Stuxnet a Sign of New Cyber Special-Operations Warfare?

Stuxnet has been called the first true cyber war weapon and the most advanced virus ever created. As time goes by, additional information on Stuxnet is leaking out. A FoxNews article released yesterday contained a lot of new and interesting details. Here is a summation of the information presented:

Complexity: Stuxnet attacked and penetrated a secure underground facility that had no external connections. The virus was specifically written to spread from machine to machine, and network to network until it found its target.

The command and control process of Stuxnet was also highly advanced, and was programmed to disappear once the target was penetrated.

“…During this time the worms reported back to two servers that had to be run by intelligence agencies, one in Denmark and one in Malaysia. The servers monitored the worms and were shut down once the worm had infiltrated Natanz. Efforts to find those servers since then have yielded no results.”

Target: When Stuxnet found the nuclear power plant network, it went to work attacking its main target, the centrifuge frequency converters.

“The worm then took control of the speed at which the centrifuges spun, making them turn so fast in a quick burst that they would be damaged but not destroyed. And at the same time, the worm masked that change in speed from being discovered at the centrifuges’ control panel.”

The centrifuges were not the only target, as the virus also attacked the Russian built steam turbine at the Bushehr plant.

Result: A physical attack against the nuclear plants this late in the game could have released a lot of radiation. According to the report, Stuxnet was created not to destroy the nuclear power plant, but to disable its ability to function. This it has done in spades.

An estimated 30,000 Iranian systems were infected by the worm. Of Iran’s 9000 centrifuges, it is estimated that only 3700 are now in use.

It is believed that it will take another year to clean up the effects of Stuxnet from the nuclear plant systems.

Also, Stuxnet has created a strong psychological warfare effect at the plants. Iranian intelligence officers have clamped down on the facilities, interrogating and monitoring many. Iranian scientists and engineers have been jailed, executed, or simply disappeared.

This was obviously a coordinated attack against Iran. One of the big clues that Iran was the main target is in the way the Centrifuge Frequency programs were attacked. Very specific commands had to be known about the frequency systems. Iran used two sources for the systems, one was a Finnish Company, but the other was an Iranian company. According to the article, no one knew about the Iranian source, not even the IAEA. 

We are seeing in Stuxnet a new era of special operations. An advanced cyber warfare unit and intelligence agency teamed up to form a very effective force. This team worked closely together with civilian SCADA system & nuclear power plant experts to try create the first true cyber weapon. Could this be the beginning of Cyber Spec-Op warfare? 

Advertisements

Happy Anniversary!

Okay, it’s only been 6 months, but it has really gone by fast. In June, Cyberarms turns 6 months old. I just wanted to take a second and thank everyone for visiting and sharing your thoughts. Our first month together saw 36 visitors. We now have about 20,000 visitors a month!

I am really pleasantly surprised. I have just shared things that I thought interesting; I am glad that others seem to enjoy these things too. I would like to invite everyone to please share your thoughts and comments. The field of computer security is very interesting, and there is always something new, let’s learn together!

We do have a large amount of comments automatically blocked by the spam filter. If you have placed a comment and it does not show up, I apologize. Please contact me; the spam guard probably blocked it.

One last thing, please let me know what you want to see on Cyberarms. Be it more technical articles, reviews, news, etc., all requests will be considered. If you have any questions, comments, or just want to introduce yourself, I can be reached at cyberarms(at)live.com.

One more last thing, just a quick shout out to Philo, thanks for being our most active poster! If you get a chance, check out Philo’s blog at http://philo-therepublicblog.blogspot.com/.

Thanks again!