, 2010. That led to the shutting down of 12 out of 24 of the transponders and 70% of the customers dependent on Direct to Home (DTH) including those using Doordarshan (Indian TV), Sun TV and Tata’s VSNL. The customers were redirected to point to the Chinese satellite  ASIASAT-5, owned and operated by Asia Satellite Telecommunications Co., Ltd (AsiaSat) whose two main shareholders are General Electric (GE) and China International Trust and Investment Co. (CITIC), a state-owned company

[See “Did The Stuxnet Worm Kill India’s INSAT-4B Satellite?” by Jeffrey Carr, The Firewall,, Sept. 29, 2010]

*June 16, 2010

Symantec Security Response Team begins its investigation into the Stuxnet worm. The first sample dates from June 2010, but the team believes the worm dates back a year, or maybe even earlier.

*June 2010

The malware is first identified by a Belarus security company, Virusblokada, for its Iranian client.

[See Symantec Security Response, webpage, Sept 30, 2010]

*January 2010

Stuxnet infection begins, according to Symantec

*July 2009

Stuxnet infection begins, according to to Kasperksy