Stuxnet a Sign of New Cyber Special-Operations Warfare?

Stuxnet has been called the first true cyber war weapon and the most advanced virus ever created. As time goes by, additional information on Stuxnet is leaking out. A FoxNews article released yesterday contained a lot of new and interesting details. Here is a summation of the information presented:

Complexity: Stuxnet attacked and penetrated a secure underground facility that had no external connections. The virus was specifically written to spread from machine to machine, and network to network until it found its target.

The command and control process of Stuxnet was also highly advanced, and was programmed to disappear once the target was penetrated.

“…During this time the worms reported back to two servers that had to be run by intelligence agencies, one in Denmark and one in Malaysia. The servers monitored the worms and were shut down once the worm had infiltrated Natanz. Efforts to find those servers since then have yielded no results.”

Target: When Stuxnet found the nuclear power plant network, it went to work attacking its main target, the centrifuge frequency converters.

“The worm then took control of the speed at which the centrifuges spun, making them turn so fast in a quick burst that they would be damaged but not destroyed. And at the same time, the worm masked that change in speed from being discovered at the centrifuges’ control panel.”

The centrifuges were not the only target, as the virus also attacked the Russian built steam turbine at the Bushehr plant.

Result: A physical attack against the nuclear plants this late in the game could have released a lot of radiation. According to the report, Stuxnet was created not to destroy the nuclear power plant, but to disable its ability to function. This it has done in spades.

An estimated 30,000 Iranian systems were infected by the worm. Of Iran’s 9000 centrifuges, it is estimated that only 3700 are now in use.

It is believed that it will take another year to clean up the effects of Stuxnet from the nuclear plant systems.

Also, Stuxnet has created a strong psychological warfare effect at the plants. Iranian intelligence officers have clamped down on the facilities, interrogating and monitoring many. Iranian scientists and engineers have been jailed, executed, or simply disappeared.

This was obviously a coordinated attack against Iran. One of the big clues that Iran was the main target is in the way the Centrifuge Frequency programs were attacked. Very specific commands had to be known about the frequency systems. Iran used two sources for the systems, one was a Finnish Company, but the other was an Iranian company. According to the article, no one knew about the Iranian source, not even the IAEA. 

We are seeing in Stuxnet a new era of special operations. An advanced cyber warfare unit and intelligence agency teamed up to form a very effective force. This team worked closely together with civilian SCADA system & nuclear power plant experts to try create the first true cyber weapon. Could this be the beginning of Cyber Spec-Op warfare? 

~ by D. Dieterle on November 28, 2010.

4 Responses to “Stuxnet a Sign of New Cyber Special-Operations Warfare?”

  1. Hey bud, writing a term paper on Win32.StuxNet now.

    BTW, Wikileaks is currently under a mass DDoS attack🙂

  2. ONe of the first things StuxNet attacked was an Indian spy satellite, leading to speculation that the chicoms may be behind all of this (china and India being in a nasty space race currently)

    But who really knows? That the most insidious thing about cyber-war. I think that if nothing else, the imminent deniability of cyber attacks will drive some serious clamp downs on the interwebs…

    • Yeah, that is very interesting. Jeffrey Carr (Forbes Firewall and Author of Inside Cyber Warfare: Mapping the Cyber Underworld) figured out the India Satellite thing, but he seems to be down playing it in more recent interviews.

      Also, it doesn’t fit the M.O. Stuxnet was supposed to be a stealth kinda thing. To run in the background and not be detected. Maybe it wasn’t Stuxnet, or maybe it was a false postive?

      Don’t know. Intelligence Agencies are mentioned as being involved with Stuxnet, but as far as I have seen no one has released publicly which intelligence agencies… Truthfully, people in the know probably already know who dunnit, but it may never be released to the public.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: