Stuxnet – The Industrial Network Attack That Shook The World
When the Stuxnet virus was first discovered in June 2010 in the network systems of power-plants, traffic control systems and factories all around the world, it was immediately clear that this was no ordinary virus. Stuxnet was found to be twenty times more complex than any virus code seen before, giving it frightening capabilities. The strategy: while the virus convinces the system operators that everything is functioning normally, the code goes about to turn up the pressure inside Nuclear reactors or switches off oil pipelines.
No wonder Stuxnet shook up top military, intelligence and law enforcement officials in the USA, putting congress and the nation on high alert with a warning of cyber attacks against critical infrastructure in the country. With Stuxnet around both large industries and suburban homes were easy targets.
Most viruses enter into a network security system by making use of fake security clearance, but Stuxnet went about with a much more advanced strategy which entailed the use of authentic security clearance. Gaps in a system that operators are unaware of are called Zero days, and details of these network vulnerabilites gets sold for up to $100,000 on the black market. Every computer network has its gaps and Stuxnet had access to twenty of these zero days.
Once Stuxnet had entered industrial systems it started looking for the specific target it was programmed to attack: centrifuges that are responsible for spinning nuclear material at Iran’s uranium enrichment facilities. If this target was not present in a specific system Stuxnet would remain dormant.
It was obvious from the start that Stuxnet was designed as a weapon with a very specific intent – and this weapon was made entirely of computer code.
Network Attack Reach
According to the Institute for Science and International Security (ISIS) based in Washington, Stuxnet may have shut down 1000 centrifuges at Natanz, Iran’s main enrichment facility in 2010. In November of that same year the International Atomic Agency, the United Nation’s nuclear monitoring division, confirmed that Iran had suspended work at its nuclear facilities without giving an explanation for this highly unusual act. Many experts attributed responsibility to the Stuxnet virus.
In May 2011 the Iranian government admitted that Stuxnet had infected its Bushehr Nuclear facility while it was still under construction. Due to the virus’ presence in the network the facility could not be switched on as scheduled, lest it caused a national electricity blackout.
The Iranian government has responded by calling upon hackers globally to join the Iranian Revolutionary Guard and so assembled the second largest online army in the world. This cyberwar militia would be part of Basij (short for “Mobilization of the Oppressed”) tasked with infiltrating cyber borders which encompass the internet, TV and other media.
Who was it that pulled the trigger?
The short answer is: we don’t know. Rumour has it that the Stuxnet virus code contains references to the Hebrew Bible which has led some to speculate that Israel is responsible. Experts believe that Stuxnet required the largest and most expensive development in malware history, which would have required a team of highly capable programmers, in-depth knowledge of industrial processes and an interest in attacking industrial infrastructure… and many months, if not years to prepare. The Guardian, the BBC and The New York Times believe that their experts (unnamed) deduced from complexity of the code that only a nation-state would have had the capabilities to produce it.
Implications for Industrial Network Security
While Stuxnet is not the first case of hackers targeting industrial systems or the first obvious case of intentional cyberwarfare, it is the first malware that has managed to spy on and subvert an industrial system on factory floor level and control industrial operations through a PLC.
Stuxnet in Future
Nine months after the Stuxnet was first discovered as a virus that could crash Power Grids or destroy Oil Pipelines it became available online to be downloaded and redesigned by anyone. The importance of figuring out who it was that designed Stuxnet is now waning against the fears around how the virus could evolve in the very near future.
The Stuxnet weapon is currently available as open source code and there is no way of returning it to Pandora ’s Box or even controlling access.
In 2012 FBI Director, Robert Mueller told the U.S. House permanent Select Committee on Intelligence that he believes “the cyber threat will equal or surpass the threat from terrorism in the foreseeable future.” He pointed out that in modern times most of our day to day activities can somehow be associated with the internet, putting at risk our intellectual property, research and development, corporations’ plans and programs.
And this is the reality folks. With Stuxnet out there we have no way of knowing who might be using it or what their target will be. For all we know, the next Pearl Harbor might be a cyber attack.
Head over here to contact Profitek about our Industrial Firewall Systems and Network Security Solutions.
- Budich, Alicia (CBS News). FBI: Cyber threat might surpass terror threat. http://www.cbsnews.com/news/fbi-cyber-threat-might-surpass-terror-threat/ Published May 21, 2012. Accessed July 14, 2015.
- Fildes, Jonathan (23 September 2010). Stuxnet worm ‘targeted high-value Iranian assets’. BBC News. Retrieved 23 September 2010.
- Halliday, Josh (24 September 2010). Stuxnet worm is the ‘work of a national government agency’. London: The Guardian. Retrieved 27 September 2010.
- Hungry Beast. The Virus that Almost Started WW3. https://www.youtube.com/watch?v=7g0pi4J8auQ , Uploaded June 8, 2011.
- Kroft, Steve (CBS News). Stuxnet: Computer worm opens new era of warfare. https://www.youtube.com/watch?v=6WmaZYJwJng Published March 4, 2012.
- Markoff, John (26 September 2010). A Silent Attack, but Not a Subtle One. New York Times. Retrieved 27 September 2010.