Information Warfare: Stuxnet Never Ceases To Amaze

Archives

March 3, 2013: Internet security companies continue to study major league Cyber War weapons like Stuxnet and keep finding new angles to these powerful weapons. Stuxnet is espionage and sabotage software developed specifically to damage Iran’s uranium enrichment equipment. High-end cyber weapons like Stuxnet were designed to keep their activities hidden, and they did that for longer than earlier believed. It now appears that a beta version of Stuxnet was at work as early as 2005. It also appears that Stuxnet got into the Iranian enrichment facilities at least twice.

After the 2005 beta version, there were several more improved versions released. Iran believes that a more recent version of Stuxnet is still trying to gain access to the enrichment equipment. The more prudent (or paranoid) Iranian software experts believe that this new (3.0?) version of Stuxnet is already inside the enrichment control systems, waiting for the right time to do more major damage.

It was first believed that Stuxnet was released in late 2009, and thousands of computers were infected as the worm sought out its Iranian target. Initial dissection of Stuxnet indicated that it was designed to interrupt the operation of the control software used in various types of industrial and utility (power, water, sanitation) plants. Eventually, further analysis revealed that Stuxnet was programmed to subtly disrupt the operation of gas centrifuges used to turn uranium ore into nuclear plant fuel or, after more refining, into nuclear weapons grade material. It is now believed that the first attack was made before 2009, and another attack after that.

The Stuxnet "malware" was designed to hide itself in the control software of an industrial plant, making it very difficult to be sure you have cleaned all the malware out. This is the scariest aspect of Stuxnet and is still making Iranian officials nervous about other Stuxnet-type attacks. Although Iran eventually admitted that Stuxnet did damage, they would not reveal details of when Stuxnet got to the centrifuges or how long the malware was doing its thing before it was discovered and removed. But all this accounts for the unexplained slowdown with Iran getting new centrifuges working. Whoever created Stuxnet probably knows the extent of the damage because Stuxnet also had a "call home" capability.

Last year American and Israeli officials admitted that the industrial grade Cyber War weapons (like Stuxnet and several others) used against Iran in the last few years were indeed joint U.S.-Israel operations. Few other details were released, although many more rumors are now circulating. The U.S. and Israel were long suspected of being responsible for these "weapons grade" computer worms. Both nations had the motive to use, means to build, and opportunity to unleash these powerful Cyber War weapons against Iran and others that support terrorism.

The U.S. and Israel have been successful with "software attacks" in the past. This stuff doesn't get reported much in the general media, partly because it's so geeky and because there are no visuals. It is computer code and arcane tech skills that gets it to its target. The earlier attacks, especially Stuxnet, spread in a very controlled fashion, sometimes via agents who got an infected USB memory stick into an enemy facility. Even if some copies of these programs get out onto Internet connected PCs, they do not spread far. Worms and viruses designed to spread can go worldwide and infest millions of PCs within hours.

Despite all the secrecy, this stuff is very real and the pros are impressed by Stuxnet, even if the rest of us have not got much of a clue. The demonstrated capabilities of these Cyber War weapons usher in a new age in Internet based warfare. Amateur hour is over and the big dogs are in play. The Cyber War offensive by the U.S. and Israel appears to have been underway for years, using their stealth to remain hidden. There are probably more than three of these stealthy Cyber War applications in use and most of us will never hear about it until, and if, other such programs are discovered and their presence made public.