Stuxnet Worm Attacks Iranian Nuclear Computers

The Iranian regime's drive for a nuclear weapon has been one of the main foci of global diplomacy in recent years. The fear among many has been the actions of certain states (by which they meant "Israel") should diplomacy fail. Bombing Iran's sites as happened to Iraq's Osirak plant in 1981 would likely lead to regional conflict that could draw in the big powers of the world. Some outside-the-box thinking has prevented that with the Stuxnet worm. This cyber-weapon has attacked Iran's nuclear computers. Conventional bombing of sensitive high-tech targets is now officially obsolete.

Experts claim that the Stuxnet virus could not have been the work of a lone hacker. Instead, Symantec says a team of 5 to 10 working 6 months could have come up with it assuming adequate funding. Most claim that only a nation-state could have pulled it off. One reserves judgment on the grounds that one inspired programmer with world-class talent can do damn near anything.

Be that as it may, Symantec also says that 60% of the computers infected with Stuxnet are in Iran, some 63,000 of them. The means of delivery appears to be flashdrives. Sean McGurk, director of the Homeland Security Department's National Cybersecurity and Communications Integration Center (NCCIC) briefed reports last Friday. He waved a USB thumb drive at them saying, "This is actually Stuxnet."

Mr. McGurk also stated, "So far, we haven't seen any impacts or effects of what it does. We know it has the capability of physically addressing a component, but so far, we haven't seen it do anything." He added that the DHS Malware lab has been working with the Stuxnet virus, "In our malware lab, we actually have this hardware and software, and I've let this run wild to see what it would do, and so far, we haven't seen a lot of smoke coming out."

While there may not be any smoke in the DHS malware lab, there appears to be cyber-fire at Iran's Bushehr nuclear plant. The plant will start generating electricity in early 2011, a delay of a couple of months. While one Iranian official blamed hot weather for the delay, the most plausible explanation is a review of the computer systems at Bushehr.

The Stuxnet worm is a new kind of weapon, and governments will need to pay greater attention to cyberwarfare. "What we're seeing with Stuxnet is the first view of something new that doesn't need outside guidance by a human -- but can still take control of your infrastructure," says Michael Assante, former chief of industrial control systems cyber security research at the US Department of Energy's Idaho National Laboratory. "This is the first direct example of weaponized software, highly customized and designed to find a particular target."

One can guarantee that it will not be the last such example.

© Copyright 2010 by The Kensington Review, Jeff Myhre, PhD, Editor. No part of this publication may be reproduced without written consent. Produced using Ubuntu Linux.

Kensington Review Home