The future of warfare may have just begun, but rather than being heralded by an explosion, it began without a sound or a single casualty.
It is the first of its kind, and could be a signal of the ways all wars are fought from now on. It is a cyber weapon so precise that it can destroy a target more effectively than a conventional explosive, and then simply delete itself, leaving the victims left to blame themselves. It is a weapon that is so terrible that it could conceivably do more than just damage physical objects, it could kill ideas. It is the Stuxnet worm, dubbed by many as the world first real weapon of cyberwarfare, and its first target was Iran.
The dawn of cyberwarfare
Stuxnet is almost like something out of a Tom Clancy novel. Rather than sending in missiles to destroy a nuclear plant that threatens the entire region and the world, and is overseen by a president who has claimed that he would like to see an entire race of people “wiped off the map,” a simple computer virus can be introduced that will do the job far more effectively. To attack a structure with missiles can lead to war, and besides, buildings can be rebuilt. But to infect a system so completely that the people using it begin to doubt their faith in their own abilities will have far more devastating long-term effects.
In a rare moment of openness from Iran, the nation has confirmed that the Stuxnet malware (the name stems from keywords buried in the code) that was originally discovered in July, has damaged the country’s nuclear ambitions. Although Iran is downplaying the incident, some reports suggest that the worm was so effective, it may have set back the Iranian nuclear program by several years.
Rather than simply infect a system and destroy everything it touches, Stuxnet is far more sophisticated than that, and far more effective as well.
The worm is smart and adaptable. When it enters a new system, it remains dormant and learns the security system of the computer. Once it can operate without raising alarm, it then seeks out very specific targets and begins to attack certain systems. Rather than simply destroy its targets, it does something far more effective—it misleads them.
In a nuclear enrichment program, a centrifuge is a fundamental tool needed to refine the uranium. Each centrifuge built follows the same basic mechanics, but the German manufacturer Siemens offers what many consider to be the best in the industry. Stuxnet sought out the Siemens controllers and took command of the way the centrifuge spins. But rather than simply forcing the machines to spin until they destroyed themselves—which the worm was more than capable of doing—Stuxnet made subtle, and far more devious changes to the machines.
When a uranium sample was inserted into a Stuxnet-infected centrifuge for refinement, the virus would command the machine to spin faster than it was designed for, then suddenly stop. The results were thousands of machines that wore out years ahead of schedule, and more importantly, ruined samples. But the real trick of the virus was that while it was sabotaging the machinery, it would falsify the readings and make it appear as if everything was operating within the expected parameters.
After months of this, the centrifuges began to wear down and break, but as the readings still appeared to be within the norms, the scientists associated with the project began to second guess themselves. Iranian security agents began to investigate the failures, and the staff at the nuclear facilities lived under a cloud of fear and suspicion. This went on for over a year. If the virus had managed to completely avoid detection, it eventually would have deleted itself entirely and left the Iranians wondering what they were doing wrong.
For 17 months, the virus managed to quietly work its way into the Iranian systems, slowly destroying vital samples and damaging necessary equipment. Perhaps more than the damage to the machinery and the samples was the chaos the program was thrown into.
The Iranians grudgingly admit some of the damage
Iranian President Mahmoud Ahmadinejad has claimed that Stuxnet “managed to create problems for a limited number of our centrifuges,” which is a change from Iran’s earlier assertion that the worm had infected 30,000 computers, but had not affected the nuclear facilities. Some reports suggest at the Natanz facility, which houses the Iranian enrichment programs, 5,084 out of 8,856 centrifuges in use at the Iranian nuclear facilities were taken offline, possibly due to damage, and the plant has been forced to shut down at least twice due to the effects of the virus.
Stuxnet also targeted the Russian-made steam turbine that powers the Bushehr facility, but it appears that the virus was discovered before any real damage could be done. If the virus had not been uncovered, it would eventually have run the RPMs of the turbines too high and caused irreparable damage to the entire power plant. Temperature and cooling systems have also been identified as targets, but the results of the worm on these systems isn’t clear.
The discovery of the worm
In June of this year, the Belarus-based antivirus specialists, VirusBlokAda found a previously unknown malware program on the computer of an Iranian customer. After researching it, the antivirus company discovered that it was specifically designed to target Siemens SCADA (supervisory control and data acquisition) management systems, which are devices used in large-scale manufacturing. The first clue that something was different about this worm was that once the alert had been raised, every company that tried to pass on the alert was subsequently attacked and forced to shut down for at least 24 hours. The methods and reasons for the attacks are still a mystery.
Once the virus had been discovered, companies like Symantec and Kaspersky, two of the largest antivirus companies in the world, as well as several intelligence agencies, began to research Stuxnet, and found results that quickly made it obvious that this was no ordinary malware.
By the end of September, Symantec had discovered that nearly 60-percent of all the machines infected in the world were located in Iran. Once that had been discovered, it became more and more apparent that the virus was not designed simply to cause problems, as many pieces of malware are, but it had a very specific purpose and a target. The level of sophistication was also well above anything seen before, prompting Ralph Langner, the computer security expert who first discovered the virus, to declare that it was “like the arrival of an F-35 into a World War I battlefield”.
A interesting and well-written article. Kudos to you, Mr. Fleming.
Really incredible story. It’s like something out of 24!
Well, as we have show the world…if we need to we can bomb them next.
back to the 20th century for iran they will get the god o'mighty stike they pray for mosses split the red sea and benny will nuke iran they had it comming for a long time
Clearly, Stuxnet was written by people with more degrees than they've had dates!
Keep in mind that if Iran does get a nuke it will be Hiroshima sized- any loged at Isreal will be returned with thermonuclear (hydrogen bombs) or neutron bombs- i.e.- no more Iran, and plenty of room for the Palestineans….
Thanks Mannie for reminding what this article is about. As said, a well researched article on how subtle a substantial attack can nowadays look like. To those critisizing Siemens, has it occurred to you that if Siemens would not sell the centrifuges to Iran, someone else would? Or that Siemens might actually have been helpful about the design of the virus? It is for sure much easier to design one against well known systems largely available in the West. No doubt that Irans ambitions are frightening an that they should be dealt with, as they were in this case and I must add in a remarkably sophisticated way. Seriously damaging the Iranian nuclear program quietly and without starting World War 3 was in my opinion the most valid way to deal with the issue.
I think blaming Siemens is the wrong conclusion to this article and misses the point. Siemens or not Siemens does not fundamentally change the equation. Smart action ,however, can.
By the way, Siemens surely pays Congressmen far more than you ever will, sounds like a tough battle.
I think we need to go viral on this. If you are a US citizen do as I did. Write your congressmen this.
"Dear congressmen,
I just read an article which stated that "Siemens" is responsible for helping the IRANians build their centrifuges. See "http://www.digitaltrends.com/computing/bits-before-bombs-how-stuxnet-crippled-irans-nuclear-dreams/2/" We have business with Siemens in this state as well as with other states. Why can't we use our leverage with Siemen's to get them to stop their collusion with the enemy. IRAN support all the terror groups in the middle east. How come we can't tell Siemens either they want to do business with us or the IRANians, not both. I want you to bring this up in the senate. I think your strong support of the defense establishment would be helpful in stopping Siemens. Also, I'm sure each computer OS the IRANians use is licensed from Microsoft. How can we let the IRANians continue to license Microsoft software. Should Microsoft revoke our enemies licenses. And if they are using the software illegally, shouldn't we go after them in an international court of law. They are using our technology to fight us. We have mechanisms in place to fight them. All we do is have to use them. Go after them economically. Don't let them have Window's 7. Send them back to the stone age where they belong!"
I'm sure if the people speak they will be heard. While in IRAN and elsewhere they can keep being quashed by their GOVT while complaining about everyone else! Let freedom ring!
Good point, Barry. I did some digging and you aren't alone. The protests got so bad that Siemens did cut ties with Iran. Eventually. http://www.jpost.com/IranianThreat/News/Article.a…
Why is Siemen's allowed to deal with IRAN to build the cents? Siemens should not be allowed to trade with the USA. Such a threat would stop the IRANIANS in a day. I don't understand how the Germans let this relationship continue! As for the IRANIANS I think they are very clever. So too were the Germans of bygone days. The fate is sealed in their 12th century attitudes towards females. Their repression of their own people will be their down fall, just you wait and see.
I sure hope the Iranians hack the Israelis back for this stunt
And I hope that Iran is incapacitated BEFORE they get the capability to launch ANY nukes. Iran is an adolescent regime run by a paranoid psychopath (president). They will get what they deserve eventually. I mean, really, the ONLY reason the U.S. hasn't invaded or declared war on Iran is because the Iranian region holds SO many of the worlds historic artifacts in cave drawings and original locations from thousands of years ago. I say wipe THEM (Iranians) off of the face of the Earth, starting with Ahmadinejad.
Come-on theirs a lot more to it then paranoid psychopaths. Its a religious government lead by the Muslims version of the pope. Your country is drowning in propaganda just like Iran; take your head out of the bucket an have a look around.
This guy is typical of the racist zionists who run Israel. He is filled with self righteous hatred toward an entire race of people, Arabs. He believes that it is righteous to advocate the mass murder of all of these people because he believes them to be inferior. He believes that God has chosen his people as superior to the Arabs and all other people. He believes that his god has given him the title to all the real estate in Jerusalem.
He thinks we should give him weapons and support his genocidal racist ideas.
Our government agrees. Our government is giving them over 3 BILLION dollars a year to carry out a broad campaign of assassination, sabotage and espionage against all of their neighbors.
It will not last.
I agree Ahmadinejad is a nutbag, but seriously people, are you reading the same article I am? It was a well written article regarding the advancement of viruses, specifically outlining the Stuxnet virus, how it incapacitated Iran's centrifuges, and how the virus works. There is no between the lines propaganda or support of Iran's hateful regime, which I agree, is hateful. I believe Mr. Fleming has written a really thorough, insightful article.