Stuxnet (2009-2010): Virus in Real Life?

stuxnet

Viruses, whether virtual or real, have impacted our lives. If the virus is well known, more likely it caused a lot of damage and grief to people around the world. Virtual viruses, like worms and trojans, have been known to corrupt or steal sensitive information from one’s computer. Here is one of the most well known computer viruses in the last century:

Stuxnet (2009 – 2010)

The arrival of Stuxnet was like a cartoon villain come to life: it was the first computer virus designed specifically to cause damage in the real, as opposed to virtual, world. While previous malware programs may have caused secondary physical problems, Stuxnet was unique in that it targeted software that controls industrial systems. Specifically, Stuxnet was designed to damage machinery at Iran’s uranium enrichment facility in Natanz. Based on the available information, including data from the International Atomic Energy Agency, experts believe Stuxnet caused a large number of Iran’s centrifuges—essentially giant washing machines used to enrich uranium—to spin out of control and self-destruct. Though Stuxnet was discovered in 2010, it is believed to have first infected computers in Iran in 2009.

How does it work?

The worm initially spreads indiscriminately, but includes a highly specialized malware payload that is designed to target only Siemens supervisory control and data acquisition (SCADA) systems that are configured to control and monitor specific industrial processes. Stuxnet infects PLCs by subverting the Step-7 software application that is used to reprogram these devices.

Different variants of Stuxnet targeted five Iranian organizations, with the probable target widely suspected to be uranium enrichment infrastructure in Iran; Symantec noted in August 2010 that 60% of the infected computers worldwide were in Iran. Siemens stated that the worm has not caused any damage to its customers, but the Iran nuclear program, which uses embargoed Siemens equipment procured secretly, has been damaged by Stuxnet. Kaspersky Lab concluded that the sophisticated attack could only have been conducted “with nation-state support”. This was further supported by the F-Secure’s chief researcher Mikko Hyppönen who commented in a Stuxnet FAQ, “That’s what it would look like, yes”. It has been speculated that Israel and the United States may have been involved.

Share this:

Leave a Reply