Friday, November 25, 2011

Stuxnet

Andrew's earlier post that mentioned the current state of Iran's nuclear program reminded me of a few articles I read recently about one of the wildest things I have ever heard. Around mid-2009 programmers everywhere began discovering a computer worm that had infected industrial programs around the world. The worm was initially found in all kinds of places, with the only common thread being that it infected solely software made by the company Siemens, but after close examination it was determined that the purpose of the worm was to mess with the centrifuges at nuclear facilities.
It soon became clear that this worm, now being called Stuxnet, was meant as a direct attack on Iran's nuclear program when roughly 1/5 of Iran's nuclear centrifuges were destroyed. The virus works in a truly ingenious fashion, not only does it speed up the centrifuges that are responsible for enriching low quality uranium into weapons grade material until they are over-full with gas and explode, bust at the same time it sends false information to the monitoring centers at a plant that makes it seem like everything is normal and running just as it should be. Especially hard-hit was the Iranian nuclear facility Natanz, where over 1000 of their centrifuges exploded, causing the plant to shut down for over a year.
The origin of the worm is still technically unknown but there are strong clues that it was developed as a joint U.S.-Israeli effort to prevent or at least hinder Tehran's development of a nuclear weapon. For starters, in 2008 the U.S. government formed a partnership with many software manufacturers, including Siemens, to look for and fix potential cybervulnerabilities in their systems. This gave the government the opportunity to closely examine Siemens products, including the specific SCADA systems that were later targeted by the worm, as well as to identify several well-hidden holes in the software that the worm exploited. Then, earlier this year it was discovered that the Israelis had built a model facility that spun centrifuges identical to those in iran deep underground at the Dimona nuclear complex in the Negev Desert. This facility is said to have been the testing ground for the Stuxnet worm, to make sure it would work as plan once released.
Soon after the Stuxnet attacks began Secretary of State Hillary Clinton and the head of Israel's Mossad announced separately that they believed that Iran's efforts to achieve nuclear arms capabilities had been set back by as much as five years, although Clinton cited increased U.S. sanctions and international pressure as the cause. Those estimates were amended to a one to two year set back and just recently, Iran seems to have finally overcome the damage caused by Stuxnet by developing a new generation of centrifuges that are both safer and faster.
I found all this information about the computer worm extremely interesting and it just shows the huge role cyber warfare currently has and will continue to have in global conflicts. That a crippling blow to an entire country's nuclear efforts was dealt with just an e-mail or USB drive is amazing.

9 comments:

Rebecca Hu said...

This post comes to show just how vulnerable we as humans are to the expanding power of the cyberspace. We are quickly transitioning from an age of human intelligence espionage into technical intelligence gathering and spying. The fact that a project as well guarded as the Iran nuclear program has undergone sophisticated attacks from a computer worm demonstrates the vast amount of information that can be readily collected and infiltrated via the computer network. The enormity of this Stuxnet attack should be a reminder to us all about the dangers of the Internet - with the extraordinarily rapid development of technology over the past few decades, we should definitely appreciate the new lifestyle and abundant luxuries that it has brought to our lives, but at the same time, we should take precautions about the level of personal exposure that we now risk when we meddle with the likes of the Internet.

Zhili Liang said...

I think this as less of a focus on the "internet," but more general, in the expanding power of information. Certainly, spies and scouts existed from the very beginnings of war. I do not know how many of us play Real-time strategy games, but information is critical in predicting and countering your opponent's moves. The "Stuxnet" could have done more than just targeted the centrifuges; it could have sent information on the location, database, and other information involved in any type of research. Certainly, the internet is part of it, but the "exchange of information," or more in focus, the "stealing and protection" of information, is what we have to pay attention to.

Tl;dr: Stuxnet highlights information of technology, spread of software, and the possible sabotage that the breakdown of technology can cause. Okayfine.

Sabrina Imbler said...

Just to follow up Gabe's post, another variant of the Stuxnet worm (this time called "Duqu") with remarkably similar coding has ben discovered by the Laboratory of Cryptography and Systems Security at Budapest University of Technology and Economics sometime this autumn. While the two systems' creators may or may not be the same, the issue still stands that Duqu could augur yet another cyberattack on Iran (or anywhere else). But while Stuxnet's main purpose seemed to be gathering intelligence and sabotaging equipment at the Natanz plant, Duqu is a trojan (spread through email, putatively innocuous, focused on stealing information). Some researchers believe that Duqu seeks blueprints to carry out a sabotage attack. Some believe that Duqu was most likely made by the creators of Stuxnet but with an entirely different purpose in mind. Others differ. For now, however, we cannot know and must wait until Duqu strikes. So--long follow-up aside--ever since Estonia, cyberwarfare has become a formidable force. And with the success of Stuxnet (Stewart Baker, former general counsel of the U.S. National Security Agency, said, "the first time we’ve actually seen a weapon created by a state to achieve a goal that you would otherwise have used multiple cruise missiles to achieve.”), modern warfare may be evolving away from the battlefield and toward the computer.

Maya Grossman said...

I think it is both amazingly cool and very scary that a virtual program can destroy an entire nuclear plant. It shows both the concerning dependence on computers that we have developed, and the ease with which they can be destroyed.
It's also scary to think that one of our enemies could develop a program such as Stuxnet and Duqu just as easily as we -or whomever truly created it- did.
Just as Sabrina said, warfare in today's world has changed from guns and knives to computer hacking and cyberwarfare. And with Stuxnet, it's not just stealing information. It's physically altering a nuclear power plant. And if they can destroy such a plant with a computer virus, what else could they do with it?

Rebecca Wysong said...

I have to say I never knew that this was happening. This is incredible that a software can destroy a 1/5 of a countries' nuclear capacity. I think that this really show the capacity that the internet and computer technology has on changing the way countries combat weapons and enemies. If this could happen with just one software, what could with more technology like this?

SimoneJacobs said...

I am equally awed by the concept of such futuristic technology. It makes you wonder if technological warfare is the next big step in international fighting, just as the development of Nuclear Warfare changed how we fight wars forever.

But I also have to say that Stuxnet is so fantastical that it feels like a conspiracy theory. It made me think of the previously posted "Umbrella Man" video.

Amy Jiang said...

Like all the people before me have posted, I am amazed by the seemingly endless power of technology. However, I find it how far human intelligence has come to be more impressive, as people are the ones that create technology. I almost want to believe that it's a good thing that warfare is moving away from the battlefield and into cyberspace, as it seems like there will be less lives lost. But if with an email can be used to deactivate a nuclear plant, it probably can also be used to blow one up... in which case, this cyberspace warfare could head much further south than battlefield warfare ever was: lives of innocent civilians all over the world would be impacted (almost like the Cold War). Even though I am sure we are far from refining technology to that power of destruction, I hope that this intelligence will not be used for purposes other than strictly virtual attacks (spying, scouting, etc).

Kevin Yeung said...

Nuclear facilities use some of the most technologically advanced computer systems in the world. If it is possible to disable such a complex system like nuclear facilities, many important systems are incredibly vulnerable. The United States and Israel have clearly Ok-ed the usage of computer viruses as a weapon. The possibilities of cyber-terrorism seem endless. Disabling Brazil's power grid during the extent of the Olympics. Re-routing airplanes within a hundred mile radius to Dulles airport or JFK on a holiday weekend. Norton Antivirus better step up their game.

Anna Olson said...

In addition to what seems to be in agreement with previously echoed sentiments of amazement over the capabilities of technology, I find it somewhat difficult to wrap my mind around the concept of cyber-warfare being a methodology that governments actively develop tools for. It's fascinating to think that something as seemingly basic as lines of code can cause so much damage, but it's also hard to reconcile that idea with the idea of bugs and viruses and such, which we frequently hear of in the context of email/bank account hacks and the like, being employed by governments (as opposed to scheming individuals/groups) as a powerful weapon.