Cyber Warfare’s Pandora’s Box

11/29/2010 22:01

From FrontPage:

When the Stuxnet super-virus was first identified in June by a Belarus security firm, cyber-security experts across the globe worried that the infection could have a global effect. But, as software engineers continue to study lines of code in the sophisticated malware, it’s become clear to most [1] that Stuxnet was designed as a precision weapon with a single target in mind: Iran’s nuclear program. Yet, while the virus seems to have been successful in disrupting Iran’s nuclear ambitions for the time being, Stuxnet also represents a new kind of computer virus, one that some experts fear will be used to attack power plants and industrial facilities throughout the world. If terrorists were to get their hands on Stuxnet-like technology before the West develops effective countermeasures, the results could be catastrophic.

Computer security expert Ralph Langner described Stuxnet [2] as being akin to “the arrival of an F-35 into a World War I battlefield.” Unlike most viruses, Stuxnet was not designed to infiltrate a network solely through the internet. The computers used in Iran’s nuclear program are not connected to the internet, so that would have been a futile exercise. Instead, Stuxnet hopped from computer to computer by any means possible, always looking for its target. Experts suspect that an unsuspecting individual involved with Iran’s nuclear program eventually introduced the virus via an ordinary flash drive. Once Stuxnet found that it was where it was supposed to be, the virus went to work.

A typical virus targets a computer, almost always a PC. Stuxnet went after the Programmable Logic Controller (PLC) that controlled the thousands of centrifuges Iran installed to enrich uranium at its Natanz facility. The virus not only fooled the PLC into rapidly changing the speed of the centrifuges, it also prevented the PLC from reporting the change in speeds and it stopped the PLC from triggering any alarms. Operators were surely puzzled, for their control panels told them everything was running normally, but centrifuge after centrifuge was being wrecked by the severe changes in rotation speed. The result, many experts believe, is that thousands of the centrifuges were damaged over the course of the year that Stuxnet did its dirty work, undetected by anyone in Iran. These were high quality targets, for Iran needs centrifuges to refine the low grade uranium used for fuel into the high concentration, weapons-grade uranium.

Who did it? Most experts believe that something as sophisticated and complicated as Stuxnet could only be built using the resources of a rich nation-state. Israel and the United States are obvious candidates, but some believe that Russia and Germany may have participated in the project as well. Since the systems targeted were built by Siemens, a German firm, it seems likely that the company, the German government – or both – at least cooperated with the effort. If the reports of damage to Natanz are correct (Iran denies such reports of course) then the world owes whomever made the stealthy cyber-attack a debt of gratitude. Yet, there is another side to the coin. Now that the code is publicly available, it’s only a matter of time  before a hacker with less noble ends in mind modifies Stuxnet for more nefarious purposes.



Share |