Stuxnet, The World's First Digital Weapon That Crippled Iran's Nuclear Facility


Stuxnet is known as a malware, first discovered in 2010.

The worm is also believed to have been developed jointly by the U.S. and Israel as a cyberweapon to cripple enemies' computer network, primarily developed to cause substantial damage to Iran's nuclear facility.

Stuxnet is extremely sophisticated, and capable of exploiting previous unknown zero-day vulnerabilities to infect computers and to spread.

And in the case of the Iranian nuclear facility, the malware was able to infect its PCs, as well as causing real-world physical effects, specifically because it targeted the facilities' centrifuges used to produce the enriched uranium that powers nuclear weapons and reactors.

The malware is believed to have been developed since 2005.

The Natanz uranium enrichment facility
The Natanz uranium enrichment facility

Stuxnet poses serious threat to all computer systems using its unparalleled ability to spread and its widespread infection rate. However, the malware does little or no harm to computers not involved in industrial facilities or uranium enrichment.

When it infects a system, it checks to see if that computer is running Microsoft Windows, and if it is connected to specific models of programmable logic controllers (PLCs) by Siemens or SCADA (Siemens supervisory control and data acquisition).

The worm can then alter the PLCs' programming by subverting the Step-7 software application that is used to reprogram these devices.

Taking advantages of PLCs that are used by computers to interact with and control industrial machinery, Stuxnet made the facility's uranium centrifuges to spin too quickly and/or for too long, literally damaging or destroying the delicate equipment.

And while the damage is in process, the operators of the system only saw the PLCs telling the computers that everything was working fine.

As a result, the damage went undetected for a period of time, or at least until it was already too late to respond.

Stuxnet was a classified project, with the code name 'Operation Olympic Games'.

Its development begun under U.S. President George W. Bush and continued under President Obama. While neither the U.S. or Israel has ever officially acknowledged developing Stuxnet, a 2011 video created to celebrate the retirement of Israeli Defense Forces leader and politician Gabi Ashkenazi, listed Stuxnet as one of the successes under his command.

It was reported that Stuxnet was U.S. and Israel's method to at least delay Iran's nuclear programs. The two nations fear that the facility could eventually help Iran develop its own nuclear weapons.

While Israel could easily launch airstrikes to Iran's facilities, the move could set a regional war. But with Stuxnet, the two countries can launch an attack to Iran, without any violence.

This is why Stuxnet was never intended to spread or infect anything beyond Iran's nuclear facility in Natanz.

Iran President Mahmoud Ahmadinejad when he visited Natanz uranium enrichment facility
Iran President Mahmoud Ahmadinejad when he visited Natanz uranium enrichment facility

Iran's nuclear facility wasn't connected to the internet. In other words, getting Stuxnet to infect its network can only be possible through physical access to its computers. In this case, the infection should be very well contained and wouldn't spread.

Unfortunately, the malware did end-up on an internet-connected computer.

As a result, the malware began to spread to the rest of the world due to its extremely sophisticated and aggressive nature.

According to Kaspesky Lab, the malware is so sophisticated that it's almost impossible for non state-sponsored hackers to create. Roel Schouwenberg from Kaspesky Lab estimated that it can take a team of ten coders two to three years to create this kind of worm, saying that it could only have been conducted "with nation-state support."

F-Secure's chief researcher Mikko Hyppönen, when asked if possible nation-state support was involved, agreed and said "That's what it would look like, yes."

According to Liam O'Murchu from the Security Technology and Response group at Symantec, Stuxnet was "by far the most complex piece of code that we've looked at — in a completely different league from anything we’d ever seen before."

Stuxnet reportedly ruined almost one fifth of Iran's nuclear centrifuges, and when spread to the internet, the malware has targeted industrial control systems, and infected some 200,000 computers and caused 1,000 machines to physically degrade.

Malware similar to Stuxnet include, and not limited to: Duqu and Flame.