Information Warfare: Sneaky Stuxnet Secrets

Archives

November 18, 2010:  Last month, Iran insisted the delay (until next year) in starting up the Bushehr nuclear plant had nothing to do with the Stuxnet computer worm. Now it appears they were right, and that Stuxnet was designed to shut down other parts of Iran's nuclear weapons program.

Stuxnet is an elaborate and well crafted Cyber War weapon  being blamed on Israel or the United States. It was only discovered four months ago. It was believed to have been released in late 2009, and millions of computers have been infected as the worm sought out its target. At first, the target was believed to be the Iranian nuclear power plant at Bushehr. Iran says they have cleaned the worm out of the Bushehr plant, but no one is sure about that, and now Bushehr is not going to start producing electricity this year, as scheduled. Iran says the delay was caused by a leak.

Iran also recently announced that several "spies" were arrested for getting Stuxnet into Bushehr. It was believed that some of those arrested were Russian technicians working at Bushehr, as many of them quickly left Iran after Iran began looking for traitors.

Stuxnet was designed to interrupt the operation of the control software used in various types of industrial and utility (power, water, sanitation) plants. But further analysis has revealed that Stuxnet was programmed to subtly disrupt the operation of gas centrifuges, which are used to enrich uranium to the point where it can be used as fuel for a nuclear warhead. This would seriously delay Iranian efforts to build an atomic bomb. Moreover, Stuxnet's dense and complex code appears to conceal even more surprises.

The Stuxnet "malware" was designed to hide itself in the control software of an industrial plant, making it very difficult to be sure you have cleaned all the malware out. This is the scariest aspect of Stuxnet, and is making Iranian officials nervous about other Stuxnet-type attacks having been made on Iran. The U.S. and Israel have been successful with "software attacks" in the past. This stuff doesn't get reported much in the general media, partly because it's so geeky, and because there are no visuals. It's computer code and arcane geekery that gets it to its target. But the stuff is real, and the pros are impressed by Stuxnet, even if the rest of us have not got much of a clue.