It is thought that a person working at an Iranian nuclear facility inserted a malware-infected USB drive into a computer. This malware is called Stuxnet and was developed by the USA and Israel specifically to damage Iranian centrifuges which were involved in enriching Uranium for development of a nuclear bomb. This set the Iranian nuclear program back by about 2 years.

This was the first known case of physical equipment being damaged by malware. It was the first case of cyber warfare.
The year was about 2005. This particular malware was designed in such a way that it mostly stayed dormant and made such subtle changes over such a long period of time, that no one noticed it for years.
#stuxnet
#virus
It was designed specifically to target PLCs, that is Programmable Logic Controllers. These are industrial computers that control industrial processes. In this case the target was centrifuges.

Iran had gone to great lengths to ensure security. For example the facility’s computers were not physically connected to any computer outside the facility. This is called an air gap. So there was seemingly no way to infiltrate these computers remotely via any kind of internet or extranet.

Stuxnet exploited at least 4 previously unknown Windows vulnerabilities. These are called zero day vulnerabilities – they are security flaws for which the vendor has not yet made a patch. Stuxnet was “discovered” in 2010, but it’s estimated that development on it probably began in 2005 under the George W Bush and Barak Obama administrations.

These administrations believed that if Iran were to develop atomic weapons, Israel would launch airstrikes against them, which could trigger a major conflict and destabilize the region. Developing and unleashing a cyberwarfare software weapon was seen as a nonviolent alternative. The program was labeled Operation Olympic Games.

It was designed to destroy the centrifuges that Iran was using to enrich uranium for its nuclear bomb program. Why is enrichment needed? Because Mined Uranium has only a small fraction of fissile U235 of 0.7%. It has to be at least 90% U235 in order to be used in a nuclear weapon. A centrifuge is used to spin uranium fast enough to separate the lighter U235 isotope from U238. The nature of these centrifuges is such that they tend to have a short lifetime. They get damaged in normal operation. But Stuxnet was able to damage many more than in normal operation.

Stuxnet altered Siemens PLC programming which caused the centrifuges to spin irregularly, damaging or destroying them more often in the process. And even more brilliantly, while this malfunction was happening, the worm used a vulnerability in the Siemens software to change the PLCs programming so that it would tell all the controlling computers that nothing was wrong. So it infected both the computer software and the control software running the PLCs.

How was the Stuxnet worm eventually detected? Only after it unexpectedly spread beyond the air gap of the Iranian nuclear facility. No one knows exactly how it got out.

Kaspersky lab estimates that it took a team of at least 10 developers 3 years to develop the worm.
Neither the US nor Israel have officially admitted to creating Stuxnet, and none of its developers have ever come forward.

Stuxnet showed, for the first time, that malware can actually affect the physical world, not just your PC or digital data. In this case it was destroying centrifuges. But subsequent cyberattacks have targeted other types of machines, for example Industroyer, developed by Russia-sponsored hackers, targeted industrial control systems and disrupted the Ukranian power grid in 2016. Stuxnet showed that almost nothing is off limits to hackers intent on malice. A hacker could conceivably take over and put such devices under the control of a malicious entity. Imagine someone taking over your IV drug dosage remotely while you’re in the hospital, or remotely driving your car.

ArvinAsh

View all posts

Don’t Miss Next Week’s Video. Subscribe Now!

Get Exclusive Content by Joining Patreon